diff --git a/.github/workflows/beta-release.yml b/.github/workflows/beta-release.yml
index f19d3e607a..271ff679a9 100644
--- a/.github/workflows/beta-release.yml
+++ b/.github/workflows/beta-release.yml
@@ -97,16 +97,28 @@ jobs:
- name: Install Rust toolchain (for building native Python packages)
uses: dtolnay/rust-toolchain@stable
+ - name: Cache pip wheel cache (for compiled packages like real_ladybug)
+ uses: actions/cache@v4
+ with:
+ path: ~/Library/Caches/pip
+ key: pip-wheel-${{ runner.os }}-x64-${{ hashFiles('apps/backend/requirements.txt') }}
+ restore-keys: |
+ pip-wheel-${{ runner.os }}-x64-
+
- name: Cache bundled Python
uses: actions/cache@v4
with:
path: apps/frontend/python-runtime
- key: python-bundle-${{ runner.os }}-x64-3.12.8-rust
+ key: python-bundle-${{ runner.os }}-x64-3.12.8-rust-${{ hashFiles('apps/backend/requirements.txt') }}
restore-keys: |
- python-bundle-${{ runner.os }}-x64-
+ python-bundle-${{ runner.os }}-x64-3.12.8-rust-
- name: Build application
run: cd apps/frontend && npm run build
+ env:
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Package macOS (Intel)
run: |
@@ -116,6 +128,9 @@ jobs:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CSC_LINK: ${{ secrets.MAC_CERTIFICATE }}
CSC_KEY_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }}
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Notarize macOS Intel app
env:
@@ -181,16 +196,28 @@ jobs:
- name: Install dependencies
run: cd apps/frontend && npm ci
+ - name: Cache pip wheel cache
+ uses: actions/cache@v4
+ with:
+ path: ~/Library/Caches/pip
+ key: pip-wheel-${{ runner.os }}-arm64-${{ hashFiles('apps/backend/requirements.txt') }}
+ restore-keys: |
+ pip-wheel-${{ runner.os }}-arm64-
+
- name: Cache bundled Python
uses: actions/cache@v4
with:
path: apps/frontend/python-runtime
- key: python-bundle-${{ runner.os }}-arm64-3.12.8
+ key: python-bundle-${{ runner.os }}-arm64-3.12.8-${{ hashFiles('apps/backend/requirements.txt') }}
restore-keys: |
- python-bundle-${{ runner.os }}-arm64-
+ python-bundle-${{ runner.os }}-arm64-3.12.8-
- name: Build application
run: cd apps/frontend && npm run build
+ env:
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Package macOS (Apple Silicon)
run: |
@@ -200,6 +227,9 @@ jobs:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CSC_LINK: ${{ secrets.MAC_CERTIFICATE }}
CSC_KEY_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }}
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Notarize macOS ARM64 app
env:
@@ -235,6 +265,12 @@ jobs:
build-windows:
needs: create-tag
runs-on: windows-latest
+ permissions:
+ id-token: write # Required for OIDC authentication with Azure
+ contents: read
+ env:
+ # Job-level env so AZURE_CLIENT_ID is available for step-level if conditions
+ AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
steps:
- uses: actions/checkout@v4
with:
@@ -265,16 +301,28 @@ jobs:
- name: Install dependencies
run: cd apps/frontend && npm ci
+ - name: Cache pip wheel cache
+ uses: actions/cache@v4
+ with:
+ path: ~\AppData\Local\pip\Cache
+ key: pip-wheel-${{ runner.os }}-x64-${{ hashFiles('apps/backend/requirements.txt') }}
+ restore-keys: |
+ pip-wheel-${{ runner.os }}-x64-
+
- name: Cache bundled Python
uses: actions/cache@v4
with:
path: apps/frontend/python-runtime
- key: python-bundle-${{ runner.os }}-x64-3.12.8
+ key: python-bundle-${{ runner.os }}-x64-3.12.8-${{ hashFiles('apps/backend/requirements.txt') }}
restore-keys: |
- python-bundle-${{ runner.os }}-x64-
+ python-bundle-${{ runner.os }}-x64-3.12.8-
- name: Build application
run: cd apps/frontend && npm run build
+ env:
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Package Windows
shell: bash
@@ -283,8 +331,122 @@ jobs:
cd apps/frontend && npm run package:win -- --config.extraMetadata.version="$VERSION"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- CSC_LINK: ${{ secrets.WIN_CERTIFICATE }}
- CSC_KEY_PASSWORD: ${{ secrets.WIN_CERTIFICATE_PASSWORD }}
+ # Disable electron-builder's built-in signing (we use Azure Trusted Signing instead)
+ CSC_IDENTITY_AUTO_DISCOVERY: false
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
+
+ - name: Azure Login (OIDC)
+ if: env.AZURE_CLIENT_ID != ''
+ uses: azure/login@v2
+ with:
+ client-id: ${{ secrets.AZURE_CLIENT_ID }}
+ tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+ subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+ - name: Sign Windows executable with Azure Trusted Signing
+ if: env.AZURE_CLIENT_ID != ''
+ uses: azure/trusted-signing-action@v0.5.11
+ with:
+ endpoint: https://neu.codesigning.azure.net/
+ trusted-signing-account-name: ${{ secrets.AZURE_SIGNING_ACCOUNT }}
+ certificate-profile-name: ${{ secrets.AZURE_CERTIFICATE_PROFILE }}
+ files-folder: apps/frontend/dist
+ files-folder-filter: exe
+ file-digest: SHA256
+ timestamp-rfc3161: http://timestamp.acs.microsoft.com
+ timestamp-digest: SHA256
+
+ - name: Verify Windows executable is signed
+ if: env.AZURE_CLIENT_ID != ''
+ shell: pwsh
+ run: |
+ cd apps/frontend/dist
+ $exeFile = Get-ChildItem -Filter "*.exe" | Select-Object -First 1
+ if ($exeFile) {
+ Write-Host "Verifying signature on $($exeFile.Name)..."
+ $sig = Get-AuthenticodeSignature -FilePath $exeFile.FullName
+ if ($sig.Status -ne 'Valid') {
+ Write-Host "::error::Signature verification failed: $($sig.Status)"
+ Write-Host "::error::Status Message: $($sig.StatusMessage)"
+ exit 1
+ }
+ Write-Host "✅ Signature verified successfully"
+ Write-Host " Subject: $($sig.SignerCertificate.Subject)"
+ Write-Host " Issuer: $($sig.SignerCertificate.Issuer)"
+ Write-Host " Thumbprint: $($sig.SignerCertificate.Thumbprint)"
+ } else {
+ Write-Host "::error::No .exe file found to verify"
+ exit 1
+ }
+
+ - name: Regenerate checksums after signing
+ if: env.AZURE_CLIENT_ID != ''
+ shell: pwsh
+ run: |
+ $ErrorActionPreference = "Stop"
+ cd apps/frontend/dist
+
+ # Find the installer exe (electron-builder names it with "Setup" or just the app name)
+ # electron-builder produces one installer exe per build
+ $exeFiles = Get-ChildItem -Filter "*.exe"
+ if ($exeFiles.Count -eq 0) {
+ Write-Host "::error::No .exe files found in dist folder"
+ exit 1
+ }
+
+ Write-Host "Found $($exeFiles.Count) exe file(s): $($exeFiles.Name -join ', ')"
+
+ $ymlFile = "latest.yml"
+ if (-not (Test-Path $ymlFile)) {
+ Write-Host "::error::$ymlFile not found - cannot update checksums"
+ exit 1
+ }
+
+ $content = Get-Content $ymlFile -Raw
+ $originalContent = $content
+
+ # Process each exe file and update its hash in latest.yml
+ foreach ($exeFile in $exeFiles) {
+ Write-Host "Processing $($exeFile.Name)..."
+
+ # Compute SHA512 hash and convert to base64 (electron-builder format)
+ $bytes = [System.IO.File]::ReadAllBytes($exeFile.FullName)
+ $sha512 = [System.Security.Cryptography.SHA512]::Create()
+ $hashBytes = $sha512.ComputeHash($bytes)
+ $hash = [System.Convert]::ToBase64String($hashBytes)
+ $size = $exeFile.Length
+
+ Write-Host " Hash: $hash"
+ Write-Host " Size: $size"
+ }
+
+ # For electron-builder, latest.yml has a single file entry for the installer
+ # Update the sha512 and size for the primary exe (first one, typically the installer)
+ $primaryExe = $exeFiles | Select-Object -First 1
+ $bytes = [System.IO.File]::ReadAllBytes($primaryExe.FullName)
+ $sha512 = [System.Security.Cryptography.SHA512]::Create()
+ $hashBytes = $sha512.ComputeHash($bytes)
+ $hash = [System.Convert]::ToBase64String($hashBytes)
+ $size = $primaryExe.Length
+
+ # Update sha512 hash (base64 pattern: alphanumeric, +, /, =)
+ $content = $content -replace 'sha512: [A-Za-z0-9+/=]+', "sha512: $hash"
+ # Update size
+ $content = $content -replace 'size: \d+', "size: $size"
+
+ if ($content -eq $originalContent) {
+ Write-Host "::error::Checksum replacement failed - content unchanged. Check if latest.yml format has changed."
+ exit 1
+ }
+
+ Set-Content -Path $ymlFile -Value $content -NoNewline
+ Write-Host "✅ Updated $ymlFile with new base64 hash and size for $($primaryExe.Name)"
+
+ - name: Skip signing notice
+ if: env.AZURE_CLIENT_ID == ''
+ run: echo "::warning::Windows signing skipped - AZURE_CLIENT_ID not configured. The .exe will be unsigned."
- name: Upload artifacts
uses: actions/upload-artifact@v4
@@ -335,16 +497,28 @@ jobs:
flatpak install -y --user flathub org.freedesktop.Platform//25.08 org.freedesktop.Sdk//25.08
flatpak install -y --user flathub org.electronjs.Electron2.BaseApp//25.08
+ - name: Cache pip wheel cache
+ uses: actions/cache@v4
+ with:
+ path: ~/.cache/pip
+ key: pip-wheel-${{ runner.os }}-x64-${{ hashFiles('apps/backend/requirements.txt') }}
+ restore-keys: |
+ pip-wheel-${{ runner.os }}-x64-
+
- name: Cache bundled Python
uses: actions/cache@v4
with:
path: apps/frontend/python-runtime
- key: python-bundle-${{ runner.os }}-x64-3.12.8
+ key: python-bundle-${{ runner.os }}-x64-3.12.8-${{ hashFiles('apps/backend/requirements.txt') }}
restore-keys: |
- python-bundle-${{ runner.os }}-x64-
+ python-bundle-${{ runner.os }}-x64-3.12.8-
- name: Build application
run: cd apps/frontend && npm run build
+ env:
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Package Linux
run: |
@@ -352,6 +526,9 @@ jobs:
cd apps/frontend && npm run package:linux -- --config.extraMetadata.version="$VERSION"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Upload artifacts
uses: actions/upload-artifact@v4
diff --git a/.github/workflows/pr-auto-label.yml b/.github/workflows/pr-auto-label.yml
deleted file mode 100644
index ac6775e7b8..0000000000
--- a/.github/workflows/pr-auto-label.yml
+++ /dev/null
@@ -1,227 +0,0 @@
-name: PR Auto Label
-
-on:
- pull_request:
- types: [opened, synchronize, reopened]
-
-# Cancel in-progress runs for the same PR
-concurrency:
- group: pr-auto-label-${{ github.event.pull_request.number }}
- cancel-in-progress: true
-
-permissions:
- contents: read
- pull-requests: write
-
-jobs:
- label:
- name: Auto Label PR
- runs-on: ubuntu-latest
- # Don't run on fork PRs (they can't write labels)
- if: github.event.pull_request.head.repo.full_name == github.repository
- timeout-minutes: 5
- steps:
- - name: Auto-label PR
- uses: actions/github-script@v7
- with:
- retries: 3
- retry-exempt-status-codes: 400,401,403,404,422
- script: |
- const { owner, repo } = context.repo;
- const pr = context.payload.pull_request;
- const prNumber = pr.number;
- const title = pr.title;
-
- console.log(`::group::PR #${prNumber} - Auto-labeling`);
- console.log(`Title: ${title}`);
-
- const labelsToAdd = new Set();
- const labelsToRemove = new Set();
-
- // ═══════════════════════════════════════════════════════════════
- // TYPE LABELS (from PR title - Conventional Commits)
- // ═══════════════════════════════════════════════════════════════
- const typeMap = {
- 'feat': 'feature',
- 'fix': 'bug',
- 'docs': 'documentation',
- 'refactor': 'refactor',
- 'test': 'test',
- 'ci': 'ci',
- 'chore': 'chore',
- 'perf': 'performance',
- 'style': 'style',
- 'build': 'build'
- };
-
- const typeMatch = title.match(/^(\w+)(\(.+?\))?(!)?:/);
- if (typeMatch) {
- const type = typeMatch[1].toLowerCase();
- const isBreaking = typeMatch[3] === '!';
-
- if (typeMap[type]) {
- labelsToAdd.add(typeMap[type]);
- console.log(` 📝 Type: ${type} → ${typeMap[type]}`);
- }
-
- if (isBreaking) {
- labelsToAdd.add('breaking-change');
- console.log(` ⚠️ Breaking change detected`);
- }
- } else {
- console.log(` ⚠️ No conventional commit prefix found in title`);
- }
-
- // ═══════════════════════════════════════════════════════════════
- // AREA LABELS (from changed files)
- // ═══════════════════════════════════════════════════════════════
- let files = [];
- try {
- const { data } = await github.rest.pulls.listFiles({
- owner,
- repo,
- pull_number: prNumber,
- per_page: 100
- });
- files = data;
- } catch (e) {
- console.log(` ⚠️ Could not fetch files: ${e.message}`);
- }
-
- const areas = {
- frontend: false,
- backend: false,
- ci: false,
- docs: false,
- tests: false
- };
-
- for (const file of files) {
- const path = file.filename;
- if (path.startsWith('apps/frontend/')) areas.frontend = true;
- if (path.startsWith('apps/backend/')) areas.backend = true;
- if (path.startsWith('.github/')) areas.ci = true;
- if (path.endsWith('.md') || path.startsWith('docs/')) areas.docs = true;
- if (path.startsWith('tests/') || path.includes('.test.') || path.includes('.spec.')) areas.tests = true;
- }
-
- // Determine area label (mutually exclusive)
- const areaLabels = ['area/frontend', 'area/backend', 'area/fullstack', 'area/ci'];
-
- if (areas.frontend && areas.backend) {
- labelsToAdd.add('area/fullstack');
- areaLabels.filter(l => l !== 'area/fullstack').forEach(l => labelsToRemove.add(l));
- console.log(` 📁 Area: fullstack (${files.length} files)`);
- } else if (areas.frontend) {
- labelsToAdd.add('area/frontend');
- areaLabels.filter(l => l !== 'area/frontend').forEach(l => labelsToRemove.add(l));
- console.log(` 📁 Area: frontend (${files.length} files)`);
- } else if (areas.backend) {
- labelsToAdd.add('area/backend');
- areaLabels.filter(l => l !== 'area/backend').forEach(l => labelsToRemove.add(l));
- console.log(` 📁 Area: backend (${files.length} files)`);
- } else if (areas.ci) {
- labelsToAdd.add('area/ci');
- areaLabels.filter(l => l !== 'area/ci').forEach(l => labelsToRemove.add(l));
- console.log(` 📁 Area: ci (${files.length} files)`);
- }
-
- // ═══════════════════════════════════════════════════════════════
- // SIZE LABELS (from lines changed)
- // ═══════════════════════════════════════════════════════════════
- const additions = pr.additions || 0;
- const deletions = pr.deletions || 0;
- const totalLines = additions + deletions;
-
- const sizeLabels = ['size/XS', 'size/S', 'size/M', 'size/L', 'size/XL'];
- let sizeLabel;
-
- if (totalLines < 10) sizeLabel = 'size/XS';
- else if (totalLines < 100) sizeLabel = 'size/S';
- else if (totalLines < 500) sizeLabel = 'size/M';
- else if (totalLines < 1000) sizeLabel = 'size/L';
- else sizeLabel = 'size/XL';
-
- labelsToAdd.add(sizeLabel);
- sizeLabels.filter(l => l !== sizeLabel).forEach(l => labelsToRemove.add(l));
- console.log(` 📏 Size: ${sizeLabel} (+${additions}/-${deletions} = ${totalLines} lines)`);
-
- console.log('::endgroup::');
-
- // ═══════════════════════════════════════════════════════════════
- // APPLY LABELS
- // ═══════════════════════════════════════════════════════════════
- console.log(`::group::Applying labels`);
-
- // Remove old labels (in parallel)
- const removeArray = [...labelsToRemove].filter(l => !labelsToAdd.has(l));
- if (removeArray.length > 0) {
- const removePromises = removeArray.map(async (label) => {
- try {
- await github.rest.issues.removeLabel({
- owner,
- repo,
- issue_number: prNumber,
- name: label
- });
- console.log(` ✓ Removed: ${label}`);
- } catch (e) {
- if (e.status !== 404) {
- console.log(` ⚠ Could not remove ${label}: ${e.message}`);
- }
- }
- });
- await Promise.all(removePromises);
- }
-
- // Add new labels
- const addArray = [...labelsToAdd];
- if (addArray.length > 0) {
- try {
- await github.rest.issues.addLabels({
- owner,
- repo,
- issue_number: prNumber,
- labels: addArray
- });
- console.log(` ✓ Added: ${addArray.join(', ')}`);
- } catch (e) {
- // Some labels might not exist
- if (e.status === 404) {
- core.warning(`Some labels do not exist. Please create them in repository settings.`);
- // Try adding one by one
- for (const label of addArray) {
- try {
- await github.rest.issues.addLabels({
- owner,
- repo,
- issue_number: prNumber,
- labels: [label]
- });
- } catch (e2) {
- console.log(` ⚠ Label '${label}' does not exist`);
- }
- }
- } else {
- throw e;
- }
- }
- }
-
- console.log('::endgroup::');
-
- // Summary
- console.log(`✅ PR #${prNumber} labeled: ${addArray.join(', ')}`);
-
- // Write job summary
- core.summary
- .addHeading(`PR #${prNumber} Auto-Labels`, 3)
- .addTable([
- [{data: 'Category', header: true}, {data: 'Label', header: true}],
- ['Type', typeMatch ? typeMap[typeMatch[1].toLowerCase()] || 'none' : 'none'],
- ['Area', areas.frontend && areas.backend ? 'fullstack' : areas.frontend ? 'frontend' : areas.backend ? 'backend' : 'other'],
- ['Size', sizeLabel]
- ])
- .addRaw(`\n**Files changed:** ${files.length}\n`)
- .addRaw(`**Lines:** +${additions} / -${deletions}\n`);
- await core.summary.write();
diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml
new file mode 100644
index 0000000000..989eaec525
--- /dev/null
+++ b/.github/workflows/pr-labeler.yml
@@ -0,0 +1,320 @@
+name: PR Labeler
+
+on:
+ pull_request:
+ types: [opened, synchronize, reopened]
+
+concurrency:
+ group: pr-labeler-${{ github.event.pull_request.number }}
+ cancel-in-progress: true
+
+permissions:
+ contents: read
+ pull-requests: write
+
+jobs:
+ label:
+ name: Auto Label PR
+ runs-on: ubuntu-latest
+ # Security: Prevent fork PRs from modifying labels (they don't have write access)
+ if: github.event.pull_request.head.repo.full_name == github.repository
+ timeout-minutes: 5
+
+ steps:
+ - name: Label PR
+ uses: actions/github-script@v7
+ with:
+ retries: 3
+ retry-exempt-status-codes: 400,401,403,404,422
+ script: |
+ // ═══════════════════════════════════════════════════════════════
+ // CONFIGURATION - Single source of truth for all settings
+ // ═══════════════════════════════════════════════════════════════
+
+ const CONFIG = {
+ // Size thresholds (lines changed)
+ SIZE_THRESHOLDS: {
+ XS: 10,
+ S: 100,
+ M: 500,
+ L: 1000
+ },
+
+ // Conventional commit type mappings
+ TYPE_MAP: Object.freeze({
+ 'feat': 'feature',
+ 'fix': 'bug',
+ 'docs': 'documentation',
+ 'refactor': 'refactor',
+ 'test': 'test',
+ 'ci': 'ci',
+ 'chore': 'chore',
+ 'perf': 'performance',
+ 'style': 'style',
+ 'build': 'build'
+ }),
+
+ // Area detection paths
+ AREA_PATHS: Object.freeze({
+ frontend: 'apps/frontend/',
+ backend: 'apps/backend/',
+ ci: '.github/'
+ }),
+
+ // Label definitions
+ LABELS: Object.freeze({
+ SIZE: ['size/XS', 'size/S', 'size/M', 'size/L', 'size/XL'],
+ AREA: ['area/frontend', 'area/backend', 'area/fullstack', 'area/ci'],
+ STATUS: ['🔄 Checking', '✅ Ready for Review', '❌ Checks Failed'],
+ REVIEW: ['Missing AC Approval', 'AC: Approved', 'AC: Changes Requested', 'AC: Needs Re-review']
+ }),
+
+ // Pagination
+ MAX_FILES_PER_PAGE: 100
+ };
+
+ // ═══════════════════════════════════════════════════════════════
+ // HELPER FUNCTIONS - Small, focused, single responsibility
+ // ═══════════════════════════════════════════════════════════════
+
+ /**
+ * Safely parse conventional commit type from PR title
+ * @param {string} title - PR title
+ * @returns {{type: string|null, isBreaking: boolean}}
+ */
+ function parseConventionalCommit(title) {
+ if (!title || typeof title !== 'string') {
+ return { type: null, isBreaking: false };
+ }
+
+ // Limit input length to prevent ReDoS attacks
+ const safeTitle = title.slice(0, 200);
+ const match = safeTitle.match(/^(\w{1,20})(\([^)]{0,50}\))?(!)?:/);
+
+ if (!match) {
+ return { type: null, isBreaking: false };
+ }
+
+ return {
+ type: match[1].toLowerCase(),
+ isBreaking: match[3] === '!'
+ };
+ }
+
+ /**
+ * Determine size label based on lines changed
+ * @param {number} totalLines - Total lines changed
+ * @returns {string} Size label
+ */
+ function determineSizeLabel(totalLines) {
+ const { SIZE_THRESHOLDS } = CONFIG;
+
+ if (totalLines < SIZE_THRESHOLDS.XS) return 'size/XS';
+ if (totalLines < SIZE_THRESHOLDS.S) return 'size/S';
+ if (totalLines < SIZE_THRESHOLDS.M) return 'size/M';
+ if (totalLines < SIZE_THRESHOLDS.L) return 'size/L';
+ return 'size/XL';
+ }
+
+ /**
+ * Detect areas affected by file changes
+ * @param {Array} files - List of changed files
+ * @returns {{frontend: boolean, backend: boolean, ci: boolean}}
+ */
+ function detectAreas(files) {
+ const areas = { frontend: false, backend: false, ci: false };
+ const { AREA_PATHS } = CONFIG;
+
+ for (const file of files) {
+ const path = file.filename || '';
+ if (path.startsWith(AREA_PATHS.frontend)) areas.frontend = true;
+ if (path.startsWith(AREA_PATHS.backend)) areas.backend = true;
+ if (path.startsWith(AREA_PATHS.ci)) areas.ci = true;
+ }
+
+ return areas;
+ }
+
+ /**
+ * Determine area label based on detected areas
+ * @param {{frontend: boolean, backend: boolean, ci: boolean}} areas
+ * @returns {string|null} Area label or null
+ */
+ function determineAreaLabel(areas) {
+ if (areas.frontend && areas.backend) return 'area/fullstack';
+ if (areas.frontend) return 'area/frontend';
+ if (areas.backend) return 'area/backend';
+ if (areas.ci) return 'area/ci';
+ return null;
+ }
+
+ /**
+ * Remove labels from PR (with error handling)
+ * @param {Array} labels - Labels to remove
+ * @param {number} prNumber - PR number
+ */
+ async function removeLabels(labels, prNumber) {
+ const { owner, repo } = context.repo;
+
+ await Promise.allSettled(labels.map(async (label) => {
+ try {
+ await github.rest.issues.removeLabel({
+ owner,
+ repo,
+ issue_number: prNumber,
+ name: label
+ });
+ console.log(` ✓ Removed: ${label}`);
+ } catch (e) {
+ // 404 means label wasn't present - that's fine
+ if (e.status !== 404) {
+ console.log(` ⚠ Failed to remove ${label}: ${e.message}`);
+ }
+ }
+ }));
+ }
+
+ /**
+ * Add labels to PR (with error handling)
+ * @param {Array} labels - Labels to add
+ * @param {number} prNumber - PR number
+ */
+ async function addLabels(labels, prNumber) {
+ if (labels.length === 0) return;
+
+ const { owner, repo } = context.repo;
+
+ try {
+ await github.rest.issues.addLabels({
+ owner,
+ repo,
+ issue_number: prNumber,
+ labels
+ });
+ console.log(` ✓ Added: ${labels.join(', ')}`);
+ } catch (e) {
+ if (e.status === 404) {
+ core.warning(`One or more labels do not exist. Create them in repository settings.`);
+ } else {
+ throw e;
+ }
+ }
+ }
+
+ /**
+ * Fetch PR files with full pagination support
+ * @param {number} prNumber - PR number
+ * @returns {Array} List of all files (paginated)
+ */
+ async function fetchPRFiles(prNumber) {
+ const { owner, repo } = context.repo;
+
+ try {
+ // Use paginate to fetch ALL files, not just first 100
+ const files = await github.paginate(
+ github.rest.pulls.listFiles,
+ { owner, repo, pull_number: prNumber, per_page: CONFIG.MAX_FILES_PER_PAGE }
+ );
+ return files;
+ } catch (e) {
+ console.log(` ⚠ Could not fetch files: ${e.message}`);
+ return [];
+ }
+ }
+
+ // ═══════════════════════════════════════════════════════════════
+ // MAIN LOGIC - Orchestrates the labeling process
+ // ═══════════════════════════════════════════════════════════════
+
+ const { owner, repo } = context.repo;
+ const pr = context.payload.pull_request;
+ const prNumber = pr.number;
+ const title = pr.title || '';
+ const isNewPR = context.payload.action === 'opened' || context.payload.action === 'reopened';
+
+ console.log(`::group::PR #${prNumber} - Auto-labeling`);
+ console.log(`Title: ${title.slice(0, 100)}${title.length > 100 ? '...' : ''}`);
+ console.log(`Action: ${context.payload.action}`);
+
+ const labelsToAdd = new Set();
+ const labelsToRemove = new Set();
+
+ // 1. Parse conventional commit type
+ const { type, isBreaking } = parseConventionalCommit(title);
+ if (type && CONFIG.TYPE_MAP[type]) {
+ labelsToAdd.add(CONFIG.TYPE_MAP[type]);
+ console.log(` 📝 Type: ${type} → ${CONFIG.TYPE_MAP[type]}`);
+ } else {
+ console.log(` ℹ️ No conventional commit prefix detected`);
+ }
+
+ if (isBreaking) {
+ labelsToAdd.add('breaking-change');
+ console.log(` ⚠️ Breaking change detected`);
+ }
+
+ // 2. Detect areas from changed files
+ const files = await fetchPRFiles(prNumber);
+ const areas = detectAreas(files);
+ const areaLabel = determineAreaLabel(areas);
+
+ if (areaLabel) {
+ labelsToAdd.add(areaLabel);
+ CONFIG.LABELS.AREA.filter(l => l !== areaLabel).forEach(l => labelsToRemove.add(l));
+ console.log(` 📁 Area: ${areaLabel.replace('area/', '')}`);
+ }
+
+ // 3. Calculate size label
+ const totalLines = (pr.additions || 0) + (pr.deletions || 0);
+ const sizeLabel = determineSizeLabel(totalLines);
+ labelsToAdd.add(sizeLabel);
+ CONFIG.LABELS.SIZE.filter(l => l !== sizeLabel).forEach(l => labelsToRemove.add(l));
+ console.log(` 📏 Size: ${sizeLabel} (${totalLines} lines)`);
+
+ // 4. Set status label (only on new PRs - let pr-status-gate handle updates on pushes)
+ // Note: On synchronize events, CI workflows will trigger pr-status-gate when they complete
+ if (isNewPR) {
+ labelsToAdd.add('🔄 Checking');
+ CONFIG.LABELS.STATUS.filter(l => l !== '🔄 Checking').forEach(l => labelsToRemove.add(l));
+ console.log(` 🔄 Status: Checking`);
+ } else {
+ console.log(` ℹ️ Status: Unchanged (will be updated by pr-status-gate)`);
+ }
+
+ // 5. Add review label for new PRs only
+ if (isNewPR) {
+ labelsToAdd.add('Missing AC Approval');
+ console.log(` ⏳ Review: Missing AC Approval`);
+ }
+
+ console.log('::endgroup::');
+
+ // 6. Apply label changes
+ console.log(`::group::Applying labels`);
+
+ // Remove labels that should be replaced (exclude ones we're adding)
+ const removeList = [...labelsToRemove].filter(l => !labelsToAdd.has(l));
+ await removeLabels(removeList, prNumber);
+
+ // Add new labels
+ await addLabels([...labelsToAdd], prNumber);
+
+ console.log('::endgroup::');
+ console.log(`✅ PR #${prNumber} labeled successfully`);
+
+ // 7. Write job summary
+ const summaryType = type ? CONFIG.TYPE_MAP[type] || 'unknown' : 'none';
+ const summaryArea = areaLabel ? areaLabel.replace('area/', '') : 'other';
+
+ await core.summary
+ .addHeading(`PR #${prNumber} Auto-Labels`, 3)
+ .addTable([
+ [{ data: 'Category', header: true }, { data: 'Label', header: true }],
+ ['Type', summaryType],
+ ['Area', summaryArea],
+ ['Size', sizeLabel],
+ ['Status', isNewPR ? '🔄 Checking' : '(unchanged)'],
+ ['Review', isNewPR ? 'Missing AC Approval' : '(unchanged)']
+ ])
+ .addRaw(`\n**Files:** ${files.length} | **Lines:** +${pr.additions || 0} / -${pr.deletions || 0}\n`)
+ .write();
diff --git a/.github/workflows/pr-status-check.yml b/.github/workflows/pr-status-check.yml
deleted file mode 100644
index 95c6239e94..0000000000
--- a/.github/workflows/pr-status-check.yml
+++ /dev/null
@@ -1,72 +0,0 @@
-name: PR Status Check
-
-on:
- pull_request:
- types: [opened, synchronize, reopened]
-
-# Cancel in-progress runs for the same PR
-concurrency:
- group: pr-status-${{ github.event.pull_request.number }}
- cancel-in-progress: true
-
-permissions:
- pull-requests: write
-
-jobs:
- mark-checking:
- name: Set Checking Status
- runs-on: ubuntu-latest
- # Don't run on fork PRs (they can't write labels)
- if: github.event.pull_request.head.repo.full_name == github.repository
- timeout-minutes: 5
- steps:
- - name: Update PR status label
- uses: actions/github-script@v7
- with:
- retries: 3
- retry-exempt-status-codes: 400,401,403,404,422
- script: |
- const { owner, repo } = context.repo;
- const prNumber = context.payload.pull_request.number;
- const statusLabels = ['🔄 Checking', '✅ Ready for Review', '❌ Checks Failed'];
-
- console.log(`::group::PR #${prNumber} - Setting status to Checking`);
-
- // Remove old status labels (parallel for speed)
- const removePromises = statusLabels.map(async (label) => {
- try {
- await github.rest.issues.removeLabel({
- owner,
- repo,
- issue_number: prNumber,
- name: label
- });
- console.log(` ✓ Removed: ${label}`);
- } catch (e) {
- if (e.status !== 404) {
- console.log(` ⚠ Could not remove ${label}: ${e.message}`);
- }
- }
- });
-
- await Promise.all(removePromises);
-
- // Add checking label
- try {
- await github.rest.issues.addLabels({
- owner,
- repo,
- issue_number: prNumber,
- labels: ['🔄 Checking']
- });
- console.log(` ✓ Added: 🔄 Checking`);
- } catch (e) {
- // Label might not exist - create helpful error
- if (e.status === 404) {
- core.warning(`Label '🔄 Checking' does not exist. Please create it in repository settings.`);
- }
- throw e;
- }
-
- console.log('::endgroup::');
- console.log(`✅ PR #${prNumber} marked as checking`);
diff --git a/.github/workflows/pr-status-gate.yml b/.github/workflows/pr-status-gate.yml
index b28b896d2b..69cb9bd593 100644
--- a/.github/workflows/pr-status-gate.yml
+++ b/.github/workflows/pr-status-gate.yml
@@ -5,187 +5,581 @@ on:
workflows: [CI, Lint, Quality Security]
types: [completed]
+ issue_comment:
+ types: [created, edited]
+
+ pull_request:
+ types: [synchronize]
+
+concurrency:
+ group: pr-status-gate-${{ github.event.workflow_run.pull_requests[0].number || github.event.issue.number || github.event.pull_request.number || github.run_id }}
+ cancel-in-progress: true
+
permissions:
pull-requests: write
checks: read
+env:
+ # Shared configuration - single source of truth
+ REQUIRED_CHECKS: |
+ CI / test-frontend
+ CI / test-python (3.12)
+ CI / test-python (3.13)
+ Lint / python
+ Quality Security / CodeQL (javascript-typescript)
+ Quality Security / CodeQL (python)
+ Quality Security / Python Security (Bandit)
+ Quality Security / Security Summary
+
jobs:
- update-status:
- name: Update PR Status
+ # ═══════════════════════════════════════════════════════════════════════════
+ # JOB 1: CI STATUS (triggered by workflow_run)
+ # Updates CI status labels when monitored workflows complete
+ # ═══════════════════════════════════════════════════════════════════════════
+ update-ci-status:
+ name: Update CI Status
runs-on: ubuntu-latest
- # Only run if this workflow_run is associated with a PR
- if: github.event.workflow_run.pull_requests[0] != null
+ if: github.event_name == 'workflow_run' && github.event.workflow_run.pull_requests[0] != null
timeout-minutes: 5
+
steps:
- name: Check all required checks and update label
uses: actions/github-script@v7
+ env:
+ REQUIRED_CHECKS: ${{ env.REQUIRED_CHECKS }}
with:
retries: 3
retry-exempt-status-codes: 400,401,403,404,422
script: |
- const { owner, repo } = context.repo;
+ // NOTE: STATUS_LABELS is intentionally duplicated across jobs.
+ // GitHub Actions jobs run in isolated contexts and cannot share runtime constants.
+ // If label values change, update ALL occurrences: update-ci-status, check-status-command
+ const STATUS_LABELS = Object.freeze({
+ CHECKING: '🔄 Checking',
+ PASSED: '✅ Ready for Review',
+ FAILED: '❌ Checks Failed'
+ });
+
+ const REQUIRED_CHECKS = process.env.REQUIRED_CHECKS
+ .split('\n')
+ .map(s => s.trim())
+ .filter(Boolean);
+
+ async function fetchCheckRuns(sha) {
+ const { owner, repo } = context.repo;
+ // Let the configured retries (retries: 3) handle transient failures
+ // Don't catch errors - allow them to propagate for retry logic
+ const checkRuns = await github.paginate(
+ github.rest.checks.listForRef,
+ { owner, repo, ref: sha, per_page: 100 },
+ (response) => response.data
+ );
+ return checkRuns;
+ }
+
+ function analyzeChecks(checkRuns) {
+ const results = [];
+ let allComplete = true;
+ let anyFailed = false;
+
+ for (const checkName of REQUIRED_CHECKS) {
+ const check = checkRuns.find(c => c.name === checkName);
+
+ if (!check) {
+ results.push({ name: checkName, status: '⏳ Pending', complete: false });
+ allComplete = false;
+ } else if (check.status !== 'completed') {
+ results.push({ name: checkName, status: '🔄 Running', complete: false });
+ allComplete = false;
+ } else if (check.conclusion === 'success') {
+ results.push({ name: checkName, status: '✅ Passed', complete: true });
+ } else if (check.conclusion === 'skipped') {
+ results.push({ name: checkName, status: '⏭️ Skipped', complete: true, skipped: true });
+ } else {
+ results.push({ name: checkName, status: '❌ Failed', complete: true, failed: true });
+ anyFailed = true;
+ }
+ }
+ return { allComplete, anyFailed, results };
+ }
+
+ async function updateStatusLabels(prNumber, newLabel) {
+ const { owner, repo } = context.repo;
+ const allLabels = Object.values(STATUS_LABELS);
+
+ // Remove all status labels first - throw on non-404 errors to prevent conflicting labels
+ for (const label of allLabels) {
+ try {
+ await github.rest.issues.removeLabel({ owner, repo, issue_number: prNumber, name: label });
+ } catch (e) {
+ if (e && e.status !== 404) {
+ // Throw to prevent adding new label if removal failed (could cause conflicting labels)
+ throw new Error(`Failed to remove label '${label}': ${e.message}`);
+ }
+ }
+ }
+
+ try {
+ await github.rest.issues.addLabels({ owner, repo, issue_number: prNumber, labels: [newLabel] });
+ } catch (e) {
+ if (e && e.status === 404) {
+ core.warning(`Label '${newLabel}' does not exist`);
+ } else {
+ throw e;
+ }
+ }
+ }
+
+ // Main logic
const prNumber = context.payload.workflow_run.pull_requests[0].number;
const headSha = context.payload.workflow_run.head_sha;
const triggerWorkflow = context.payload.workflow_run.name;
- // ═══════════════════════════════════════════════════════════════════════
- // REQUIRED CHECK RUNS - Job-level checks (not workflow-level)
- // ═══════════════════════════════════════════════════════════════════════
- // Format: "{Workflow Name} / {Job Name}" or "{Workflow Name} / {Job Custom Name}"
- //
- // To find check names: Go to PR → Checks tab → copy exact name
- // To update: Edit this list when workflow jobs are added/renamed/removed
- //
- // Last validated: 2026-01-02
- // ═══════════════════════════════════════════════════════════════════════
- const requiredChecks = [
- // CI workflow (ci.yml) - 3 checks
- 'CI / test-frontend',
- 'CI / test-python (3.12)',
- 'CI / test-python (3.13)',
- // Lint workflow (lint.yml) - 1 check
- 'Lint / python',
- // Quality Security workflow (quality-security.yml) - 4 checks
- 'Quality Security / CodeQL (javascript-typescript)',
- 'Quality Security / CodeQL (python)',
- 'Quality Security / Python Security (Bandit)',
- 'Quality Security / Security Summary'
- ];
+ console.log(`PR #${prNumber} - Triggered by: ${triggerWorkflow}, SHA: ${headSha.slice(0, 8)}`);
- const statusLabels = {
- checking: '🔄 Checking',
- passed: '✅ Ready for Review',
- failed: '❌ Checks Failed'
- };
+ const checkRuns = await fetchCheckRuns(headSha);
+ console.log(`Found ${checkRuns.length} check runs`);
+ const { allComplete, anyFailed, results } = analyzeChecks(checkRuns);
- console.log(`::group::PR #${prNumber} - Checking required checks`);
- console.log(`Triggered by: ${triggerWorkflow}`);
- console.log(`Head SHA: ${headSha}`);
- console.log(`Required checks: ${requiredChecks.length}`);
- console.log('');
+ for (const r of results) {
+ console.log(` ${r.status} ${r.name}`);
+ }
- // Fetch all check runs for this commit
- let allCheckRuns = [];
- try {
- const { data } = await github.rest.checks.listForRef({
- owner,
- repo,
- ref: headSha,
- per_page: 100
- });
- allCheckRuns = data.check_runs;
- console.log(`Found ${allCheckRuns.length} total check runs`);
- } catch (error) {
- // Add warning annotation so maintainers are alerted
- core.warning(`Failed to fetch check runs for PR #${prNumber}: ${error.message}. PR label may be outdated.`);
- console.log(`::error::Failed to fetch check runs: ${error.message}`);
- console.log('::endgroup::');
+ if (!allComplete) {
+ const pending = results.filter(r => !r.complete).length;
+ console.log(`⏳ ${pending}/${REQUIRED_CHECKS.length} checks pending`);
+ // Update to CHECKING status if checks are still running (prevents stale Ready/Failed status)
+ await updateStatusLabels(prNumber, STATUS_LABELS.CHECKING);
return;
}
+ const newLabel = anyFailed ? STATUS_LABELS.FAILED : STATUS_LABELS.PASSED;
+ await updateStatusLabels(prNumber, newLabel);
+
+ const passedCount = results.filter(r => r.status === '✅ Passed').length;
+ const failedCount = results.filter(r => r.failed).length;
+
+ if (anyFailed) {
+ console.log(`❌ PR #${prNumber}: ${failedCount} check(s) failed`);
+ } else {
+ console.log(`✅ PR #${prNumber}: Ready for review (${passedCount}/${REQUIRED_CHECKS.length} passed)`);
+ }
+
+ # ═══════════════════════════════════════════════════════════════════════════
+ # JOB 2: /check-status COMMAND
+ # Manual status check - anyone can trigger by commenting /check-status
+ # ═══════════════════════════════════════════════════════════════════════════
+ check-status-command:
+ name: Check Status Command
+ runs-on: ubuntu-latest
+ if: |
+ github.event_name == 'issue_comment' &&
+ github.event.issue.pull_request &&
+ contains(github.event.comment.body, '/check-status')
+ timeout-minutes: 5
+
+ steps:
+ - name: Run status check and post report
+ uses: actions/github-script@v7
+ env:
+ REQUIRED_CHECKS: ${{ env.REQUIRED_CHECKS }}
+ with:
+ retries: 3
+ retry-exempt-status-codes: 400,401,403,404,422
+ script: |
+ // NOTE: STATUS_LABELS is intentionally duplicated across jobs.
+ // GitHub Actions jobs run in isolated contexts and cannot share runtime constants.
+ // If label values change, update ALL occurrences: update-ci-status, check-status-command
+ const STATUS_LABELS = Object.freeze({
+ CHECKING: '🔄 Checking',
+ PASSED: '✅ Ready for Review',
+ FAILED: '❌ Checks Failed'
+ });
+
+ // NOTE: REVIEW_LABELS is intentionally duplicated across jobs.
+ // If label values change, update ALL occurrences: check-status-command, update-review-status
+ const REVIEW_LABELS = Object.freeze([
+ 'Missing AC Approval',
+ 'AC: Approved',
+ 'AC: Changes Requested',
+ 'AC: Blocked',
+ 'AC: Needs Re-review',
+ 'AC: Reviewed'
+ ]);
+
+ const REQUIRED_CHECKS = process.env.REQUIRED_CHECKS
+ .split('\n')
+ .map(s => s.trim())
+ .filter(Boolean);
+
+ const { owner, repo } = context.repo;
+ const prNumber = context.payload.issue.number;
+ const requestedBy = context.payload.comment.user.login;
+
+ // Get PR details
+ const { data: pr } = await github.rest.pulls.get({
+ owner, repo, pull_number: prNumber
+ });
+ const headSha = pr.head.sha;
+
+ console.log(`PR #${prNumber} - /check-status by @${requestedBy}, SHA: ${headSha.slice(0, 8)}`);
+
+ // Fetch check runs with pagination to handle >100 checks
+ const checkRuns = await github.paginate(
+ github.rest.checks.listForRef,
+ { owner, repo, ref: headSha, per_page: 100 },
+ (response) => response.data
+ );
+ console.log(`Found ${checkRuns.length} check runs`);
+
+ // Analyze results
+ const results = [];
let allComplete = true;
let anyFailed = false;
- const results = [];
- // Check each required check
- for (const checkName of requiredChecks) {
- const check = allCheckRuns.find(c => c.name === checkName);
+ for (const checkName of REQUIRED_CHECKS) {
+ const check = checkRuns.find(c => c.name === checkName);
if (!check) {
- results.push({ name: checkName, status: '⏳ Pending', complete: false });
+ results.push({ name: checkName, emoji: '⏳', complete: false });
allComplete = false;
} else if (check.status !== 'completed') {
- results.push({ name: checkName, status: '🔄 Running', complete: false });
+ results.push({ name: checkName, emoji: '🔄', complete: false });
allComplete = false;
} else if (check.conclusion === 'success') {
- results.push({ name: checkName, status: '✅ Passed', complete: true });
+ results.push({ name: checkName, emoji: '✅', complete: true });
} else if (check.conclusion === 'skipped') {
- // Skipped checks are treated as passed (e.g., path filters, conditional jobs)
- results.push({ name: checkName, status: '⏭️ Skipped', complete: true, skipped: true });
+ results.push({ name: checkName, emoji: '⏭️', complete: true, skipped: true });
} else {
- results.push({ name: checkName, status: '❌ Failed', complete: true, failed: true });
+ results.push({ name: checkName, emoji: '❌', complete: true, failed: true });
anyFailed = true;
}
}
- // Print results table
- console.log('');
- console.log('Check Status:');
- console.log('─'.repeat(70));
- for (const r of results) {
- const shortName = r.name.length > 55 ? r.name.substring(0, 52) + '...' : r.name;
- console.log(` ${r.status.padEnd(12)} ${shortName}`);
+ // Get current labels
+ const { data: currentLabels } = await github.rest.issues.listLabelsOnIssue({
+ owner, repo, issue_number: prNumber
+ });
+ const labelNames = currentLabels.map(l => l.name);
+ const currentStatusLabel = Object.values(STATUS_LABELS).find(l => labelNames.includes(l)) || 'None';
+ const currentReviewLabel = REVIEW_LABELS.find(l => labelNames.includes(l)) || 'None';
+
+ // Update label if all checks complete
+ let newStatusLabel = STATUS_LABELS.CHECKING;
+ let statusChanged = false;
+
+ if (allComplete) {
+ newStatusLabel = anyFailed ? STATUS_LABELS.FAILED : STATUS_LABELS.PASSED;
+
+ if (newStatusLabel !== currentStatusLabel) {
+ statusChanged = true;
+ // Remove all status labels first - throw on non-404 errors to prevent conflicting labels
+ for (const label of Object.values(STATUS_LABELS)) {
+ try {
+ await github.rest.issues.removeLabel({ owner, repo, issue_number: prNumber, name: label });
+ } catch (e) {
+ if (e && e.status !== 404) {
+ throw new Error(`Failed to remove label '${label}': ${e.message}`);
+ }
+ }
+ }
+ await github.rest.issues.addLabels({ owner, repo, issue_number: prNumber, labels: [newStatusLabel] });
+ }
}
- console.log('─'.repeat(70));
- console.log('::endgroup::');
- // Only update label if all required checks are complete
- if (!allComplete) {
- const pending = results.filter(r => !r.complete).length;
- console.log(`⏳ ${pending}/${requiredChecks.length} checks still pending - keeping current label`);
- return;
+ // Build status report
+ const passedCount = results.filter(r => r.emoji === '✅').length;
+ let statusEmoji = '🔄';
+ if (allComplete && !anyFailed) statusEmoji = '✅';
+ else if (allComplete && anyFailed) statusEmoji = '❌';
+
+ const checksTable = results.map(r => `| ${r.emoji} | ${r.name} |`).join('\n');
+
+ const lines = [
+ `## ${statusEmoji} PR Status Report`,
+ '',
+ `| Label | Value |`,
+ `|-------|-------|`,
+ `| CI Status | ${newStatusLabel} |`,
+ `| AC Review | ${currentReviewLabel} |`,
+ ''
+ ];
+
+ if (statusChanged) {
+ lines.push(`> Status updated: \`${currentStatusLabel}\` → \`${newStatusLabel}\``);
+ lines.push('');
}
- // Determine final label
- const newLabel = anyFailed ? statusLabels.failed : statusLabels.passed;
+ lines.push(`### CI Checks (${passedCount}/${REQUIRED_CHECKS.length} passed)`);
+ lines.push('');
+ lines.push('| Status | Check |');
+ lines.push('|--------|-------|');
+ lines.push(checksTable);
+ lines.push('');
+ lines.push('---');
+ lines.push(`Triggered by \`/check-status\` from @${requestedBy}`);
- console.log(`::group::Updating PR #${prNumber} label`);
+ await github.rest.issues.createComment({
+ owner, repo, issue_number: prNumber, body: lines.join('\n')
+ });
+
+ console.log(`✅ Posted status report to PR #${prNumber}`);
+
+ # ═══════════════════════════════════════════════════════════════════════════
+ # JOB 3: AUTO-CLAUDE REVIEW
+ # Processes Auto-Claude review comments from trusted sources
+ # Security: Only bots and collaborators can update labels
+ # ═══════════════════════════════════════════════════════════════════════════
+ update-review-status:
+ name: Update Review Status
+ runs-on: ubuntu-latest
+ if: |
+ github.event_name == 'issue_comment' &&
+ github.event.issue.pull_request &&
+ !contains(github.event.comment.body, '/check-status')
+ timeout-minutes: 5
+
+ steps:
+ - name: Check for Auto-Claude review
+ uses: actions/github-script@v7
+ with:
+ retries: 3
+ retry-exempt-status-codes: 400,401,403,404,422
+ script: |
+ // Security configuration
+ // SECURITY: Only [bot] suffixed accounts are protected by GitHub.
+ // Regular usernames can be registered by anyone and are NOT trusted.
+ const TRUSTED_BOT_ACCOUNTS = Object.freeze([
+ 'github-actions[bot]',
+ 'auto-claude[bot]'
+ ]);
+
+ const TRUSTED_AUTHOR_ASSOCIATIONS = Object.freeze([
+ 'COLLABORATOR',
+ 'MEMBER',
+ 'OWNER'
+ ]);
+
+ const IDENTIFIER_PATTERNS = Object.freeze([
+ '🤖 Auto Claude PR Review',
+ 'Auto Claude Review',
+ 'Auto-Claude Review'
+ ]);
+
+ // SECURITY: Regex patterns are tightened to prevent false matches
+ // Using \s* instead of .* and requiring specific emoji + verdict format
+ const VERDICTS = Object.freeze({
+ APPROVED: {
+ patterns: ['Auto Claude Review - APPROVED', '✅ Auto Claude Review - APPROVED'],
+ // Match: "Merge Verdict:" followed by whitespace/emoji, then ✅, then APPROVED/READY TO MERGE
+ regex: /Merge Verdict:\s*✅\s*(?:APPROVED|READY TO MERGE)/i,
+ label: 'AC: Approved'
+ },
+ CHANGES_REQUESTED: {
+ patterns: ['NEEDS REVISION', 'Needs Revision'],
+ // Match: "Merge Verdict:" followed by whitespace/emoji, then 🟠
+ regex: /Merge Verdict:\s*🟠/,
+ label: 'AC: Changes Requested'
+ },
+ BLOCKED: {
+ patterns: ['BLOCKED'],
+ // Match: "Merge Verdict:" followed by whitespace/emoji, then 🔴
+ regex: /Merge Verdict:\s*🔴/,
+ label: 'AC: Blocked'
+ }
+ });
+
+ // NOTE: REVIEW_LABELS is intentionally duplicated across jobs.
+ // GitHub Actions jobs run in isolated contexts and cannot share runtime constants.
+ // If label values change, update ALL occurrences: check-status-command, update-review-status
+ const REVIEW_LABELS = Object.freeze([
+ 'Missing AC Approval',
+ 'AC: Approved',
+ 'AC: Changes Requested',
+ 'AC: Blocked',
+ 'AC: Needs Re-review',
+ 'AC: Reviewed'
+ ]);
+
+ // Helper functions
+ // SECURITY: Verify both username AND account type to prevent spoofing
+ function isTrustedBot(username, userType) {
+ const isKnownBot = TRUSTED_BOT_ACCOUNTS.some(t => username.toLowerCase() === t.toLowerCase());
+ // Only trust if it's a known bot account AND GitHub confirms it's a Bot type
+ return isKnownBot && userType === 'Bot';
+ }
+
+ function isTrustedAssociation(assoc) {
+ return TRUSTED_AUTHOR_ASSOCIATIONS.includes(assoc);
+ }
+
+ function isAutoClaudeComment(body) {
+ return IDENTIFIER_PATTERNS.some(p => body.includes(p));
+ }
+
+ function parseVerdict(body) {
+ const safeBody = body.slice(0, 5000);
+ for (const [key, config] of Object.entries(VERDICTS)) {
+ const patternMatch = config.patterns.some(p => safeBody.includes(p));
+ const regexMatch = config.regex && config.regex.test(safeBody);
+ if (patternMatch || regexMatch) {
+ return { verdict: key, label: config.label };
+ }
+ }
+ return null;
+ }
+
+ async function updateReviewLabels(prNumber, newLabel) {
+ const { owner, repo } = context.repo;
+
+ // Remove all review labels first - throw on non-404 errors to prevent conflicting labels
+ for (const label of REVIEW_LABELS) {
+ try {
+ await github.rest.issues.removeLabel({ owner, repo, issue_number: prNumber, name: label });
+ console.log(` Removed: ${label}`);
+ } catch (e) {
+ if (e && e.status !== 404) {
+ // Throw to prevent adding new label if removal failed (could cause conflicting labels)
+ throw new Error(`Failed to remove label '${label}': ${e.message}`);
+ }
+ }
+ }
- // Remove old status labels
- for (const label of Object.values(statusLabels)) {
try {
- await github.rest.issues.removeLabel({
- owner,
- repo,
- issue_number: prNumber,
- name: label
- });
- console.log(` ✓ Removed: ${label}`);
+ await github.rest.issues.addLabels({ owner, repo, issue_number: prNumber, labels: [newLabel] });
+ console.log(` Added: ${newLabel}`);
} catch (e) {
- if (e.status !== 404) {
- console.log(` ⚠ Could not remove ${label}: ${e.message}`);
+ if (e && e.status === 404) {
+ core.warning(`Label '${newLabel}' does not exist`);
+ } else {
+ throw e;
}
}
}
- // Add final status label
+ // Main logic
+ const prNumber = context.payload.issue.number;
+ const comment = context.payload.comment;
+ const commenter = comment.user.login;
+ const commenterType = comment.user.type;
+ const authorAssociation = comment.author_association;
+ const body = comment.body || '';
+
+ console.log(`PR #${prNumber} - Comment by: ${commenter} (type: ${commenterType}, assoc: ${authorAssociation})`);
+
+ // Security checks
+ // SECURITY: Bot status requires BOTH username match AND verified Bot type
+ const isBot = isTrustedBot(commenter, commenterType);
+ const isCollaborator = isTrustedAssociation(authorAssociation);
+ const isACComment = isAutoClaudeComment(body);
+
+ console.log(` Trusted bot: ${isBot}, Collaborator: ${isCollaborator}, AC comment: ${isACComment}`);
+
+ if (!isBot && !isCollaborator) {
+ console.log('Skipping: Not a trusted bot or collaborator');
+ return;
+ }
+
+ if (!isACComment) {
+ console.log('Skipping: Not an Auto-Claude comment');
+ return;
+ }
+
+ const verdictResult = parseVerdict(body);
+ if (!verdictResult) {
+ console.log('Skipping: Could not parse verdict');
+ return;
+ }
+
+ console.log(`Verdict: ${verdictResult.verdict} → ${verdictResult.label}`);
+ await updateReviewLabels(prNumber, verdictResult.label);
+ console.log(`✅ PR #${prNumber} review status updated`);
+
+ # ═══════════════════════════════════════════════════════════════════════════
+ # JOB 4: RE-REVIEW ON PUSH
+ # When new commits pushed after AC approval, require re-review
+ # ═══════════════════════════════════════════════════════════════════════════
+ require-re-review:
+ name: Require Re-review on Push
+ runs-on: ubuntu-latest
+ if: github.event_name == 'pull_request' && github.event.action == 'synchronize'
+ timeout-minutes: 5
+
+ steps:
+ - name: Check and reset AC approval if needed
+ uses: actions/github-script@v7
+ with:
+ retries: 3
+ retry-exempt-status-codes: 400,401,403,404,422
+ script: |
+ const { owner, repo } = context.repo;
+ const prNumber = context.payload.pull_request.number;
+ const pusher = context.payload.sender.login;
+
+ console.log(`PR #${prNumber} - New commits by: ${pusher}`);
+
+ // Get current labels
+ const { data: labels } = await github.rest.issues.listLabelsOnIssue({
+ owner, repo, issue_number: prNumber
+ });
+ const labelNames = labels.map(l => l.name);
+
+ // Check if PR was approved
+ const wasApproved = labelNames.includes('AC: Approved');
+
+ if (!wasApproved) {
+ console.log('PR was not AC-approved, no action needed');
+ return;
+ }
+
+ console.log('PR was AC-approved, resetting to require re-review');
+
+ // Remove AC: Approved - throw on non-404 errors to prevent conflicting labels
try {
- await github.rest.issues.addLabels({
- owner,
- repo,
- issue_number: prNumber,
- labels: [newLabel]
+ await github.rest.issues.removeLabel({
+ owner, repo, issue_number: prNumber, name: 'AC: Approved'
});
- console.log(` ✓ Added: ${newLabel}`);
+ console.log(' Removed: AC: Approved');
} catch (e) {
- if (e.status === 404) {
- core.warning(`Label '${newLabel}' does not exist. Please create it in repository settings.`);
+ if (e && e.status !== 404) {
+ // Throw to prevent adding 'AC: Needs Re-review' if removal failed (could cause conflicting labels)
+ core.error(`Failed to remove 'AC: Approved' label: ${e.message}`);
+ throw e;
}
- throw e;
}
- console.log('::endgroup::');
+ // Add AC: Needs Re-review
+ try {
+ await github.rest.issues.addLabels({
+ owner, repo, issue_number: prNumber, labels: ['AC: Needs Re-review']
+ });
+ console.log(' Added: AC: Needs Re-review');
+ } catch (e) {
+ if (e && e.status === 404) {
+ core.warning("Label 'AC: Needs Re-review' does not exist");
+ } else {
+ throw e;
+ }
+ }
- // Summary
- const passedCount = results.filter(r => r.status === '✅ Passed').length;
- const skippedCount = results.filter(r => r.skipped).length;
- const failedCount = results.filter(r => r.failed).length;
+ // Post notification comment
+ const commentLines = [
+ '## 🔄 Re-review Required',
+ '',
+ 'New commits were pushed after Auto-Claude approval.',
+ '',
+ '| Previous | Current |',
+ '|----------|---------|',
+ '| `AC: Approved` | `AC: Needs Re-review` |',
+ '',
+ 'Please run Auto-Claude review again or request a manual review.',
+ '',
+ '---',
+ `Triggered by push from @${pusher}`
+ ];
- if (anyFailed) {
- console.log(`❌ PR #${prNumber} has ${failedCount} failing check(s)`);
- core.summary.addRaw(`## ❌ PR #${prNumber} - Checks Failed\n\n`);
- core.summary.addRaw(`**${failedCount}** of **${requiredChecks.length}** required checks failed.\n\n`);
- } else {
- const skippedNote = skippedCount > 0 ? ` (${skippedCount} skipped)` : '';
- const totalSuccessful = passedCount + skippedCount;
- console.log(`✅ PR #${prNumber} is ready for review (${totalSuccessful}/${requiredChecks.length} checks succeeded${skippedNote})`);
- core.summary.addRaw(`## ✅ PR #${prNumber} - Ready for Review\n\n`);
- core.summary.addRaw(`All **${requiredChecks.length}** required checks succeeded${skippedNote}.\n\n`);
- }
+ await github.rest.issues.createComment({
+ owner, repo, issue_number: prNumber, body: commentLines.join('\n')
+ });
- // Add results to summary
- core.summary.addTable([
- [{data: 'Check', header: true}, {data: 'Status', header: true}],
- ...results.map(r => [r.name, r.status])
- ]);
- await core.summary.write();
+ console.log(`✅ Posted re-review notification to PR #${prNumber}`);
diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml
index d50940c188..ac10837861 100644
--- a/.github/workflows/prepare-release.yml
+++ b/.github/workflows/prepare-release.yml
@@ -1,8 +1,10 @@
name: Prepare Release
# Triggers when code is pushed to main (e.g., merging develop → main)
-# If package.json version is newer than the latest tag, creates a new tag
-# which then triggers the release.yml workflow
+# If package.json version is newer than the latest tag:
+# 1. Validates CHANGELOG.md has an entry for this version (FAILS if missing)
+# 2. Extracts release notes from CHANGELOG.md
+# 3. Creates a new tag which triggers release.yml
on:
push:
@@ -67,8 +69,122 @@ jobs:
echo "⏭️ No release needed (package version not newer than latest tag)"
fi
- - name: Create and push tag
+ # CRITICAL: Validate CHANGELOG.md has entry for this version BEFORE creating tag
+ - name: Validate and extract changelog
if: steps.check.outputs.should_release == 'true'
+ id: changelog
+ run: |
+ VERSION="${{ steps.check.outputs.new_version }}"
+ CHANGELOG_FILE="CHANGELOG.md"
+
+ echo "🔍 Validating CHANGELOG.md for version $VERSION..."
+
+ if [ ! -f "$CHANGELOG_FILE" ]; then
+ echo "::error::CHANGELOG.md not found! Please create CHANGELOG.md with release notes."
+ exit 1
+ fi
+
+ # Extract changelog section for this version
+ # Looks for "## X.Y.Z" header and captures until next "## " or "---" or end
+ CHANGELOG_CONTENT=$(awk -v ver="$VERSION" '
+ BEGIN { found=0; content="" }
+ /^## / {
+ if (found) exit
+ # Match version at start of header (e.g., "## 2.7.3 -" or "## 2.7.3")
+ if ($2 == ver || $2 ~ "^"ver"[[:space:]]*-") {
+ found=1
+ # Skip the header line itself, we will add our own
+ next
+ }
+ }
+ /^---$/ { if (found) exit }
+ found { content = content $0 "\n" }
+ END {
+ if (!found) {
+ print "NOT_FOUND"
+ exit 1
+ }
+ # Trim leading/trailing whitespace
+ gsub(/^[[:space:]]+|[[:space:]]+$/, "", content)
+ print content
+ }
+ ' "$CHANGELOG_FILE")
+
+ if [ "$CHANGELOG_CONTENT" = "NOT_FOUND" ] || [ -z "$CHANGELOG_CONTENT" ]; then
+ echo ""
+ echo "::error::═══════════════════════════════════════════════════════════════════════"
+ echo "::error:: CHANGELOG VALIDATION FAILED"
+ echo "::error::═══════════════════════════════════════════════════════════════════════"
+ echo "::error::"
+ echo "::error:: Version $VERSION not found in CHANGELOG.md!"
+ echo "::error::"
+ echo "::error:: Before releasing, please update CHANGELOG.md with an entry like:"
+ echo "::error::"
+ echo "::error:: ## $VERSION - Your Release Title"
+ echo "::error::"
+ echo "::error:: ### ✨ New Features"
+ echo "::error:: - Feature description"
+ echo "::error::"
+ echo "::error:: ### 🐛 Bug Fixes"
+ echo "::error:: - Fix description"
+ echo "::error::"
+ echo "::error::═══════════════════════════════════════════════════════════════════════"
+ echo ""
+
+ # Also add to job summary for visibility
+ echo "## ❌ Release Blocked: Missing Changelog" >> $GITHUB_STEP_SUMMARY
+ echo "" >> $GITHUB_STEP_SUMMARY
+ echo "Version **$VERSION** was not found in CHANGELOG.md." >> $GITHUB_STEP_SUMMARY
+ echo "" >> $GITHUB_STEP_SUMMARY
+ echo "### How to fix:" >> $GITHUB_STEP_SUMMARY
+ echo "1. Update CHANGELOG.md with release notes for version $VERSION" >> $GITHUB_STEP_SUMMARY
+ echo "2. Commit and push the changes" >> $GITHUB_STEP_SUMMARY
+ echo "3. The release will automatically retry" >> $GITHUB_STEP_SUMMARY
+ echo "" >> $GITHUB_STEP_SUMMARY
+ echo "### Expected format:" >> $GITHUB_STEP_SUMMARY
+ echo "\`\`\`markdown" >> $GITHUB_STEP_SUMMARY
+ echo "## $VERSION - Release Title" >> $GITHUB_STEP_SUMMARY
+ echo "" >> $GITHUB_STEP_SUMMARY
+ echo "### ✨ New Features" >> $GITHUB_STEP_SUMMARY
+ echo "- Feature description" >> $GITHUB_STEP_SUMMARY
+ echo "" >> $GITHUB_STEP_SUMMARY
+ echo "### 🐛 Bug Fixes" >> $GITHUB_STEP_SUMMARY
+ echo "- Fix description" >> $GITHUB_STEP_SUMMARY
+ echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
+
+ exit 1
+ fi
+
+ echo "✅ Found changelog entry for version $VERSION"
+ echo ""
+ echo "--- Extracted Release Notes ---"
+ echo "$CHANGELOG_CONTENT"
+ echo "--- End Release Notes ---"
+
+ # Save changelog to file for artifact upload
+ echo "$CHANGELOG_CONTENT" > changelog-extract.md
+
+ # Also save to output (for short changelogs)
+ # Using heredoc for multiline output
+ {
+ echo "content<> $GITHUB_OUTPUT
+
+ echo "changelog_valid=true" >> $GITHUB_OUTPUT
+
+ # Upload changelog as artifact for release.yml to use
+ - name: Upload changelog artifact
+ if: steps.check.outputs.should_release == 'true' && steps.changelog.outputs.changelog_valid == 'true'
+ uses: actions/upload-artifact@v4
+ with:
+ name: changelog-${{ steps.check.outputs.new_version }}
+ path: changelog-extract.md
+ retention-days: 1
+
+ - name: Create and push tag
+ if: steps.check.outputs.should_release == 'true' && steps.changelog.outputs.changelog_valid == 'true'
run: |
VERSION="${{ steps.check.outputs.new_version }}"
TAG="v$VERSION"
@@ -85,17 +201,19 @@ jobs:
- name: Summary
run: |
- if [ "${{ steps.check.outputs.should_release }}" = "true" ]; then
+ if [ "${{ steps.check.outputs.should_release }}" = "true" ] && [ "${{ steps.changelog.outputs.changelog_valid }}" = "true" ]; then
echo "## 🚀 Release Triggered" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Version:** v${{ steps.check.outputs.new_version }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
+ echo "✅ Changelog validated and extracted from CHANGELOG.md" >> $GITHUB_STEP_SUMMARY
+ echo "" >> $GITHUB_STEP_SUMMARY
echo "The release workflow has been triggered and will:" >> $GITHUB_STEP_SUMMARY
echo "1. Build binaries for all platforms" >> $GITHUB_STEP_SUMMARY
- echo "2. Generate changelog from PRs" >> $GITHUB_STEP_SUMMARY
+ echo "2. Use changelog from CHANGELOG.md" >> $GITHUB_STEP_SUMMARY
echo "3. Create GitHub release" >> $GITHUB_STEP_SUMMARY
echo "4. Update README with new version" >> $GITHUB_STEP_SUMMARY
- else
+ elif [ "${{ steps.check.outputs.should_release }}" = "false" ]; then
echo "## ⏭️ No Release Needed" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Package version:** ${{ steps.package.outputs.version }}" >> $GITHUB_STEP_SUMMARY
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c6b6ddc99c..6ca7f72858 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -46,16 +46,28 @@ jobs:
- name: Install Rust toolchain (for building native Python packages)
uses: dtolnay/rust-toolchain@stable
+ - name: Cache pip wheel cache (for compiled packages like real_ladybug)
+ uses: actions/cache@v4
+ with:
+ path: ~/Library/Caches/pip
+ key: pip-wheel-${{ runner.os }}-x64-${{ hashFiles('apps/backend/requirements.txt') }}
+ restore-keys: |
+ pip-wheel-${{ runner.os }}-x64-
+
- name: Cache bundled Python
uses: actions/cache@v4
with:
path: apps/frontend/python-runtime
- key: python-bundle-${{ runner.os }}-x64-3.12.8-rust
+ key: python-bundle-${{ runner.os }}-x64-3.12.8-rust-${{ hashFiles('apps/backend/requirements.txt') }}
restore-keys: |
- python-bundle-${{ runner.os }}-x64-
+ python-bundle-${{ runner.os }}-x64-3.12.8-rust-
- name: Build application
run: cd apps/frontend && npm run build
+ env:
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Package macOS (Intel)
run: cd apps/frontend && npm run package:mac -- --x64
@@ -63,6 +75,9 @@ jobs:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CSC_LINK: ${{ secrets.MAC_CERTIFICATE }}
CSC_KEY_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }}
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Notarize macOS Intel app
env:
@@ -93,6 +108,8 @@ jobs:
path: |
apps/frontend/dist/*.dmg
apps/frontend/dist/*.zip
+ apps/frontend/dist/*.yml
+ apps/frontend/dist/*.blockmap
# Apple Silicon build on ARM64 runner for native compilation
build-macos-arm64:
@@ -123,16 +140,28 @@ jobs:
- name: Install dependencies
run: cd apps/frontend && npm ci
+ - name: Cache pip wheel cache
+ uses: actions/cache@v4
+ with:
+ path: ~/Library/Caches/pip
+ key: pip-wheel-${{ runner.os }}-arm64-${{ hashFiles('apps/backend/requirements.txt') }}
+ restore-keys: |
+ pip-wheel-${{ runner.os }}-arm64-
+
- name: Cache bundled Python
uses: actions/cache@v4
with:
path: apps/frontend/python-runtime
- key: python-bundle-${{ runner.os }}-arm64-3.12.8
+ key: python-bundle-${{ runner.os }}-arm64-3.12.8-${{ hashFiles('apps/backend/requirements.txt') }}
restore-keys: |
- python-bundle-${{ runner.os }}-arm64-
+ python-bundle-${{ runner.os }}-arm64-3.12.8-
- name: Build application
run: cd apps/frontend && npm run build
+ env:
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Package macOS (Apple Silicon)
run: cd apps/frontend && npm run package:mac -- --arm64
@@ -140,6 +169,9 @@ jobs:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CSC_LINK: ${{ secrets.MAC_CERTIFICATE }}
CSC_KEY_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }}
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Notarize macOS ARM64 app
env:
@@ -170,9 +202,17 @@ jobs:
path: |
apps/frontend/dist/*.dmg
apps/frontend/dist/*.zip
+ apps/frontend/dist/*.yml
+ apps/frontend/dist/*.blockmap
build-windows:
runs-on: windows-latest
+ permissions:
+ id-token: write # Required for OIDC authentication with Azure
+ contents: read
+ env:
+ # Job-level env so AZURE_CLIENT_ID is available for step-level if conditions
+ AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
steps:
- uses: actions/checkout@v4
@@ -200,23 +240,149 @@ jobs:
- name: Install dependencies
run: cd apps/frontend && npm ci
+ - name: Cache pip wheel cache
+ uses: actions/cache@v4
+ with:
+ path: ~\AppData\Local\pip\Cache
+ key: pip-wheel-${{ runner.os }}-x64-${{ hashFiles('apps/backend/requirements.txt') }}
+ restore-keys: |
+ pip-wheel-${{ runner.os }}-x64-
+
- name: Cache bundled Python
uses: actions/cache@v4
with:
path: apps/frontend/python-runtime
- key: python-bundle-${{ runner.os }}-x64-3.12.8
+ key: python-bundle-${{ runner.os }}-x64-3.12.8-${{ hashFiles('apps/backend/requirements.txt') }}
restore-keys: |
- python-bundle-${{ runner.os }}-x64-
+ python-bundle-${{ runner.os }}-x64-3.12.8-
- name: Build application
run: cd apps/frontend && npm run build
+ env:
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Package Windows
run: cd apps/frontend && npm run package:win
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- CSC_LINK: ${{ secrets.WIN_CERTIFICATE }}
- CSC_KEY_PASSWORD: ${{ secrets.WIN_CERTIFICATE_PASSWORD }}
+ # Disable electron-builder's built-in signing (we use Azure Trusted Signing instead)
+ CSC_IDENTITY_AUTO_DISCOVERY: false
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
+
+ - name: Azure Login (OIDC)
+ if: env.AZURE_CLIENT_ID != ''
+ uses: azure/login@v2
+ with:
+ client-id: ${{ secrets.AZURE_CLIENT_ID }}
+ tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+ subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+ - name: Sign Windows executable with Azure Trusted Signing
+ if: env.AZURE_CLIENT_ID != ''
+ uses: azure/trusted-signing-action@v0.5.11
+ with:
+ endpoint: https://neu.codesigning.azure.net/
+ trusted-signing-account-name: ${{ secrets.AZURE_SIGNING_ACCOUNT }}
+ certificate-profile-name: ${{ secrets.AZURE_CERTIFICATE_PROFILE }}
+ files-folder: apps/frontend/dist
+ files-folder-filter: exe
+ file-digest: SHA256
+ timestamp-rfc3161: http://timestamp.acs.microsoft.com
+ timestamp-digest: SHA256
+
+ - name: Verify Windows executable is signed
+ if: env.AZURE_CLIENT_ID != ''
+ shell: pwsh
+ run: |
+ cd apps/frontend/dist
+ $exeFile = Get-ChildItem -Filter "*.exe" | Select-Object -First 1
+ if ($exeFile) {
+ Write-Host "Verifying signature on $($exeFile.Name)..."
+ $sig = Get-AuthenticodeSignature -FilePath $exeFile.FullName
+ if ($sig.Status -ne 'Valid') {
+ Write-Host "::error::Signature verification failed: $($sig.Status)"
+ Write-Host "::error::Status Message: $($sig.StatusMessage)"
+ exit 1
+ }
+ Write-Host "✅ Signature verified successfully"
+ Write-Host " Subject: $($sig.SignerCertificate.Subject)"
+ Write-Host " Issuer: $($sig.SignerCertificate.Issuer)"
+ Write-Host " Thumbprint: $($sig.SignerCertificate.Thumbprint)"
+ } else {
+ Write-Host "::error::No .exe file found to verify"
+ exit 1
+ }
+
+ - name: Regenerate checksums after signing
+ if: env.AZURE_CLIENT_ID != ''
+ shell: pwsh
+ run: |
+ $ErrorActionPreference = "Stop"
+ cd apps/frontend/dist
+
+ # Find the installer exe (electron-builder names it with "Setup" or just the app name)
+ # electron-builder produces one installer exe per build
+ $exeFiles = Get-ChildItem -Filter "*.exe"
+ if ($exeFiles.Count -eq 0) {
+ Write-Host "::error::No .exe files found in dist folder"
+ exit 1
+ }
+
+ Write-Host "Found $($exeFiles.Count) exe file(s): $($exeFiles.Name -join ', ')"
+
+ $ymlFile = "latest.yml"
+ if (-not (Test-Path $ymlFile)) {
+ Write-Host "::error::$ymlFile not found - cannot update checksums"
+ exit 1
+ }
+
+ $content = Get-Content $ymlFile -Raw
+ $originalContent = $content
+
+ # Process each exe file and update its hash in latest.yml
+ foreach ($exeFile in $exeFiles) {
+ Write-Host "Processing $($exeFile.Name)..."
+
+ # Compute SHA512 hash and convert to base64 (electron-builder format)
+ $bytes = [System.IO.File]::ReadAllBytes($exeFile.FullName)
+ $sha512 = [System.Security.Cryptography.SHA512]::Create()
+ $hashBytes = $sha512.ComputeHash($bytes)
+ $hash = [System.Convert]::ToBase64String($hashBytes)
+ $size = $exeFile.Length
+
+ Write-Host " Hash: $hash"
+ Write-Host " Size: $size"
+ }
+
+ # For electron-builder, latest.yml has a single file entry for the installer
+ # Update the sha512 and size for the primary exe (first one, typically the installer)
+ $primaryExe = $exeFiles | Select-Object -First 1
+ $bytes = [System.IO.File]::ReadAllBytes($primaryExe.FullName)
+ $sha512 = [System.Security.Cryptography.SHA512]::Create()
+ $hashBytes = $sha512.ComputeHash($bytes)
+ $hash = [System.Convert]::ToBase64String($hashBytes)
+ $size = $primaryExe.Length
+
+ # Update sha512 hash (base64 pattern: alphanumeric, +, /, =)
+ $content = $content -replace 'sha512: [A-Za-z0-9+/=]+', "sha512: $hash"
+ # Update size
+ $content = $content -replace 'size: \d+', "size: $size"
+
+ if ($content -eq $originalContent) {
+ Write-Host "::error::Checksum replacement failed - content unchanged. Check if latest.yml format has changed."
+ exit 1
+ }
+
+ Set-Content -Path $ymlFile -Value $content -NoNewline
+ Write-Host "✅ Updated $ymlFile with new base64 hash and size for $($primaryExe.Name)"
+
+ - name: Skip signing notice
+ if: env.AZURE_CLIENT_ID == ''
+ run: echo "::warning::Windows signing skipped - AZURE_CLIENT_ID not configured. The .exe will be unsigned."
- name: Upload artifacts
uses: actions/upload-artifact@v4
@@ -224,6 +390,8 @@ jobs:
name: windows-builds
path: |
apps/frontend/dist/*.exe
+ apps/frontend/dist/*.yml
+ apps/frontend/dist/*.blockmap
build-linux:
runs-on: ubuntu-latest
@@ -261,21 +429,36 @@ jobs:
flatpak install -y --user flathub org.freedesktop.Platform//25.08 org.freedesktop.Sdk//25.08
flatpak install -y --user flathub org.electronjs.Electron2.BaseApp//25.08
+ - name: Cache pip wheel cache
+ uses: actions/cache@v4
+ with:
+ path: ~/.cache/pip
+ key: pip-wheel-${{ runner.os }}-x64-${{ hashFiles('apps/backend/requirements.txt') }}
+ restore-keys: |
+ pip-wheel-${{ runner.os }}-x64-
+
- name: Cache bundled Python
uses: actions/cache@v4
with:
path: apps/frontend/python-runtime
- key: python-bundle-${{ runner.os }}-x64-3.12.8
+ key: python-bundle-${{ runner.os }}-x64-3.12.8-${{ hashFiles('apps/backend/requirements.txt') }}
restore-keys: |
- python-bundle-${{ runner.os }}-x64-
+ python-bundle-${{ runner.os }}-x64-3.12.8-
- name: Build application
run: cd apps/frontend && npm run build
+ env:
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Package Linux
run: cd apps/frontend && npm run package:linux
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+ SENTRY_TRACES_SAMPLE_RATE: ${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}
+ SENTRY_PROFILES_SAMPLE_RATE: ${{ secrets.SENTRY_PROFILES_SAMPLE_RATE }}
- name: Upload artifacts
uses: actions/upload-artifact@v4
@@ -285,6 +468,8 @@ jobs:
apps/frontend/dist/*.AppImage
apps/frontend/dist/*.deb
apps/frontend/dist/*.flatpak
+ apps/frontend/dist/*.yml
+ apps/frontend/dist/*.blockmap
create-release:
needs: [build-macos-intel, build-macos-arm64, build-windows, build-linux]
@@ -304,16 +489,30 @@ jobs:
- name: Flatten and validate artifacts
run: |
mkdir -p release-assets
- find dist -type f \( -name "*.dmg" -o -name "*.zip" -o -name "*.exe" -o -name "*.AppImage" -o -name "*.deb" -o -name "*.flatpak" \) -exec cp {} release-assets/ \;
+ find dist -type f \( -name "*.dmg" -o -name "*.zip" -o -name "*.exe" -o -name "*.AppImage" -o -name "*.deb" -o -name "*.flatpak" -o -name "*.yml" -o -name "*.blockmap" \) -exec cp {} release-assets/ \;
- # Validate that at least one artifact was copied
- artifact_count=$(find release-assets -type f \( -name "*.dmg" -o -name "*.zip" -o -name "*.exe" -o -name "*.AppImage" -o -name "*.deb" -o -name "*.flatpak" \) | wc -l)
- if [ "$artifact_count" -eq 0 ]; then
- echo "::error::No build artifacts found! Expected .dmg, .zip, .exe, .AppImage, .deb, or .flatpak files."
+ # Validate that installer files exist (not just manifests)
+ installer_count=$(find release-assets -type f \( -name "*.dmg" -o -name "*.zip" -o -name "*.exe" -o -name "*.AppImage" -o -name "*.deb" -o -name "*.flatpak" \) | wc -l)
+ if [ "$installer_count" -eq 0 ]; then
+ echo "::error::No installer artifacts found! Expected .dmg, .zip, .exe, .AppImage, .deb, or .flatpak files."
exit 1
fi
- echo "Found $artifact_count artifact(s):"
+ echo "Found $installer_count installer(s):"
+ find release-assets -type f \( -name "*.dmg" -o -name "*.zip" -o -name "*.exe" -o -name "*.AppImage" -o -name "*.deb" -o -name "*.flatpak" \) -exec basename {} \;
+
+ # Validate that electron-updater manifest files are present (required for auto-updates)
+ yml_count=$(find release-assets -type f -name "*.yml" | wc -l)
+ if [ "$yml_count" -eq 0 ]; then
+ echo "::error::No update manifest (.yml) files found! Auto-update architecture detection will not work."
+ exit 1
+ fi
+
+ echo "Found $yml_count manifest file(s):"
+ find release-assets -type f -name "*.yml" -exec basename {} \;
+
+ echo ""
+ echo "All release assets:"
ls -la release-assets/
- name: Generate checksums
@@ -473,23 +672,78 @@ jobs:
cat release-assets/checksums.sha256 >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
- - name: Generate changelog
- if: ${{ github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && inputs.dry_run != true) }}
+ - name: Extract changelog from CHANGELOG.md
+ if: ${{ github.event_name == 'push' }}
id: changelog
- uses: release-drafter/release-drafter@v6
- with:
- config-name: release-drafter.yml
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ # Extract version from tag (v2.7.2 -> 2.7.2)
+ VERSION=${GITHUB_REF_NAME#v}
+ CHANGELOG_FILE="CHANGELOG.md"
+
+ echo "📋 Extracting release notes for version $VERSION from CHANGELOG.md..."
+
+ if [ ! -f "$CHANGELOG_FILE" ]; then
+ echo "::warning::CHANGELOG.md not found, using minimal release notes"
+ echo "body=Release v$VERSION" >> $GITHUB_OUTPUT
+ exit 0
+ fi
+
+ # Extract changelog section for this version
+ # Looks for "## X.Y.Z" header and captures until next "## " or "---"
+ CHANGELOG_CONTENT=$(awk -v ver="$VERSION" '
+ BEGIN { found=0; content="" }
+ /^## / {
+ if (found) exit
+ # Match version at start of header (e.g., "## 2.7.3 -" or "## 2.7.3")
+ if ($2 == ver || $2 ~ "^"ver"[[:space:]]*-") {
+ found=1
+ next
+ }
+ }
+ /^---$/ { if (found) exit }
+ found { content = content $0 "\n" }
+ END {
+ if (!found) {
+ print "NOT_FOUND"
+ exit 0
+ }
+ # Trim leading/trailing whitespace
+ gsub(/^[[:space:]]+|[[:space:]]+$/, "", content)
+ print content
+ }
+ ' "$CHANGELOG_FILE")
+
+ if [ "$CHANGELOG_CONTENT" = "NOT_FOUND" ] || [ -z "$CHANGELOG_CONTENT" ]; then
+ echo "::warning::Version $VERSION not found in CHANGELOG.md, using minimal release notes"
+ CHANGELOG_CONTENT="Release v$VERSION
+
+See [CHANGELOG.md](https://github.com/${{ github.repository }}/blob/main/CHANGELOG.md) for details."
+ fi
+
+ echo "✅ Extracted changelog content"
+
+ # Save to file first (more reliable for multiline)
+ echo "$CHANGELOG_CONTENT" > changelog-body.md
+
+ # Use file-based output for multiline content
+ {
+ echo "body<> $GITHUB_OUTPUT
- name: Create Release
- if: ${{ github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && inputs.dry_run != true) }}
+ if: ${{ github.event_name == 'push' }}
uses: softprops/action-gh-release@v2
with:
body: |
${{ steps.changelog.outputs.body }}
+ ---
+
${{ steps.virustotal.outputs.vt_results }}
+
+ **Full Changelog**: https://github.com/${{ github.repository }}/blob/main/CHANGELOG.md
files: release-assets/*
draft: false
prerelease: ${{ contains(github.ref, 'beta') || contains(github.ref, 'alpha') }}
@@ -500,7 +754,8 @@ jobs:
update-readme:
needs: [create-release]
runs-on: ubuntu-latest
- if: ${{ github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && inputs.dry_run != true) }}
+ # Only update README on actual releases (tag push), not dry runs
+ if: ${{ github.event_name == 'push' }}
permissions:
contents: write
steps:
diff --git a/.gitignore b/.gitignore
index 7f53e4c59a..6d2e458532 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,6 +14,7 @@ Desktop.ini
.env
.env.*
!.env.example
+/config.json
*.pem
*.key
*.crt
@@ -163,3 +164,7 @@ _bmad-output/
.claude/
/docs
OPUS_ANALYSIS_AND_IDEAS.md
+/.github/agents
+
+# Auto Claude generated files
+.security-key
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index f67b77c813..0f996bccc2 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,5 +1,6 @@
repos:
# Version sync - propagate root package.json version to all files
+ # NOTE: Skip in worktrees - version sync modifies root files which don't exist in worktree
- repo: local
hooks:
- id: version-sync
@@ -8,6 +9,12 @@ repos:
args:
- -c
- |
+ # Skip in worktrees - .git is a file pointing to main repo, not a directory
+ # Version sync modifies root-level files that may not exist in worktree context
+ if [ -f ".git" ]; then
+ echo "Skipping version-sync in worktree (root files not accessible)"
+ exit 0
+ fi
VERSION=$(node -p "require('./package.json').version")
if [ -n "$VERSION" ]; then
@@ -81,6 +88,7 @@ repos:
# Python tests (apps/backend/) - skip slow/integration tests for pre-commit speed
# Tests to skip: graphiti (external deps), merge_file_tracker/service_orchestrator/worktree/workspace (Windows path/git issues)
+ # NOTE: Skip this hook in worktrees (where .git is a file, not a directory)
- repo: local
hooks:
- id: pytest
@@ -89,6 +97,12 @@ repos:
args:
- -c
- |
+ # Skip in worktrees - .git is a file pointing to main repo, not a directory
+ # This prevents path resolution issues with ../../tests/ in worktree context
+ if [ -f ".git" ]; then
+ echo "Skipping pytest in worktree (path resolution would fail)"
+ exit 0
+ fi
cd apps/backend
if [ -f ".venv/bin/pytest" ]; then
PYTEST_CMD=".venv/bin/pytest"
@@ -113,18 +127,37 @@ repos:
pass_filenames: false
# Frontend linting (apps/frontend/)
+ # NOTE: These hooks check for worktree context to avoid npm/node_modules issues
- repo: local
hooks:
- id: eslint
name: ESLint
- entry: bash -c 'cd apps/frontend && npm run lint'
+ entry: bash
+ args:
+ - -c
+ - |
+ # Skip in worktrees if node_modules doesn't exist (dependencies not installed)
+ if [ -f ".git" ] && [ ! -d "apps/frontend/node_modules" ]; then
+ echo "Skipping ESLint in worktree (node_modules not found)"
+ exit 0
+ fi
+ cd apps/frontend && npm run lint
language: system
files: ^apps/frontend/.*\.(ts|tsx|js|jsx)$
pass_filenames: false
- id: typecheck
name: TypeScript Check
- entry: bash -c 'cd apps/frontend && npm run typecheck'
+ entry: bash
+ args:
+ - -c
+ - |
+ # Skip in worktrees if node_modules doesn't exist (dependencies not installed)
+ if [ -f ".git" ] && [ ! -d "apps/frontend/node_modules" ]; then
+ echo "Skipping TypeScript check in worktree (node_modules not found)"
+ exit 0
+ fi
+ cd apps/frontend && npm run typecheck
language: system
files: ^apps/frontend/.*\.(ts|tsx)$
pass_filenames: false
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2fb1a26e82..22c43eb8da 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,283 @@
+## 2.7.2 - Stability & Performance Enhancements
+
+### ✨ New Features
+
+- Added refresh button to Kanban board for manually reloading tasks
+
+- Terminal dropdown with built-in and external options in task review
+
+- Centralized CLI tool path management with customizable settings
+
+- Files tab in task details panel for better file organization
+
+- Enhanced PR review page with filtering capabilities
+
+- GitLab integration support
+
+- Automated PR review with follow-up support and structured outputs
+
+- UI scale feature with 75-200% range for accessibility
+
+- Python 3.12 bundled with packaged Electron app
+
+- OpenRouter support as LLM/embedding provider
+
+- Internationalization (i18n) system for multi-language support
+
+- Flatpak packaging support for Linux
+
+- Path-aware AI merge resolution with device code streaming
+
+### 🛠️ Improvements
+
+- Improved terminal experience with persistent state when switching projects
+
+- Enhanced PR review with structured outputs and fork support
+
+- Better UX for display and scaling changes
+
+- Convert synchronous I/O to async operations in worktree handlers
+
+- Enhanced logs for commit linting stage
+
+- Remove top navigation bars for cleaner UI
+
+- Enhanced PR detail area visual design
+
+- Improved CLI tool detection with more language support
+
+- Added iOS/Swift project detection
+
+- Optimize performance by removing projectTabs from useEffect dependencies
+
+- Improved Python detection and version validation for compatibility
+
+### 🐛 Bug Fixes
+
+- Fixed CI Python setup and PR status gate checks
+
+- Fixed cross-platform CLI path detection and clearing in settings
+
+- Preserve original task description after spec creation
+
+- Fixed learning loop to retrieve patterns and gotchas from memory
+
+- Resolved frontend lag and updated dependencies
+
+- Fixed Content-Security-Policy to allow external HTTPS images
+
+- Fixed PR review isolation by using temporary worktree
+
+- Fixed Homebrew Python detection to prefer versioned Python over system python3
+
+- Added support for Bun 1.2.0+ lock file format detection
+
+- Fixed infinite re-render loop in task selection
+
+- Fixed infinite loop in task detail merge preview loading
+
+- Resolved Windows EINVAL error when opening worktree in VS Code
+
+- Fixed fallback to prevent tasks stuck in ai_review status
+
+- Fixed SDK permissions to include spec_dir
+
+- Added --base-branch argument support to spec_runner
+
+- Allow Windows to run CC PR Reviewer
+
+- Fixed model selection to respect task_metadata.json
+
+- Improved GitHub PR review by passing repo parameter explicitly
+
+- Fixed electron-log imports with .js extension
+
+- Fixed Swift detection order in project analyzer
+
+- Prevent TaskEditDialog from unmounting when opened
+
+- Fixed subprocess handling for Python paths with spaces
+
+- Fixed file system race conditions and unused variables in security scanning
+
+- Resolved Python detection and backend packaging issues
+
+- Fixed version-specific links in README and pre-commit hooks
+
+- Fixed task status persistence reverting on refresh
+
+- Proper semver comparison for pre-release versions
+
+- Use virtual environment Python for all services to fix dotenv errors
+
+- Fixed explicit Windows System32 tar path for builds
+
+- Added augmented PATH environment to all GitHub CLI calls
+
+- Use PowerShell for tar extraction on Windows
+
+- Added --force-local flag to tar on Windows
+
+- Stop tracking spec files in git
+
+- Fixed GitHub API calls with explicit GET method for comment fetches
+
+- Support archiving tasks across all worktree locations
+
+- Validated backend source path before using it
+
+- Resolved spawn Python ENOENT error on Linux
+
+- Fixed CodeQL alerts for uncontrolled command line
+
+- Resolved GitHub follow-up review API issues
+
+- Fixed relative path normalization to POSIX format
+
+- Accepted bug_fix workflow_type alias during planning
+
+- Added global spec numbering lock to prevent collisions
+
+- Fixed ideation status sync
+
+- Stopped running process when task status changes away from in_progress
+
+- Removed legacy path from auto-claude source detection
+
+- Resolved Python environment race condition
+
+---
+
+## What's Changed
+
+- fix(ci): add Python setup to beta-release and fix PR status gate checks (#565) by @Andy in c2148bb9
+- fix: detect and clear cross-platform CLI paths in settings (#535) by @Andy in 29e45505
+- fix(ui): preserve original task description after spec creation (#536) by @Andy in 7990dcb4
+- fix(memory): fix learning loop to retrieve patterns and gotchas (#530) by @Andy in f58c2578
+- fix: resolve frontend lag and update dependencies (#526) by @Andy in 30f7951a
+- feat(kanban): add refresh button to manually reload tasks (#548) by @Adryan Serage in 252242f9
+- fix(csp): allow external HTTPS images in Content-Security-Policy (#549) by @Michael Ludlow in 3db02c5d
+- fix(pr-review): use temporary worktree for PR review isolation (#532) by @Andy in 344ec65e
+- fix: prefer versioned Homebrew Python over system python3 (#494) by @Navid in 8d58dd6f
+- fix(detection): support bun.lock text format for Bun 1.2.0+ (#525) by @Andy in 4da8cd66
+- chore: bump version to 2.7.2-beta.12 (#460) by @Andy in 8e5c11ac
+- Fix/windows issues (#471) by @Andy in 72106109
+- fix(ci): add Rust toolchain for Intel Mac builds (#459) by @Andy in 52a4fcc6
+- fix: create spec.md during roadmap-to-task conversion (#446) by @Mulaveesala Pranaveswar in fb6b7fc6
+- fix(pr-review): treat LOW-only findings as ready to merge (#455) by @Andy in 0f9c5b84
+- Fix/2.7.2 beta12 (#424) by @Andy in 5d8ede23
+- feat: remove top bars (#386) by @Vinícius Santos in da31b687
+- fix: prevent infinite re-render loop in task selection useEffect (#442) by @Abe Diaz in 2effa535
+- fix: accept Python 3.12+ in install-backend.js (#443) by @Abe Diaz in c15bb311
+- fix: infinite loop in useTaskDetail merge preview loading (#444) by @Abe Diaz in 203a970a
+- fix(windows): resolve EINVAL error when opening worktree in VS Code (#434) by @Vinícius Santos in 3c0708b7
+- feat(frontend): Add Files tab to task details panel (#430) by @Mitsu in 666794b5
+- refactor: remove deprecated TaskDetailPanel component (#432) by @Mitsu in ac8dfcac
+- fix(ui): add fallback to prevent tasks stuck in ai_review status (#397) by @Michael Ludlow in 798ca79d
+- feat: Enhance the look of the PR Detail area (#427) by @Alex in bdb01549
+- ci: remove conventional commits PR title validation workflow by @AndyMik90 in 515b73b5
+- fix(client): add spec_dir to SDK permissions (#429) by @Mitsu in 88c76059
+- fix(spec_runner): add --base-branch argument support (#428) by @Mitsu in 62a75515
+- feat: enhance pr review page to include PRs filters (#423) by @Alex in 717fba04
+- feat: add gitlab integration (#254) by @Mitsu in 0a571d3a
+- fix: Allow windows to run CC PR Reviewer (#406) by @Alex in 2f662469
+- fix(model): respect task_metadata.json model selection (#415) by @Andy in e7e6b521
+- feat(build): add Flatpak packaging support for Linux (#404) by @Mitsu in 230de5fc
+- fix(github): pass repo parameter to GHClient for explicit PR resolution (#413) by @Andy in 4bdf7a0c
+- chore(ci): remove redundant CLA GitHub Action workflow by @AndyMik90 in a39ea49d
+- fix(frontend): add .js extension to electron-log/main imports by @AndyMik90 in 9aef0dd0
+- fix: 2.7.2 bug fixes and improvements (#388) by @Andy in 05131217
+- fix(analyzer): move Swift detection before Ruby detection (#401) by @Michael Ludlow in 321c9712
+- fix(ui): prevent TaskEditDialog from unmounting when opened (#395) by @Michael Ludlow in 98b12ed8
+- fix: improve CLI tool detection and add Claude CLI path settings (#393) by @Joe in aaa83131
+- feat(analyzer): add iOS/Swift project detection (#389) by @Michael Ludlow in 68548e33
+- fix(github): improve PR review with structured outputs and fork support (#363) by @Andy in 7751588e
+- fix(ideation): update progress calculation to include just-completed ideation type (#381) by @Illia Filippov in 8b4ce58c
+- Fixes failing spec - "gh CLI Check Handler - should return installed: true when gh CLI is found" (#370) by @Ian in bc220645
+- fix: Memory Status card respects configured embedding provider (#336) (#373) by @Michael Ludlow in db0cbea3
+- fix: fixed version-specific links in readme and pre-commit hook that updates them (#378) by @Ian in 0ca2e3f6
+- docs: add security research documentation (#361) by @Brian in 2d3b7fb4
+- fix/Improving UX for Display/Scaling Changes (#332) by @Kevin Rajan in 9bbdef09
+- fix(perf): remove projectTabs from useEffect deps to fix re-render loop (#362) by @Michael Ludlow in 753dc8bb
+- fix(security): invalidate profile cache when file is created/modified (#355) by @Michael Ludlow in 20f20fa3
+- fix(subprocess): handle Python paths with spaces (#352) by @Michael Ludlow in eabe7c7d
+- fix: Resolve pre-commit hook failures with version sync, pytest path, ruff version, and broken quality-dco workflow (#334) by @Ian in 1fa7a9c7
+- fix(terminal): preserve terminal state when switching projects (#358) by @Andy in 7881b2d1
+- fix(analyzer): add C#/Java/Swift/Kotlin project files to security hash (#351) by @Michael Ludlow in 4e71361b
+- fix: make backend tests pass on Windows (#282) by @Oluwatosin Oyeladun in 4dcc5afa
+- fix(ui): close parent modal when Edit dialog opens (#354) by @Michael Ludlow in e9782db0
+- chore: bump version to 2.7.2-beta.10 by @AndyMik90 in 40d04d7c
+- feat: add terminal dropdown with inbuilt and external options in task review (#347) by @JoshuaRileyDev in fef07c95
+- refactor: remove deprecated code across backend and frontend (#348) by @Mitsu in 9d43abed
+- feat: centralize CLI tool path management (#341) by @HSSAINI Saad in d51f4562
+- refactor(components): remove deprecated TaskDetailPanel re-export (#344) by @Mitsu in 787667e9
+- chore: Refactor/kanban realtime status sync (#249) by @souky-byte in 9734b70b
+- refactor(settings): remove deprecated ProjectSettings modal and hooks (#343) by @Mitsu in fec6b9f3
+- perf: convert synchronous I/O to async operations in worktree handlers (#337) by @JoshuaRileyDev in d3a63b09
+- feat: bump version (#329) by @Alex in 50e3111a
+- fix(ci): remove version bump to fix branch protection conflict (#325) by @Michael Ludlow in 8a80b1d5
+- fix(tasks): sync status to worktree implementation plan to prevent reset (#243) (#323) by @Alex in cb6b2165
+- fix(ci): add auto-updater manifest files and version auto-update (#317) by @Michael Ludlow in 661e47c3
+- fix(project): fix task status persistence reverting on refresh (#246) (#318) by @Michael Ludlow in e80ef79d
+- fix(updater): proper semver comparison for pre-release versions (#313) by @Michael Ludlow in e1b0f743
+- fix(python): use venv Python for all services to fix dotenv errors (#311) by @Alex in 92c6f278
+- chore(ci): cancel in-progress runs (#302) by @Oluwatosin Oyeladun in 1c142273
+- fix(build): use explicit Windows System32 tar path (#308) by @Andy in c0a02a45
+- fix(github): add augmented PATH env to all gh CLI calls by @AndyMik90 in 086429cb
+- fix(build): use PowerShell for tar extraction on Windows by @AndyMik90 in d9fb8f29
+- fix(build): add --force-local flag to tar on Windows (#303) by @Andy in d0b0b3df
+- fix: stop tracking spec files in git (#295) by @Andy in 937a60f8
+- Fix/2.7.2 fixes (#300) by @Andy in 7a51cbd5
+- feat(merge,oauth): add path-aware AI merge resolution and device code streaming (#296) by @Andy in 26beefe3
+- feat: enhance the logs for the commit linting stage (#293) by @Alex in 8416f307
+- fix(github): add explicit GET method to gh api comment fetches (#294) by @Andy in 217249c8
+- fix(frontend): support archiving tasks across all worktree locations (#286) by @Andy in 8bb3df91
+- Potential fix for code scanning alert no. 224: Uncontrolled command line (#285) by @Andy in 5106c6e9
+- fix(frontend): validate backend source path before using it (#287) by @Andy in 3ff61274
+- feat(python): bundle Python 3.12 with packaged Electron app (#284) by @Andy in 7f19c2e1
+- fix: resolve spawn python ENOENT error on Linux by using getAugmentedEnv() (#281) by @Todd W. Bucy in d98e2830
+- fix(ci): add write permissions to beta-release update-version job by @AndyMik90 in 0b874d4b
+- chore(deps): bump @xterm/xterm from 5.5.0 to 6.0.0 in /apps/frontend (#270) by @dependabot[bot] in 50dd1078
+- fix(github): resolve follow-up review API issues by @AndyMik90 in f1cc5a09
+- fix(security): resolve CodeQL file system race conditions and unused variables (#277) by @Andy in b005fa5c
+- fix(ci): use correct electron-builder arch flags (#278) by @Andy in d79f2da4
+- chore(deps): bump jsdom from 26.1.0 to 27.3.0 in /apps/frontend (#268) by @dependabot[bot] in 5ac566e2
+- chore(deps): bump typescript-eslint in /apps/frontend (#269) by @dependabot[bot] in f49d4817
+- fix(ci): use develop branch for dry-run builds in beta-release workflow (#276) by @Andy in 1e1d7d9b
+- fix: accept bug_fix workflow_type alias during planning (#240) by @Daniel Frey in e74a3dff
+- fix(paths): normalize relative paths to posix (#239) by @Daniel Frey in 6ac8250b
+- chore(deps): bump @electron/rebuild in /apps/frontend (#271) by @dependabot[bot] in a2cee694
+- chore(deps): bump vitest from 4.0.15 to 4.0.16 in /apps/frontend (#272) by @dependabot[bot] in d4cad80a
+- feat(github): add automated PR review with follow-up support (#252) by @Andy in 596e9513
+- ci: implement enterprise-grade PR quality gates and security scanning (#266) by @Alex in d42041c5
+- fix: update path resolution for ollama_model_detector.py in memory handlers (#263) by @delyethan in a3f87540
+- feat: add i18n internationalization system (#248) by @Mitsu in f8438112
+- Revert "Feat/Auto Fix Github issues and do extensive AI PR reviews (#250)" (#251) by @Andy in 5e8c5308
+- Feat/Auto Fix Github issues and do extensive AI PR reviews (#250) by @Andy in 348de6df
+- fix: resolve Python detection and backend packaging issues (#241) by @HSSAINI Saad in 0f7d6e05
+- fix: add future annotations import to discovery.py (#229) by @Joris Slagter in 5ccdb6ab
+- Fix/ideation status sync (#212) by @souky-byte in 6ec8549f
+- fix(core): add global spec numbering lock to prevent collisions (#209) by @Andy in 53527293
+- feat: Add OpenRouter as LLM/embedding provider (#162) by @Fernando Possebon in 02bef954
+- fix: Add Python 3.10+ version validation and GitHub Actions Python setup (#180 #167) (#208) by @Fernando Possebon in f168bdc3
+- fix(ci): correct welcome workflow PR message (#206) by @Andy in e3eec68a
+- Feat/beta release (#193) by @Andy in 407a0bee
+- feat/beta-release (#190) by @Andy in 8f766ad1
+- fix/PRs from old main setup to apps structure (#185) by @Andy in ced2ad47
+- fix: hide status badge when execution phase badge is showing (#154) by @Andy in 05f5d303
+- feat: Add UI scale feature with 75-200% range (#125) by @Enes Cingöz in 6951251b
+- fix(task): stop running process when task status changes away from in_progress by @AndyMik90 in 30e7536b
+- Fix/linear 400 error by @Andy in 220faf0f
+- fix: remove legacy path from auto-claude source detection (#148) by @Joris Slagter in f96c6301
+- fix: resolve Python environment race condition (#142) by @Joris Slagter in ebd8340d
+- Feat: Ollama download progress tracking with new apps structure (#141) by @rayBlock in df779530
+- Feature/apps restructure v2.7.2 (#138) by @Andy in 0adaddac
+- docs: Add Git Flow branching strategy to CONTRIBUTING.md by @AndyMik90 in 91f7051d
+
+## Thanks to all contributors
+
+@Andy, @Adryan Serage, @Michael Ludlow, @Navid, @Mulaveesala Pranaveswar, @Vinícius Santos, @Abe Diaz, @Mitsu, @Alex, @AndyMik90, @Joe, @Illia Filippov, @Ian, @Brian, @Kevin Rajan, @Oluwatosin Oyeladun, @JoshuaRileyDev, @HSSAINI Saad, @souky-byte, @Todd W. Bucy, @dependabot[bot], @Daniel Frey, @delyethan, @Joris Slagter, @Fernando Possebon, @Enes Cingöz, @rayBlock
+
## 2.7.1 - Build Pipeline Enhancements
### 🛠️ Improvements
diff --git a/INVESTIGATION.md b/INVESTIGATION.md
new file mode 100644
index 0000000000..2daae34b7b
--- /dev/null
+++ b/INVESTIGATION.md
@@ -0,0 +1,318 @@
+# Root Cause Investigation: Task Workflow Halts After Planning Stage
+
+## Investigation Summary
+
+After adding comprehensive logging to the task loading and plan update pipeline, I've analyzed the data flow from backend to frontend to identify why subtasks fail to display after spec completion.
+
+## Data Flow Analysis
+
+### Current Architecture
+
+```
+Backend (Python)
+ ↓
+Creates implementation_plan.json
+ ↓
+Emits IPC event: 'task:progress' with plan data
+ ↓
+Frontend (Electron Renderer)
+ ↓
+useIpc.ts: onTaskProgress handler (batched)
+ ↓
+task-store.ts: updateTaskFromPlan(taskId, plan)
+ ↓
+Creates subtasks from plan.phases.flatMap(phase => phase.subtasks)
+ ↓
+UI: TaskSubtasks.tsx renders subtasks
+```
+
+### Critical Code Paths
+
+**1. Plan Update Handler** (`apps/frontend/src/renderer/hooks/useIpc.ts:131-135`)
+```typescript
+window.electronAPI.onTaskProgress(
+ (taskId: string, plan: ImplementationPlan) => {
+ queueUpdate(taskId, { plan });
+ }
+);
+```
+
+**2. Subtask Creation** (`apps/frontend/src/renderer/stores/task-store.ts:124-133`)
+```typescript
+const subtasks: Subtask[] = plan.phases.flatMap((phase) =>
+ phase.subtasks.map((subtask) => ({
+ id: subtask.id,
+ title: subtask.description,
+ description: subtask.description,
+ status: subtask.status,
+ files: [],
+ verification: subtask.verification as Subtask['verification']
+ }))
+);
+```
+
+**3. Initial Task Loading** (`apps/frontend/src/main/project-store.ts:461-470`)
+```typescript
+const subtasks = plan?.phases?.flatMap((phase) => {
+ const items = phase.subtasks || (phase as { chunks?: PlanSubtask[] }).chunks || [];
+ return items.map((subtask) => ({
+ id: subtask.id,
+ title: subtask.description,
+ description: subtask.description,
+ status: subtask.status,
+ files: []
+ }));
+}) || [];
+```
+
+## Root Cause Identification
+
+### Primary Root Cause: Early Plan Update Event with Empty Phases
+
+**What's Happening:**
+
+1. **Backend creates `implementation_plan.json` in stages:**
+ - First writes the file with minimal structure: `{ "feature": "...", "phases": [] }`
+ - Then adds phases and subtasks incrementally
+ - Emits IPC event each time the plan is updated
+
+2. **Frontend receives the FIRST plan update event:**
+ - Plan has `feature` and basic metadata
+ - **But `phases` array is EMPTY: `[]`**
+ - `updateTaskFromPlan` is called with this incomplete plan
+ - Subtasks are created as empty array: `plan.phases.flatMap(...)` → `[]`
+
+3. **Later plan updates with full subtask data are ignored:**
+ - When backend writes the complete plan with subtasks
+ - Another IPC event is emitted
+ - But due to race conditions or event handling issues, this update doesn't reach the frontend
+ - Or it does reach but the task UI doesn't refresh
+
+**Evidence from Code:**
+
+Looking at `updateTaskFromPlan` (task-store.ts:106-190):
+- Line 108-114: Logs show `phases: plan.phases?.length || 0`
+- Line 112: If plan has 0 phases, `totalSubtasks` will be 0
+- Line 124-133: `plan.phases.flatMap(...)` on empty array creates `subtasks = []`
+- **No validation to check if plan is complete before updating state**
+
+**Why "!" Indicators Appear:**
+
+The "!" indicators likely come from the UI attempting to render subtasks when:
+- Subtask count shows as 18 (from later plan update metadata)
+- But `task.subtasks` array is actually empty `[]` (from early plan update)
+- This mismatch causes the UI to show warning indicators
+
+### Secondary Contributing Factors
+
+**A. No Plan Validation Before State Update**
+
+Current code in `updateTaskFromPlan` immediately creates subtasks from whatever plan data it receives:
+```typescript
+const subtasks: Subtask[] = plan.phases.flatMap((phase) =>
+ phase.subtasks.map((subtask) => ({ ... }))
+);
+```
+
+**Problem:** No check if plan is "ready" or "complete" before updating state.
+
+**B. Missing Reload Trigger After Spec Completion**
+
+When spec creation completes and the full plan is written:
+- The IPC event might not fire again
+- Or the event fires but the batching mechanism drops it
+- Frontend state remains stuck with empty subtasks
+
+**C. Race Condition in Batch Update Queue**
+
+In `useIpc.ts:92-112`, the batching mechanism queues updates:
+```typescript
+function queueUpdate(taskId: string, update: BatchedUpdate): void {
+ const existing = batchQueue.get(taskId) || {};
+ batchQueue.set(taskId, { ...existing, ...update });
+}
+```
+
+**Problem:** If two plan updates arrive within 16ms:
+- First update has empty phases: `{ plan: { phases: [] } }`
+- Second update has full phases: `{ plan: { phases: [...18 subtasks...] } }`
+- Second update **overwrites** first in the queue
+- But if order gets reversed, empty plan overwrites full plan
+
+## Log Evidence to Look For
+
+To confirm this root cause, check console logs for:
+
+### 1. Plan Loading Sequence
+```
+[updateTaskFromPlan] called with plan:
+ taskId: "xxx"
+ feature: "..."
+ phases: 0 ← SMOKING GUN: phases array is empty
+ totalSubtasks: 0 ← No subtasks
+```
+
+If you see `phases: 0` followed later by no update with `phases: 3` (or more), the early empty plan is stuck in state.
+
+### 2. Multiple Plan Updates
+```
+[updateTaskFromPlan] called with plan:
+ phases: 0
+ totalSubtasks: 0
+
+[updateTaskFromPlan] called with plan: ← This might never appear
+ phases: 3
+ totalSubtasks: 18
+```
+
+If second log never appears, the plan update event isn't firing after spec completion.
+
+### 3. Project Store Loading
+```
+[ProjectStore] Loading implementation_plan.json for spec: xxx
+[ProjectStore] Loaded plan for xxx:
+ phaseCount: 0 ← Empty plan loaded from disk
+ subtaskCount: 0
+```
+
+If plan file on disk has empty phases, the issue is in backend plan writing.
+
+### 4. Plan File Utils
+```
+[plan-file-utils] Reading implementation_plan.json to update status
+[plan-file-utils] Successfully persisted status ← Plan exists but might be incomplete
+```
+
+Check if plan file reads/writes are happening during spec creation.
+
+## Proposed Fix Approach
+
+### Fix 1: Add Plan Completeness Validation (Immediate Fix)
+
+**File:** `apps/frontend/src/renderer/stores/task-store.ts`
+
+**Change:** Only update subtasks if plan has valid phases and subtasks:
+
+```typescript
+updateTaskFromPlan: (taskId, plan) =>
+ set((state) => {
+ console.log('[updateTaskFromPlan] called with plan:', { ... });
+
+ const index = findTaskIndex(state.tasks, taskId);
+ if (index === -1) {
+ console.log('[updateTaskFromPlan] Task not found:', taskId);
+ return state;
+ }
+
+ // VALIDATION: Don't update if plan is incomplete
+ if (!plan.phases || plan.phases.length === 0) {
+ console.warn('[updateTaskFromPlan] Plan has no phases, skipping update:', taskId);
+ return state; // Keep existing state, don't overwrite with empty data
+ }
+
+ const totalSubtasks = plan.phases.reduce((acc, p) => acc + (p.subtasks?.length || 0), 0);
+ if (totalSubtasks === 0) {
+ console.warn('[updateTaskFromPlan] Plan has no subtasks, skipping update:', taskId);
+ return state; // Keep existing state
+ }
+
+ // ... rest of existing code to create subtasks ...
+ })
+```
+
+### Fix 2: Trigger Reload After Spec Completion (Comprehensive Fix)
+
+**File:** `apps/frontend/src/renderer/hooks/useIpc.ts`
+
+**Change:** Add explicit "spec completed" event handler that reloads the task:
+
+```typescript
+// Add new IPC event listener
+const cleanupSpecComplete = window.electronAPI.onSpecComplete(
+ async (taskId: string) => {
+ console.log('[IPC] Spec completed for task:', taskId);
+ // Force reload the task from disk to get the complete plan
+ const task = useTaskStore.getState().tasks.find(t => t.id === taskId);
+ if (task) {
+ // Reload plan from file
+ const result = await window.electronAPI.getTaskPlan(task.projectId, taskId);
+ if (result.success && result.data) {
+ updateTaskFromPlan(taskId, result.data);
+ }
+ }
+ }
+);
+```
+
+### Fix 3: Prevent Plan Overwrite in Batch Queue (Race Condition Fix)
+
+**File:** `apps/frontend/src/renderer/hooks/useIpc.ts`
+
+**Change:** Don't overwrite plan if incoming plan has fewer subtasks than existing:
+
+```typescript
+function queueUpdate(taskId: string, update: BatchedUpdate): void {
+ const existing = batchQueue.get(taskId) || {};
+
+ // For plan updates, only accept if it has MORE data than existing
+ let mergedPlan = existing.plan;
+ if (update.plan) {
+ const existingSubtasks = existing.plan?.phases?.flatMap(p => p.subtasks || []).length || 0;
+ const newSubtasks = update.plan.phases?.flatMap(p => p.subtasks || []).length || 0;
+
+ if (newSubtasks >= existingSubtasks) {
+ mergedPlan = update.plan; // Accept new plan
+ } else {
+ console.warn('[IPC Batch] Rejecting plan update with fewer subtasks:',
+ { taskId, existing: existingSubtasks, new: newSubtasks });
+ // Keep existing plan, don't overwrite with less complete data
+ }
+ }
+
+ // ... rest of existing code ...
+}
+```
+
+## Testing the Fix
+
+### Manual Verification Steps
+
+1. **Create a new task** and move it to "In Progress"
+2. **Watch the console logs** for:
+ ```
+ [updateTaskFromPlan] called with plan: { phases: 0, totalSubtasks: 0 }
+ ```
+3. **Wait for spec to complete** (planning phase finishes)
+4. **Check console logs** for:
+ ```
+ [updateTaskFromPlan] called with plan: { phases: 3, totalSubtasks: 18 }
+ ```
+5. **Expand subtask list** in task card
+6. **Verify:** Subtasks display with full details, no "!" indicators
+
+### Expected Outcome After Fix
+
+- ✅ Empty/incomplete plan updates are ignored
+- ✅ Only complete plans with phases and subtasks update the UI
+- ✅ Subtasks display with id, description, and status
+- ✅ No "!" warning indicators
+- ✅ Subtask count shows "0/18 completed" (not "0/0")
+- ✅ Plan pulsing animation stops when spec completes
+- ✅ Resume functionality works without infinite loop
+
+## Next Steps
+
+1. ✅ **This Investigation** - Root cause identified (COMPLETE)
+2. 🔄 **Subtask 2-1** - Implement Fix 1 (validation in updateTaskFromPlan)
+3. 🔄 **Subtask 2-2** - Add data validation before subtask state updates
+4. 🔄 **Subtask 2-3** - Fix pulsing animation condition
+5. 🔄 **Subtask 2-4** - Fix resume logic to reload plan if subtasks missing
+6. 🔄 **Phase 3** - Add comprehensive tests to prevent regressions
+
+## Conclusion
+
+**Root Cause:** Frontend receives and accepts incomplete plan data (empty `phases` array) during the spec creation process, before subtasks are written. This overwrites any existing subtask data and leaves the UI in a stuck state with no subtasks to display.
+
+**Fix Priority:** Implement Fix 1 (validation) immediately to prevent incomplete plans from updating state. This is a minimal, low-risk change that will resolve the core issue.
+
+**Long-term Solution:** Add explicit event handling for spec completion (Fix 2) and improve batch queue logic (Fix 3) to make the system more robust against race conditions and out-of-order updates.
diff --git a/README.md b/README.md
index d22c5216a2..b5c6f60cef 100644
--- a/README.md
+++ b/README.md
@@ -4,11 +4,9 @@
-
-[](https://github.com/AndyMik90/Auto-Claude/releases/tag/v2.7.2)
-
[](./agpl-3.0.txt)
[](https://discord.gg/KCXaPBr4Dj)
+[](https://www.youtube.com/@AndreMikalsen)
[](https://github.com/AndyMik90/Auto-Claude/actions)
---
@@ -24,11 +22,11 @@
| Platform | Download |
|----------|----------|
-| **Windows** | [Auto-Claude-2.7.1-win32-x64.exe](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.1/Auto-Claude-2.7.1-win32-x64.exe) |
-| **macOS (Apple Silicon)** | [Auto-Claude-2.7.1-darwin-arm64.dmg](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.1/Auto-Claude-2.7.1-darwin-arm64.dmg) |
-| **macOS (Intel)** | [Auto-Claude-2.7.1-darwin-x64.dmg](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.1/Auto-Claude-2.7.1-darwin-x64.dmg) |
-| **Linux** | [Auto-Claude-2.7.1-linux-x86_64.AppImage](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.1/Auto-Claude-2.7.1-linux-x86_64.AppImage) |
-| **Linux (Debian)** | [Auto-Claude-2.7.1-linux-amd64.deb](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.1/Auto-Claude-2.7.1-linux-amd64.deb) |
+| **Windows** | [Auto-Claude-2.7.2-win32-x64.exe](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.2/Auto-Claude-2.7.2-win32-x64.exe) |
+| **macOS (Apple Silicon)** | [Auto-Claude-2.7.2-darwin-arm64.dmg](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.2/Auto-Claude-2.7.2-darwin-arm64.dmg) |
+| **macOS (Intel)** | [Auto-Claude-2.7.2-darwin-x64.dmg](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.2/Auto-Claude-2.7.2-darwin-x64.dmg) |
+| **Linux** | [Auto-Claude-2.7.2-linux-x86_64.AppImage](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.2/Auto-Claude-2.7.2-linux-x86_64.AppImage) |
+| **Linux (Debian)** | [Auto-Claude-2.7.2-linux-amd64.deb](https://github.com/AndyMik90/Auto-Claude/releases/download/v2.7.2/Auto-Claude-2.7.2-linux-amd64.deb) |
### Beta Release
@@ -59,7 +57,6 @@
- **Claude Pro/Max subscription** - [Get one here](https://claude.ai/upgrade)
- **Claude Code CLI** - `npm install -g @anthropic-ai/claude-code`
- **Git repository** - Your project must be initialized as a git repo
-- **Python 3.12+** - Required for the backend and Memory Layer
---
@@ -148,113 +145,11 @@ See [guides/CLI-USAGE.md](guides/CLI-USAGE.md) for complete CLI documentation.
---
-## Configuration
+## Development
-Create `apps/backend/.env` from the example:
+Want to build from source or contribute? See [CONTRIBUTING.md](CONTRIBUTING.md) for complete development setup instructions.
-```bash
-cp apps/backend/.env.example apps/backend/.env
-```
-
-| Variable | Required | Description |
-|----------|----------|-------------|
-| `CLAUDE_CODE_OAUTH_TOKEN` | Yes | OAuth token from `claude setup-token` |
-| `GRAPHITI_ENABLED` | No | Enable Memory Layer for cross-session context |
-| `AUTO_BUILD_MODEL` | No | Override the default Claude model |
-| `GITLAB_TOKEN` | No | GitLab Personal Access Token for GitLab integration |
-| `GITLAB_INSTANCE_URL` | No | GitLab instance URL (defaults to gitlab.com) |
-| `LINEAR_API_KEY` | No | Linear API key for task sync |
-
----
-
-## Building from Source
-
-For contributors and development:
-
-```bash
-# Clone the repository
-git clone https://github.com/AndyMik90/Auto-Claude.git
-cd Auto-Claude
-
-# Install all dependencies
-npm run install:all
-
-# Run in development mode
-npm run dev
-
-# Or build and run
-npm start
-```
-
-**System requirements for building:**
-- Node.js 24+
-- Python 3.12+
-- npm 10+
-
-**Installing dependencies by platform:**
-
-
-Windows
-
-```bash
-winget install Python.Python.3.12
-winget install OpenJS.NodeJS.LTS
-```
-
-
-
-
-macOS
-
-```bash
-brew install python@3.12 node@24
-```
-
-
-
-
-Linux (Ubuntu/Debian)
-
-```bash
-sudo apt install python3.12 python3.12-venv
-curl -fsSL https://deb.nodesource.com/setup_24.x | sudo -E bash -
-sudo apt install -y nodejs
-```
-
-
-
-
-Linux (Fedora)
-
-```bash
-sudo dnf install python3.12 nodejs npm
-```
-
-
-
-See [CONTRIBUTING.md](CONTRIBUTING.md) for detailed development setup.
-
-### Building Flatpak
-
-To build the Flatpak package, you need additional dependencies:
-
-```bash
-# Fedora/RHEL
-sudo dnf install flatpak-builder
-
-# Ubuntu/Debian
-sudo apt install flatpak-builder
-
-# Install required Flatpak runtimes
-flatpak install flathub org.freedesktop.Platform//25.08 org.freedesktop.Sdk//25.08
-flatpak install flathub org.electronjs.Electron2.BaseApp//25.08
-
-# Build the Flatpak
-cd apps/frontend
-npm run package:flatpak
-```
-
-The Flatpak will be created in `apps/frontend/dist/`.
+For Linux-specific builds (Flatpak, AppImage), see [guides/linux.md](guides/linux.md).
---
@@ -284,7 +179,7 @@ All releases are:
| `npm run package:mac` | Package for macOS |
| `npm run package:win` | Package for Windows |
| `npm run package:linux` | Package for Linux |
-| `npm run package:flatpak` | Package as Flatpak |
+| `npm run package:flatpak` | Package as Flatpak (see [guides/linux.md](guides/linux.md)) |
| `npm run lint` | Run linter |
| `npm test` | Run frontend tests |
| `npm run test:backend` | Run backend tests |
@@ -316,3 +211,11 @@ We welcome contributions! Please read [CONTRIBUTING.md](CONTRIBUTING.md) for:
Auto Claude is free to use. If you modify and distribute it, or run it as a service, your code must also be open source under AGPL-3.0.
Commercial licensing available for closed-source use cases.
+
+---
+
+## Star History
+
+[](https://github.com/AndyMik90/Auto-Claude/stargazers)
+
+[](https://star-history.com/#AndyMik90/Auto-Claude&Date)
diff --git a/RELEASE.md b/RELEASE.md
index d7f6eb10dd..21d0e6b53d 100644
--- a/RELEASE.md
+++ b/RELEASE.md
@@ -69,9 +69,38 @@ This will:
- Update `apps/frontend/package.json`
- Update `package.json` (root)
- Update `apps/backend/__init__.py`
+- Check if `CHANGELOG.md` has an entry for the new version (warns if missing)
- Create a commit with message `chore: bump version to X.Y.Z`
-### Step 2: Push and Create PR
+### Step 2: Update CHANGELOG.md (REQUIRED)
+
+**IMPORTANT: The release will fail if CHANGELOG.md doesn't have an entry for the new version.**
+
+Add release notes to `CHANGELOG.md` at the top of the file:
+
+```markdown
+## 2.8.0 - Your Release Title
+
+### ✨ New Features
+- Feature description
+
+### 🛠️ Improvements
+- Improvement description
+
+### 🐛 Bug Fixes
+- Fix description
+
+---
+```
+
+Then amend the version bump commit:
+
+```bash
+git add CHANGELOG.md
+git commit --amend --no-edit
+```
+
+### Step 3: Push and Create PR
```bash
# Push your branch
@@ -81,24 +110,25 @@ git push origin your-branch
gh pr create --base main --title "Release v2.8.0"
```
-### Step 3: Merge to Main
+### Step 4: Merge to Main
Once the PR is approved and merged to `main`, GitHub Actions will automatically:
1. **Detect the version bump** (`prepare-release.yml`)
-2. **Create a git tag** (e.g., `v2.8.0`)
-3. **Trigger the release workflow** (`release.yml`)
-4. **Build binaries** for all platforms:
+2. **Validate CHANGELOG.md** has an entry for the new version (FAILS if missing)
+3. **Extract release notes** from CHANGELOG.md
+4. **Create a git tag** (e.g., `v2.8.0`)
+5. **Trigger the release workflow** (`release.yml`)
+6. **Build binaries** for all platforms:
- macOS Intel (x64) - code signed & notarized
- macOS Apple Silicon (arm64) - code signed & notarized
- Windows (NSIS installer) - code signed
- Linux (AppImage + .deb)
-5. **Generate changelog** from merged PRs (using release-drafter)
-6. **Scan binaries** with VirusTotal
-7. **Create GitHub release** with all artifacts
-8. **Update README** with new version badge and download links
+7. **Scan binaries** with VirusTotal
+8. **Create GitHub release** with release notes from CHANGELOG.md
+9. **Update README** with new version badge and download links
-### Step 4: Verify
+### Step 5: Verify
After merging, check:
- [GitHub Actions](https://github.com/AndyMik90/Auto-Claude/actions) - ensure all workflows pass
@@ -113,28 +143,49 @@ We follow [Semantic Versioning](https://semver.org/):
- **MINOR** (0.X.0): New features, backwards compatible
- **PATCH** (0.0.X): Bug fixes, backwards compatible
-## Changelog Generation
+## Changelog Management
+
+Release notes are managed in `CHANGELOG.md` and used for GitHub releases.
+
+### Changelog Format
-Changelogs are automatically generated from merged PRs using [Release Drafter](https://github.com/release-drafter/release-drafter).
+Each version entry in `CHANGELOG.md` should follow this format:
-### PR Labels for Changelog Categories
+```markdown
+## X.Y.Z - Release Title
-| Label | Category |
-|-------|----------|
-| `feature`, `enhancement` | New Features |
-| `bug`, `fix` | Bug Fixes |
-| `improvement`, `refactor` | Improvements |
-| `documentation` | Documentation |
-| (any other) | Other Changes |
+### ✨ New Features
+- Feature description with context
-**Tip:** Add appropriate labels to your PRs for better changelog organization.
+### 🛠️ Improvements
+- Improvement description
+
+### 🐛 Bug Fixes
+- Fix description
+
+---
+```
+
+### Changelog Validation
+
+The release workflow **validates** that `CHANGELOG.md` has an entry for the version being released:
+
+- If the entry is **missing**, the release is **blocked** with a clear error message
+- If the entry **exists**, its content is used for the GitHub release notes
+
+### Writing Good Release Notes
+
+- **Be specific**: Instead of "Fixed bug", write "Fixed crash when opening large files"
+- **Group by impact**: Features first, then improvements, then fixes
+- **Credit contributors**: Mention contributors for significant changes
+- **Link issues**: Reference GitHub issues where relevant (e.g., "Fixes #123")
## Workflows
| Workflow | Trigger | Purpose |
|----------|---------|---------|
-| `prepare-release.yml` | Push to `main` | Detects version bump, creates tag |
-| `release.yml` | Tag `v*` pushed | Builds binaries, creates release |
+| `prepare-release.yml` | Push to `main` | Detects version bump, **validates CHANGELOG.md**, creates tag |
+| `release.yml` | Tag `v*` pushed | Builds binaries, extracts changelog, creates release |
| `validate-version.yml` | Tag `v*` pushed | Validates tag matches package.json |
| `update-readme` (in release.yml) | After release | Updates README with new version |
@@ -153,6 +204,22 @@ Changelogs are automatically generated from merged PRs using [Release Drafter](h
git diff HEAD~1 --name-only | grep package.json
```
+### Release blocked: Missing changelog entry
+
+If you see "CHANGELOG VALIDATION FAILED" in the workflow:
+
+1. The `prepare-release.yml` workflow validated that `CHANGELOG.md` doesn't have an entry for the new version
+2. **Fix**: Add an entry to `CHANGELOG.md` with the format `## X.Y.Z - Title`
+3. Commit and push the changelog update
+4. The workflow will automatically retry when the changes are pushed to `main`
+
+```bash
+# Add changelog entry, then:
+git add CHANGELOG.md
+git commit -m "docs: add changelog for vX.Y.Z"
+git push origin main
+```
+
### Build failed after tag was created
- The release won't be published if builds fail
diff --git a/apps/backend/agents/README.md b/apps/backend/agents/README.md
index 1cf2b2fb81..85253eae26 100644
--- a/apps/backend/agents/README.md
+++ b/apps/backend/agents/README.md
@@ -26,7 +26,7 @@ auto-claude/agents/
### `utils.py` (3.6 KB)
- Git operations: `get_latest_commit()`, `get_commit_count()`
- Plan management: `load_implementation_plan()`, `find_subtask_in_plan()`, `find_phase_for_subtask()`
-- Workspace sync: `sync_plan_to_source()`
+- Workspace sync: `sync_spec_to_source()`
### `memory.py` (13 KB)
- Dual-layer memory system (Graphiti primary, file-based fallback)
@@ -73,7 +73,7 @@ from agents import (
# Utilities
get_latest_commit,
load_implementation_plan,
- sync_plan_to_source,
+ sync_spec_to_source,
)
```
diff --git a/apps/backend/agents/__init__.py b/apps/backend/agents/__init__.py
index 37dae174c4..4eed468607 100644
--- a/apps/backend/agents/__init__.py
+++ b/apps/backend/agents/__init__.py
@@ -14,6 +14,10 @@
Uses lazy imports to avoid circular dependencies.
"""
+# Explicit import required by CodeQL static analysis
+# (CodeQL doesn't recognize __getattr__ dynamic exports)
+from .utils import sync_spec_to_source
+
__all__ = [
# Main API
"run_autonomous_agent",
@@ -32,7 +36,7 @@
"load_implementation_plan",
"find_subtask_in_plan",
"find_phase_for_subtask",
- "sync_plan_to_source",
+ "sync_spec_to_source",
# Constants
"AUTO_CONTINUE_DELAY_SECONDS",
"HUMAN_INTERVENTION_FILE",
@@ -77,7 +81,7 @@ def __getattr__(name):
"get_commit_count",
"get_latest_commit",
"load_implementation_plan",
- "sync_plan_to_source",
+ "sync_spec_to_source",
):
from .utils import (
find_phase_for_subtask,
@@ -85,7 +89,7 @@ def __getattr__(name):
get_commit_count,
get_latest_commit,
load_implementation_plan,
- sync_plan_to_source,
+ sync_spec_to_source,
)
return locals()[name]
diff --git a/apps/backend/agents/coder.py b/apps/backend/agents/coder.py
index 39d43b30a0..863aef1c7d 100644
--- a/apps/backend/agents/coder.py
+++ b/apps/backend/agents/coder.py
@@ -7,6 +7,7 @@
import asyncio
import logging
+import os
from pathlib import Path
from core.client import create_client
@@ -37,6 +38,7 @@
)
from prompts import is_first_run
from recovery import RecoveryManager
+from security.constants import PROJECT_DIR_ENV_VAR
from task_logger import (
LogPhase,
get_task_logger,
@@ -62,7 +64,7 @@
get_commit_count,
get_latest_commit,
load_implementation_plan,
- sync_plan_to_source,
+ sync_spec_to_source,
)
logger = logging.getLogger(__name__)
@@ -90,6 +92,10 @@ async def run_autonomous_agent(
verbose: Whether to show detailed output
source_spec_dir: Original spec directory in main project (for syncing from worktree)
"""
+ # Set environment variable for security hooks to find the correct project directory
+ # This is needed because os.getcwd() may return the wrong directory in worktree mode
+ os.environ[PROJECT_DIR_ENV_VAR] = str(project_dir.resolve())
+
# Initialize recovery manager (handles memory persistence)
recovery_manager = RecoveryManager(spec_dir, project_dir)
@@ -404,7 +410,7 @@ async def run_autonomous_agent(
print_status("Linear notified of stuck subtask", "info")
elif is_planning_phase and source_spec_dir:
# After planning phase, sync the newly created implementation plan back to source
- if sync_plan_to_source(spec_dir, source_spec_dir):
+ if sync_spec_to_source(spec_dir, source_spec_dir):
print_status("Implementation plan synced to main project", "success")
# Handle session status
diff --git a/apps/backend/agents/session.py b/apps/backend/agents/session.py
index 89a5d5d48c..263bf17efb 100644
--- a/apps/backend/agents/session.py
+++ b/apps/backend/agents/session.py
@@ -40,7 +40,7 @@
get_commit_count,
get_latest_commit,
load_implementation_plan,
- sync_plan_to_source,
+ sync_spec_to_source,
)
logger = logging.getLogger(__name__)
@@ -82,7 +82,7 @@ async def post_session_processing(
print(muted("--- Post-Session Processing ---"))
# Sync implementation plan back to source (for worktree mode)
- if sync_plan_to_source(spec_dir, source_spec_dir):
+ if sync_spec_to_source(spec_dir, source_spec_dir):
print_status("Implementation plan synced to main project", "success")
# Check if implementation plan was updated
@@ -445,8 +445,9 @@ async def run_agent_session(
result_content = getattr(block, "content", "")
is_error = getattr(block, "is_error", False)
- # Check if command was blocked by security hook
- if "blocked" in str(result_content).lower():
+ # Check if this is an error (not just content containing "blocked")
+ if is_error and "blocked" in str(result_content).lower():
+ # Actual blocked command by security hook
debug_error(
"session",
f"Tool BLOCKED: {current_tool}",
diff --git a/apps/backend/agents/tools_pkg/tools/memory.py b/apps/backend/agents/tools_pkg/tools/memory.py
index ac361ab78c..b5367663e9 100644
--- a/apps/backend/agents/tools_pkg/tools/memory.py
+++ b/apps/backend/agents/tools_pkg/tools/memory.py
@@ -4,9 +4,16 @@
Tools for recording and retrieving session memory, including discoveries,
gotchas, and patterns.
+
+Dual-storage approach:
+- File-based: Always available, works offline, spec-specific
+- LadybugDB: When Graphiti is enabled, also saves to graph database for
+ cross-session retrieval and Memory UI display
"""
+import asyncio
import json
+import logging
from datetime import datetime, timezone
from pathlib import Path
from typing import Any
@@ -19,6 +26,108 @@
SDK_TOOLS_AVAILABLE = False
tool = None
+logger = logging.getLogger(__name__)
+
+
+async def _save_to_graphiti_async(
+ spec_dir: Path,
+ project_dir: Path,
+ save_type: str,
+ data: dict,
+) -> bool:
+ """
+ Save data to Graphiti/LadybugDB (async implementation).
+
+ Args:
+ spec_dir: Spec directory for GraphitiMemory initialization
+ project_dir: Project root directory
+ save_type: Type of save - 'discovery', 'gotcha', or 'pattern'
+ data: Data to save
+
+ Returns:
+ True if save succeeded, False otherwise
+ """
+ try:
+ # Check if Graphiti is enabled
+ from graphiti_config import is_graphiti_enabled
+
+ if not is_graphiti_enabled():
+ return False
+
+ from integrations.graphiti.queries_pkg.graphiti import GraphitiMemory
+
+ memory = GraphitiMemory(spec_dir, project_dir)
+ try:
+ if save_type == "discovery":
+ # Save as codebase discovery
+ # Format: {file_path: description}
+ result = await memory.save_codebase_discoveries(
+ {data["file_path"]: data["description"]}
+ )
+ elif save_type == "gotcha":
+ # Save as gotcha
+ gotcha_text = data["gotcha"]
+ if data.get("context"):
+ gotcha_text += f" (Context: {data['context']})"
+ result = await memory.save_gotcha(gotcha_text)
+ elif save_type == "pattern":
+ # Save as pattern
+ result = await memory.save_pattern(data["pattern"])
+ else:
+ result = False
+ return result
+ finally:
+ await memory.close()
+
+ except ImportError as e:
+ logger.debug(f"Graphiti not available for memory tools: {e}")
+ return False
+ except Exception as e:
+ logger.warning(f"Failed to save to Graphiti: {e}")
+ return False
+
+
+def _save_to_graphiti_sync(
+ spec_dir: Path,
+ project_dir: Path,
+ save_type: str,
+ data: dict,
+) -> bool:
+ """
+ Save data to Graphiti/LadybugDB (synchronous wrapper for sync contexts only).
+
+ NOTE: This should only be called from synchronous code. For async callers,
+ use _save_to_graphiti_async() directly to ensure proper resource cleanup.
+
+ Args:
+ spec_dir: Spec directory for GraphitiMemory initialization
+ project_dir: Project root directory
+ save_type: Type of save - 'discovery', 'gotcha', or 'pattern'
+ data: Data to save
+
+ Returns:
+ True if save succeeded, False otherwise
+ """
+ try:
+ # Check if we're already in an async context
+ try:
+ asyncio.get_running_loop()
+ # We're in an async context - caller should use _save_to_graphiti_async
+ # Log a warning and return False to avoid the resource leak bug
+ logger.warning(
+ "_save_to_graphiti_sync called from async context. "
+ "Use _save_to_graphiti_async instead for proper cleanup."
+ )
+ return False
+ except RuntimeError:
+ # No running loop - safe to create one
+ return asyncio.run(
+ _save_to_graphiti_async(spec_dir, project_dir, save_type, data)
+ )
+ except Exception as e:
+ logger.warning(f"Failed to save to Graphiti: {e}")
+ return False
+
def create_memory_tools(spec_dir: Path, project_dir: Path) -> list:
"""
@@ -45,7 +154,7 @@ def create_memory_tools(spec_dir: Path, project_dir: Path) -> list:
{"file_path": str, "description": str, "category": str},
)
async def record_discovery(args: dict[str, Any]) -> dict[str, Any]:
- """Record a discovery to the codebase map."""
+ """Record a discovery to the codebase map (file + Graphiti)."""
file_path = args["file_path"]
description = args["description"]
category = args.get("category", "general")
@@ -54,8 +163,10 @@ async def record_discovery(args: dict[str, Any]) -> dict[str, Any]:
memory_dir.mkdir(exist_ok=True)
codebase_map_file = memory_dir / "codebase_map.json"
+ saved_to_graphiti = False
try:
+ # PRIMARY: Save to file-based storage (always works)
# Load existing map or create new
if codebase_map_file.exists():
with open(codebase_map_file) as f:
@@ -77,11 +188,23 @@ async def record_discovery(args: dict[str, Any]) -> dict[str, Any]:
with open(codebase_map_file, "w") as f:
json.dump(codebase_map, f, indent=2)
+ # SECONDARY: Also save to Graphiti/LadybugDB (for Memory UI)
+ saved_to_graphiti = await _save_to_graphiti_async(
+ spec_dir,
+ project_dir,
+ "discovery",
+ {
+ "file_path": file_path,
+ "description": f"[{category}] {description}",
+ },
+ )
+
+ storage_note = " (also saved to memory graph)" if saved_to_graphiti else ""
return {
"content": [
{
"type": "text",
- "text": f"Recorded discovery for '{file_path}': {description}",
+ "text": f"Recorded discovery for '{file_path}': {description}{storage_note}",
}
]
}
@@ -102,7 +225,7 @@ async def record_discovery(args: dict[str, Any]) -> dict[str, Any]:
{"gotcha": str, "context": str},
)
async def record_gotcha(args: dict[str, Any]) -> dict[str, Any]:
- """Record a gotcha to session memory."""
+ """Record a gotcha to session memory (file + Graphiti)."""
gotcha = args["gotcha"]
context = args.get("context", "")
@@ -110,8 +233,10 @@ async def record_gotcha(args: dict[str, Any]) -> dict[str, Any]:
memory_dir.mkdir(exist_ok=True)
gotchas_file = memory_dir / "gotchas.md"
+ saved_to_graphiti = False
try:
+ # PRIMARY: Save to file-based storage (always works)
timestamp = datetime.now(timezone.utc).strftime("%Y-%m-%d %H:%M")
entry = f"\n## [{timestamp}]\n{gotcha}"
@@ -126,7 +251,20 @@ async def record_gotcha(args: dict[str, Any]) -> dict[str, Any]:
)
f.write(entry)
- return {"content": [{"type": "text", "text": f"Recorded gotcha: {gotcha}"}]}
+ # SECONDARY: Also save to Graphiti/LadybugDB (for Memory UI)
+ saved_to_graphiti = await _save_to_graphiti_async(
+ spec_dir,
+ project_dir,
+ "gotcha",
+ {"gotcha": gotcha, "context": context},
+ )
+
+ storage_note = " (also saved to memory graph)" if saved_to_graphiti else ""
+ return {
+ "content": [
+ {"type": "text", "text": f"Recorded gotcha: {gotcha}{storage_note}"}
+ ]
+ }
except Exception as e:
return {
diff --git a/apps/backend/agents/utils.py b/apps/backend/agents/utils.py
index 8ce33c9224..614cdb795a 100644
--- a/apps/backend/agents/utils.py
+++ b/apps/backend/agents/utils.py
@@ -8,40 +8,38 @@
import json
import logging
import shutil
-import subprocess
from pathlib import Path
+from core.git_executable import run_git
+
logger = logging.getLogger(__name__)
def get_latest_commit(project_dir: Path) -> str | None:
"""Get the hash of the latest git commit."""
- try:
- result = subprocess.run(
- ["git", "rev-parse", "HEAD"],
- cwd=project_dir,
- capture_output=True,
- text=True,
- check=True,
- )
+ result = run_git(
+ ["rev-parse", "HEAD"],
+ cwd=project_dir,
+ timeout=10,
+ )
+ if result.returncode == 0:
return result.stdout.strip()
- except subprocess.CalledProcessError:
- return None
+ return None
def get_commit_count(project_dir: Path) -> int:
"""Get the total number of commits."""
- try:
- result = subprocess.run(
- ["git", "rev-list", "--count", "HEAD"],
- cwd=project_dir,
- capture_output=True,
- text=True,
- check=True,
- )
- return int(result.stdout.strip())
- except (subprocess.CalledProcessError, ValueError):
- return 0
+ result = run_git(
+ ["rev-list", "--count", "HEAD"],
+ cwd=project_dir,
+ timeout=10,
+ )
+ if result.returncode == 0:
+ try:
+ return int(result.stdout.strip())
+ except ValueError:
+ return 0
+ return 0
def load_implementation_plan(spec_dir: Path) -> dict | None:
@@ -74,16 +72,32 @@ def find_phase_for_subtask(plan: dict, subtask_id: str) -> dict | None:
return None
-def sync_plan_to_source(spec_dir: Path, source_spec_dir: Path | None) -> bool:
+def sync_spec_to_source(spec_dir: Path, source_spec_dir: Path | None) -> bool:
"""
- Sync implementation_plan.json from worktree back to source spec directory.
-
- When running in isolated mode (worktrees), the agent updates the implementation
- plan inside the worktree. This function syncs those changes back to the main
- project's spec directory so the frontend/UI can see the progress.
+ Sync ALL spec files from worktree back to source spec directory.
+
+ When running in isolated mode (worktrees), the agent creates and updates
+ many files inside the worktree's spec directory. This function syncs ALL
+ of them back to the main project's spec directory.
+
+ IMPORTANT: Since .auto-claude/ is gitignored, this sync happens to the
+ local filesystem regardless of what branch the user is on. The worktree
+ may be on a different branch (e.g., auto-claude/093-task), but the sync
+ target is always the main project's .auto-claude/specs/ directory.
+
+ Files synced (all files in spec directory):
+ - implementation_plan.json - Task status and subtask completion
+ - build-progress.txt - Session-by-session progress notes
+ - task_logs.json - Execution logs
+ - review_state.json - QA review state
+ - critique_report.json - Spec critique findings
+ - suggested_commit_message.txt - Commit suggestions
+ - REGRESSION_TEST_REPORT.md - Test regression report
+ - spec.md, context.json, etc. - Original spec files (for completeness)
+ - memory/ directory - Codebase map, patterns, gotchas, session insights
Args:
- spec_dir: Current spec directory (may be inside worktree)
+ spec_dir: Current spec directory (inside worktree)
source_spec_dir: Original spec directory in main project (outside worktree)
Returns:
@@ -100,17 +114,68 @@ def sync_plan_to_source(spec_dir: Path, source_spec_dir: Path | None) -> bool:
if spec_dir_resolved == source_spec_dir_resolved:
return False # Same directory, no sync needed
- # Sync the implementation plan
- plan_file = spec_dir / "implementation_plan.json"
- if not plan_file.exists():
- return False
+ synced_any = False
- source_plan_file = source_spec_dir / "implementation_plan.json"
+ # Ensure source directory exists
+ source_spec_dir.mkdir(parents=True, exist_ok=True)
try:
- shutil.copy2(plan_file, source_plan_file)
- logger.debug(f"Synced implementation plan to source: {source_plan_file}")
- return True
+ # Sync all files and directories from worktree spec to source spec
+ for item in spec_dir.iterdir():
+ # Skip symlinks to prevent path traversal attacks
+ if item.is_symlink():
+ logger.warning(f"Skipping symlink during sync: {item.name}")
+ continue
+
+ source_item = source_spec_dir / item.name
+
+ if item.is_file():
+ # Copy file (preserves timestamps)
+ shutil.copy2(item, source_item)
+ logger.debug(f"Synced {item.name} to source")
+ synced_any = True
+
+ elif item.is_dir():
+ # Recursively sync directory
+ _sync_directory(item, source_item)
+ synced_any = True
+
except Exception as e:
- logger.warning(f"Failed to sync implementation plan to source: {e}")
- return False
+ logger.warning(f"Failed to sync spec directory to source: {e}")
+
+ return synced_any
+
+
+def _sync_directory(source_dir: Path, target_dir: Path) -> None:
+ """
+ Recursively sync a directory from source to target.
+
+ Args:
+ source_dir: Source directory (in worktree)
+ target_dir: Target directory (in main project)
+ """
+ # Create target directory if needed
+ target_dir.mkdir(parents=True, exist_ok=True)
+
+ for item in source_dir.iterdir():
+ # Skip symlinks to prevent path traversal attacks
+ if item.is_symlink():
+ logger.warning(
+ f"Skipping symlink during sync: {source_dir.name}/{item.name}"
+ )
+ continue
+
+ target_item = target_dir / item.name
+
+ if item.is_file():
+ shutil.copy2(item, target_item)
+ logger.debug(f"Synced {source_dir.name}/{item.name} to source")
+ elif item.is_dir():
+ # Recurse into subdirectories
+ _sync_directory(item, target_item)
+
+
+# Keep the old name as an alias for backward compatibility
+def sync_plan_to_source(spec_dir: Path, source_spec_dir: Path | None) -> bool:
+ """Alias for sync_spec_to_source for backward compatibility."""
+ return sync_spec_to_source(spec_dir, source_spec_dir)
diff --git a/apps/backend/analysis/insight_extractor.py b/apps/backend/analysis/insight_extractor.py
index 75974d6b59..7b461afbae 100644
--- a/apps/backend/analysis/insight_extractor.py
+++ b/apps/backend/analysis/insight_extractor.py
@@ -387,12 +387,40 @@ async def run_insight_extraction(
# Collect the response
response_text = ""
+ message_count = 0
+ text_blocks_found = 0
+
async for msg in client.receive_response():
msg_type = type(msg).__name__
+ message_count += 1
+
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
- response_text += block.text
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
+ text_blocks_found += 1
+ if block.text: # Only add non-empty text
+ response_text += block.text
+ else:
+ logger.debug(
+ f"Found empty TextBlock in response (block #{text_blocks_found})"
+ )
+
+ # Log response collection summary
+ logger.debug(
+ f"Insight extraction response: {message_count} messages, "
+ f"{text_blocks_found} text blocks, {len(response_text)} chars collected"
+ )
+
+ # Validate we received content before parsing
+ if not response_text.strip():
+ logger.warning(
+ f"Insight extraction returned empty response. "
+ f"Messages received: {message_count}, TextBlocks found: {text_blocks_found}. "
+ f"This may indicate the AI model did not respond with text content."
+ )
+ return None
# Parse JSON from response
return parse_insights(response_text)
@@ -415,6 +443,11 @@ def parse_insights(response_text: str) -> dict | None:
# Try to extract JSON from the response
text = response_text.strip()
+ # Early validation - check for empty response
+ if not text:
+ logger.warning("Cannot parse insights: response text is empty")
+ return None
+
# Handle markdown code blocks
if text.startswith("```"):
# Remove code block markers
@@ -422,17 +455,26 @@ def parse_insights(response_text: str) -> dict | None:
# Remove first line (```json or ```)
if lines[0].startswith("```"):
lines = lines[1:]
- # Remove last line if it's ``
+ # Remove last line if it's ```
if lines and lines[-1].strip() == "```":
lines = lines[:-1]
- text = "\n".join(lines)
+ text = "\n".join(lines).strip()
+
+ # Check again after removing code blocks
+ if not text:
+ logger.warning(
+ "Cannot parse insights: response contained only markdown code block markers with no content"
+ )
+ return None
try:
insights = json.loads(text)
# Validate structure
if not isinstance(insights, dict):
- logger.warning("Insights is not a dict")
+ logger.warning(
+ f"Insights is not a dict, got type: {type(insights).__name__}"
+ )
return None
# Ensure required keys exist with defaults
@@ -446,7 +488,13 @@ def parse_insights(response_text: str) -> dict | None:
except json.JSONDecodeError as e:
logger.warning(f"Failed to parse insights JSON: {e}")
- logger.debug(f"Response text was: {text[:500]}")
+ # Show more context in the error message
+ preview_length = min(500, len(text))
+ logger.warning(
+ f"Response text preview (first {preview_length} chars): {text[:preview_length]}"
+ )
+ if len(text) > preview_length:
+ logger.warning(f"... (total length: {len(text)} chars)")
return None
diff --git a/apps/backend/cli/batch_commands.py b/apps/backend/cli/batch_commands.py
index 28a82ea90a..959df5eeac 100644
--- a/apps/backend/cli/batch_commands.py
+++ b/apps/backend/cli/batch_commands.py
@@ -6,6 +6,8 @@
"""
import json
+import shutil
+import subprocess
from pathlib import Path
from ui import highlight, print_status
@@ -184,7 +186,7 @@ def handle_batch_cleanup_command(project_dir: str, dry_run: bool = True) -> bool
True if successful
"""
specs_dir = Path(project_dir) / ".auto-claude" / "specs"
- worktrees_dir = Path(project_dir) / ".worktrees"
+ worktrees_dir = Path(project_dir) / ".auto-claude" / "worktrees" / "tasks"
if not specs_dir.exists():
print_status("No specs directory found", "info")
@@ -209,8 +211,56 @@ def handle_batch_cleanup_command(project_dir: str, dry_run: bool = True) -> bool
print(f" - {spec_name}")
wt_path = worktrees_dir / spec_name
if wt_path.exists():
- print(f" └─ .worktrees/{spec_name}/")
+ print(f" └─ .auto-claude/worktrees/tasks/{spec_name}/")
print()
print("Run with --no-dry-run to actually delete")
+ else:
+ # Actually delete specs and worktrees
+ deleted_count = 0
+ for spec_name in completed:
+ spec_path = specs_dir / spec_name
+ wt_path = worktrees_dir / spec_name
+
+ # Remove worktree first (if exists)
+ if wt_path.exists():
+ try:
+ result = subprocess.run(
+ ["git", "worktree", "remove", "--force", str(wt_path)],
+ cwd=project_dir,
+ capture_output=True,
+ text=True,
+ timeout=30,
+ )
+ if result.returncode == 0:
+ print_status(f"Removed worktree: {spec_name}", "success")
+ else:
+ # Fallback: remove directory manually if git fails
+ shutil.rmtree(wt_path, ignore_errors=True)
+ print_status(
+ f"Removed worktree directory: {spec_name}", "success"
+ )
+ except subprocess.TimeoutExpired:
+ # Timeout: fall back to manual removal
+ shutil.rmtree(wt_path, ignore_errors=True)
+ print_status(
+ f"Worktree removal timed out, removed directory: {spec_name}",
+ "warning",
+ )
+ except Exception as e:
+ print_status(
+ f"Failed to remove worktree {spec_name}: {e}", "warning"
+ )
+
+ # Remove spec directory
+ if spec_path.exists():
+ try:
+ shutil.rmtree(spec_path)
+ print_status(f"Removed spec: {spec_name}", "success")
+ deleted_count += 1
+ except Exception as e:
+ print_status(f"Failed to remove spec {spec_name}: {e}", "error")
+
+ print()
+ print_status(f"Cleaned up {deleted_count} spec(s)", "info")
return True
diff --git a/apps/backend/cli/build_commands.py b/apps/backend/cli/build_commands.py
index 19dc17ca6b..ad5766ac54 100644
--- a/apps/backend/cli/build_commands.py
+++ b/apps/backend/cli/build_commands.py
@@ -79,7 +79,7 @@ def handle_build_command(
base_branch: Base branch for worktree creation (default: current branch)
"""
# Lazy imports to avoid loading heavy modules
- from agent import run_autonomous_agent, sync_plan_to_source
+ from agent import run_autonomous_agent, sync_spec_to_source
from debug import (
debug,
debug_info,
@@ -274,7 +274,7 @@ def handle_build_command(
# Sync implementation plan to main project after QA
# This ensures the main project has the latest status (human_review)
- if sync_plan_to_source(spec_dir, source_spec_dir):
+ if sync_spec_to_source(spec_dir, source_spec_dir):
debug_info(
"run.py", "Implementation plan synced to main project after QA"
)
diff --git a/apps/backend/cli/main.py b/apps/backend/cli/main.py
index 9b910b5311..cfb6a6a414 100644
--- a/apps/backend/cli/main.py
+++ b/apps/backend/cli/main.py
@@ -38,6 +38,7 @@
)
from .workspace_commands import (
handle_cleanup_worktrees_command,
+ handle_create_pr_command,
handle_discard_command,
handle_list_worktrees_command,
handle_merge_command,
@@ -153,6 +154,30 @@ def parse_args() -> argparse.Namespace:
action="store_true",
help="Discard an existing build (requires confirmation)",
)
+ build_group.add_argument(
+ "--create-pr",
+ action="store_true",
+ help="Push branch and create a GitHub Pull Request",
+ )
+
+ # PR options
+ parser.add_argument(
+ "--pr-target",
+ type=str,
+ metavar="BRANCH",
+ help="With --create-pr: target branch for PR (default: auto-detect)",
+ )
+ parser.add_argument(
+ "--pr-title",
+ type=str,
+ metavar="TITLE",
+ help="With --create-pr: custom PR title (default: generated from spec name)",
+ )
+ parser.add_argument(
+ "--pr-draft",
+ action="store_true",
+ help="With --create-pr: create as draft PR",
+ )
# Merge options
parser.add_argument(
@@ -365,6 +390,21 @@ def main() -> None:
handle_discard_command(project_dir, spec_dir.name)
return
+ if args.create_pr:
+ # Pass args.pr_target directly - WorktreeManager._detect_base_branch
+ # handles base branch detection internally when target_branch is None
+ result = handle_create_pr_command(
+ project_dir=project_dir,
+ spec_name=spec_dir.name,
+ target_branch=args.pr_target,
+ title=args.pr_title,
+ draft=args.pr_draft,
+ )
+ # JSON output is already printed by handle_create_pr_command
+ if not result.get("success"):
+ sys.exit(1)
+ return
+
# Handle QA commands
if args.qa_status:
handle_qa_status_command(spec_dir)
diff --git a/apps/backend/cli/utils.py b/apps/backend/cli/utils.py
index f18954654a..0e2a7b427a 100644
--- a/apps/backend/cli/utils.py
+++ b/apps/backend/cli/utils.py
@@ -15,7 +15,47 @@
sys.path.insert(0, str(_PARENT_DIR))
from core.auth import get_auth_token, get_auth_token_source
-from dotenv import load_dotenv
+from core.dependency_validator import validate_platform_dependencies
+
+
+def import_dotenv():
+ """
+ Import and return load_dotenv with helpful error message if not installed.
+
+ This centralized function ensures consistent error messaging across all
+ runner scripts when python-dotenv is not available.
+
+ Returns:
+ The load_dotenv function
+
+ Raises:
+ SystemExit: If dotenv cannot be imported, with helpful installation instructions.
+ """
+ try:
+ from dotenv import load_dotenv as _load_dotenv
+
+ return _load_dotenv
+ except ImportError:
+ sys.exit(
+ "Error: Required Python package 'python-dotenv' is not installed.\n"
+ "\n"
+ "This usually means you're not using the virtual environment.\n"
+ "\n"
+ "To fix this:\n"
+ "1. From the 'apps/backend/' directory, activate the venv:\n"
+ " source .venv/bin/activate # Linux/macOS\n"
+ " .venv\\Scripts\\activate # Windows\n"
+ "\n"
+ "2. Or install dependencies directly:\n"
+ " pip install python-dotenv\n"
+ " pip install -r requirements.txt\n"
+ "\n"
+ f"Current Python: {sys.executable}\n"
+ )
+
+
+# Load .env with helpful error if dependencies not installed
+load_dotenv = import_dotenv()
from graphiti_config import get_graphiti_status
from linear_integration import LinearManager
from linear_updater import is_linear_enabled
@@ -28,8 +68,8 @@
muted,
)
-# Configuration
-DEFAULT_MODEL = "claude-opus-4-5-20251101"
+# Configuration - uses shorthand that resolves via API Profile if configured
+DEFAULT_MODEL = "sonnet" # Changed from "opus" (fix #433)
def setup_environment() -> Path:
@@ -82,7 +122,7 @@ def find_spec(project_dir: Path, spec_identifier: str) -> Path | None:
return spec_folder
# Check worktree specs (for merge-preview, merge, review, discard operations)
- worktree_base = project_dir / ".worktrees"
+ worktree_base = project_dir / ".auto-claude" / "worktrees" / "tasks"
if worktree_base.exists():
# Try exact match in worktree
worktree_spec = (
@@ -115,6 +155,9 @@ def validate_environment(spec_dir: Path) -> bool:
Returns:
True if valid, False otherwise (with error messages printed)
"""
+ # Validate platform-specific dependencies first (exits if missing)
+ validate_platform_dependencies()
+
valid = True
# Check for OAuth token (API keys are not supported)
diff --git a/apps/backend/cli/workspace_commands.py b/apps/backend/cli/workspace_commands.py
index 5e3d68a5aa..85f9f7327d 100644
--- a/apps/backend/cli/workspace_commands.py
+++ b/apps/backend/cli/workspace_commands.py
@@ -5,6 +5,7 @@
CLI commands for workspace management (merge, review, discard, list, cleanup)
"""
+import json
import subprocess
import sys
from pathlib import Path
@@ -22,6 +23,8 @@
get_merge_base,
is_lock_file,
)
+from core.worktree import PushAndCreatePRResult as CreatePRResult
+from core.worktree import WorktreeManager
from debug import debug_warning
from ui import (
Icons,
@@ -30,6 +33,7 @@
from workspace import (
cleanup_all_worktrees,
discard_existing_build,
+ get_existing_build_worktree,
list_all_worktrees,
merge_existing_build,
review_existing_build,
@@ -67,6 +71,7 @@ def _detect_default_branch(project_dir: Path) -> str:
cwd=project_dir,
capture_output=True,
text=True,
+ timeout=5,
)
if result.returncode == 0:
return env_branch
@@ -78,6 +83,7 @@ def _detect_default_branch(project_dir: Path) -> str:
cwd=project_dir,
capture_output=True,
text=True,
+ timeout=5,
)
if result.returncode == 0:
return branch
@@ -90,18 +96,32 @@ def _get_changed_files_from_git(
worktree_path: Path, base_branch: str = "main"
) -> list[str]:
"""
- Get list of changed files from git diff between base branch and HEAD.
+ Get list of files changed by the task (not files changed on base branch).
+
+ Uses merge-base to accurately identify only the files modified in the worktree,
+ not files that changed on the base branch since the worktree was created.
Args:
worktree_path: Path to the worktree
base_branch: Base branch to compare against (default: main)
Returns:
- List of changed file paths
+ List of changed file paths (task changes only)
"""
try:
+ # First, get the merge-base (the point where the worktree branched)
+ merge_base_result = subprocess.run(
+ ["git", "merge-base", base_branch, "HEAD"],
+ cwd=worktree_path,
+ capture_output=True,
+ text=True,
+ check=True,
+ )
+ merge_base = merge_base_result.stdout.strip()
+
+ # Use two-dot diff from merge-base to get only task's changes
result = subprocess.run(
- ["git", "diff", "--name-only", f"{base_branch}...HEAD"],
+ ["git", "diff", "--name-only", f"{merge_base}..HEAD"],
cwd=worktree_path,
capture_output=True,
text=True,
@@ -113,10 +133,10 @@ def _get_changed_files_from_git(
# Log the failure before trying fallback
debug_warning(
"workspace_commands",
- f"git diff (three-dot) failed: returncode={e.returncode}, "
+ f"git diff with merge-base failed: returncode={e.returncode}, "
f"stderr={e.stderr.strip() if e.stderr else 'N/A'}",
)
- # Fallback: try without the three-dot notation
+ # Fallback: try direct two-arg diff (less accurate but works)
try:
result = subprocess.run(
["git", "diff", "--name-only", base_branch, "HEAD"],
@@ -131,12 +151,176 @@ def _get_changed_files_from_git(
# Log the failure before returning empty list
debug_warning(
"workspace_commands",
- f"git diff (two-arg) failed: returncode={e.returncode}, "
+ f"git diff (fallback) failed: returncode={e.returncode}, "
f"stderr={e.stderr.strip() if e.stderr else 'N/A'}",
)
return []
+def _detect_worktree_base_branch(
+ project_dir: Path,
+ worktree_path: Path,
+ spec_name: str,
+) -> str | None:
+ """
+ Detect which branch a worktree was created from.
+
+ Tries multiple strategies:
+ 1. Check worktree config file (.auto-claude/worktree-config.json)
+ 2. Find merge-base with known branches (develop, main, master)
+ 3. Return None if unable to detect
+
+ Args:
+ project_dir: Project root directory
+ worktree_path: Path to the worktree
+ spec_name: Name of the spec
+
+ Returns:
+ The detected base branch name, or None if unable to detect
+ """
+ # Strategy 1: Check for worktree config file
+ config_path = worktree_path / ".auto-claude" / "worktree-config.json"
+ if config_path.exists():
+ try:
+ config = json.loads(config_path.read_text())
+ if config.get("base_branch"):
+ debug(
+ MODULE,
+ f"Found base branch in worktree config: {config['base_branch']}",
+ )
+ return config["base_branch"]
+ except Exception as e:
+ debug_warning(MODULE, f"Failed to read worktree config: {e}")
+
+ # Strategy 2: Find which branch has the closest merge-base
+ # Check common branches: develop, main, master
+ spec_branch = f"auto-claude/{spec_name}"
+ candidate_branches = ["develop", "main", "master"]
+
+ best_branch = None
+ best_commits_behind = float("inf")
+
+ for branch in candidate_branches:
+ try:
+ # Check if branch exists
+ check = subprocess.run(
+ ["git", "rev-parse", "--verify", branch],
+ cwd=project_dir,
+ capture_output=True,
+ text=True,
+ )
+ if check.returncode != 0:
+ continue
+
+ # Get merge base
+ merge_base_result = subprocess.run(
+ ["git", "merge-base", branch, spec_branch],
+ cwd=project_dir,
+ capture_output=True,
+ text=True,
+ )
+ if merge_base_result.returncode != 0:
+ continue
+
+ merge_base = merge_base_result.stdout.strip()
+
+ # Count commits between merge-base and branch tip
+ # The branch with fewer commits ahead is likely the one we branched from
+ ahead_result = subprocess.run(
+ ["git", "rev-list", "--count", f"{merge_base}..{branch}"],
+ cwd=project_dir,
+ capture_output=True,
+ text=True,
+ )
+ if ahead_result.returncode == 0:
+ commits_ahead = int(ahead_result.stdout.strip())
+ debug(
+ MODULE,
+ f"Branch {branch} is {commits_ahead} commits ahead of merge-base",
+ )
+ if commits_ahead < best_commits_behind:
+ best_commits_behind = commits_ahead
+ best_branch = branch
+ except Exception as e:
+ debug_warning(MODULE, f"Error checking branch {branch}: {e}")
+ continue
+
+ if best_branch:
+ debug(
+ MODULE,
+ f"Detected base branch from git history: {best_branch} (commits ahead: {best_commits_behind})",
+ )
+ return best_branch
+
+ return None
+
+
+def _detect_parallel_task_conflicts(
+ project_dir: Path,
+ current_task_id: str,
+ current_task_files: list[str],
+) -> list[dict]:
+ """
+ Detect potential conflicts between this task and other active tasks.
+
+ Uses existing evolution data to check if any of this task's files
+ have been modified by other active tasks. This is a lightweight check
+ that doesn't require re-processing all files.
+
+ Args:
+ project_dir: Project root directory
+ current_task_id: ID of the current task
+ current_task_files: Files modified by this task (from git diff)
+
+ Returns:
+ List of conflict dictionaries with 'file' and 'tasks' keys
+ """
+ try:
+ from merge import MergeOrchestrator
+
+ # Initialize orchestrator just to access evolution data
+ orchestrator = MergeOrchestrator(
+ project_dir,
+ enable_ai=False,
+ dry_run=True,
+ )
+
+ # Get all active tasks from evolution data
+ active_tasks = orchestrator.evolution_tracker.get_active_tasks()
+
+ # Remove current task from active tasks
+ other_active_tasks = active_tasks - {current_task_id}
+
+ if not other_active_tasks:
+ return []
+
+ # Convert current task files to a set for fast lookup
+ current_files_set = set(current_task_files)
+
+ # Get files modified by other active tasks
+ conflicts = []
+ other_task_files = orchestrator.evolution_tracker.get_files_modified_by_tasks(
+ list(other_active_tasks)
+ )
+
+ # Find intersection - files modified by both this task and other tasks
+ for file_path, tasks in other_task_files.items():
+ if file_path in current_files_set:
+ # This file was modified by both current task and other task(s)
+ all_tasks = [current_task_id] + tasks
+ conflicts.append({"file": file_path, "tasks": all_tasks})
+
+ return conflicts
+
+ except Exception as e:
+ # If anything fails, just return empty - parallel task detection is optional
+ debug_warning(
+ "workspace_commands",
+ f"Parallel task conflict detection failed: {e}",
+ )
+ return []
+
+
# Import debug utilities
try:
from debug import (
@@ -352,7 +536,9 @@ def handle_cleanup_worktrees_command(project_dir: Path) -> None:
cleanup_all_worktrees(project_dir, confirm=True)
-def _check_git_merge_conflicts(project_dir: Path, spec_name: str) -> dict:
+def _check_git_merge_conflicts(
+ project_dir: Path, spec_name: str, base_branch: str | None = None
+) -> dict:
"""
Check for git-level merge conflicts WITHOUT modifying the working directory.
@@ -362,6 +548,7 @@ def _check_git_merge_conflicts(project_dir: Path, spec_name: str) -> dict:
Args:
project_dir: Project root directory
spec_name: Name of the spec
+ base_branch: Branch the task was created from (default: auto-detect)
Returns:
Dictionary with git conflict information:
@@ -380,21 +567,25 @@ def _check_git_merge_conflicts(project_dir: Path, spec_name: str) -> dict:
"has_conflicts": False,
"conflicting_files": [],
"needs_rebase": False,
- "base_branch": "main",
+ "base_branch": base_branch or "main",
"spec_branch": spec_branch,
"commits_behind": 0,
}
try:
- # Get the current branch (base branch)
- base_result = subprocess.run(
- ["git", "rev-parse", "--abbrev-ref", "HEAD"],
- cwd=project_dir,
- capture_output=True,
- text=True,
- )
- if base_result.returncode == 0:
- result["base_branch"] = base_result.stdout.strip()
+ # Use provided base_branch, or detect from current HEAD
+ if not base_branch:
+ base_result = subprocess.run(
+ ["git", "rev-parse", "--abbrev-ref", "HEAD"],
+ cwd=project_dir,
+ capture_output=True,
+ text=True,
+ )
+ if base_result.returncode == 0:
+ result["base_branch"] = base_result.stdout.strip()
+ else:
+ result["base_branch"] = base_branch
+ debug(MODULE, f"Using provided base branch: {base_branch}")
# Get the merge base commit
merge_base_result = subprocess.run(
@@ -553,7 +744,6 @@ def handle_merge_preview_command(
spec_name=spec_name,
)
- from merge import MergeOrchestrator
from workspace import get_existing_build_worktree
worktree_path = get_existing_build_worktree(project_dir, spec_name)
@@ -580,16 +770,32 @@ def handle_merge_preview_command(
}
try:
- # First, check for git-level conflicts (diverged branches)
- git_conflicts = _check_git_merge_conflicts(project_dir, spec_name)
-
# Determine the task's source branch (where the task was created from)
- # Use provided base_branch (from task metadata), or fall back to detected default
+ # Priority:
+ # 1. Provided base_branch (from task metadata)
+ # 2. Detect from worktree's git history (find which branch it diverged from)
+ # 3. Fall back to default branch detection (main/master)
task_source_branch = base_branch
if not task_source_branch:
- # Auto-detect the default branch (main/master) that worktrees are typically created from
+ # Try to detect from worktree's git history
+ task_source_branch = _detect_worktree_base_branch(
+ project_dir, worktree_path, spec_name
+ )
+ if not task_source_branch:
+ # Fall back to auto-detecting main/master
task_source_branch = _detect_default_branch(project_dir)
+ debug(
+ MODULE,
+ f"Using task source branch: {task_source_branch}",
+ provided=base_branch is not None,
+ )
+
+ # Check for git-level conflicts (diverged branches) using the task's source branch
+ git_conflicts = _check_git_merge_conflicts(
+ project_dir, spec_name, base_branch=task_source_branch
+ )
+
# Get actual changed files from git diff (this is the authoritative count)
all_changed_files = _get_changed_files_from_git(
worktree_path, task_source_branch
@@ -600,49 +806,39 @@ def handle_merge_preview_command(
changed_files=all_changed_files[:10], # Log first 10
)
- debug(MODULE, "Initializing MergeOrchestrator for preview...")
+ # OPTIMIZATION: Skip expensive refresh_from_git() and preview_merge() calls
+ # For merge-preview, we only need to detect:
+ # 1. Git conflicts (task vs base branch) - already calculated in _check_git_merge_conflicts()
+ # 2. Parallel task conflicts (this task vs other active tasks)
+ #
+ # For parallel task detection, we just check if this task's files overlap
+ # with files OTHER tasks have already recorded - no need to re-process all files.
- # Initialize the orchestrator
- orchestrator = MergeOrchestrator(
- project_dir,
- enable_ai=False, # Don't use AI for preview
- dry_run=True, # Don't write anything
- )
+ debug(MODULE, "Checking for parallel task conflicts (lightweight)...")
- # Refresh evolution data from the worktree
- # Compare against the task's source branch (where the task was created from)
+ # Check for parallel task conflicts by looking at existing evolution data
+ parallel_conflicts = _detect_parallel_task_conflicts(
+ project_dir, spec_name, all_changed_files
+ )
debug(
MODULE,
- f"Refreshing evolution data from worktree: {worktree_path}",
- task_source_branch=task_source_branch,
+ f"Parallel task conflicts detected: {len(parallel_conflicts)}",
+ conflicts=parallel_conflicts[:5] if parallel_conflicts else [],
)
- orchestrator.evolution_tracker.refresh_from_git(
- spec_name, worktree_path, target_branch=task_source_branch
- )
-
- # Get merge preview (semantic conflicts between parallel tasks)
- debug(MODULE, "Generating merge preview...")
- preview = orchestrator.preview_merge([spec_name])
- # Transform semantic conflicts to UI-friendly format
+ # Build conflict list - start with parallel task conflicts
conflicts = []
- for c in preview.get("conflicts", []):
- debug_verbose(
- MODULE,
- "Processing semantic conflict",
- file=c.get("file", ""),
- severity=c.get("severity", "unknown"),
- )
+ for pc in parallel_conflicts:
conflicts.append(
{
- "file": c.get("file", ""),
- "location": c.get("location", ""),
- "tasks": c.get("tasks", []),
- "severity": c.get("severity", "unknown"),
- "canAutoMerge": c.get("can_auto_merge", False),
- "strategy": c.get("strategy"),
- "reason": c.get("reason", ""),
- "type": "semantic",
+ "file": pc["file"],
+ "location": "file-level",
+ "tasks": pc["tasks"],
+ "severity": "medium",
+ "canAutoMerge": False,
+ "strategy": None,
+ "reason": f"File modified by multiple active tasks: {', '.join(pc['tasks'])}",
+ "type": "parallel",
}
)
@@ -669,13 +865,14 @@ def handle_merge_preview_command(
}
)
- summary = preview.get("summary", {})
# Count only non-lock-file conflicts
git_conflict_count = len(git_conflicts.get("conflicting_files", [])) - len(
lock_files_excluded
)
- total_conflicts = summary.get("total_conflicts", 0) + git_conflict_count
- conflict_files = summary.get("conflict_files", 0) + git_conflict_count
+ # Calculate totals from our conflict lists (git conflicts + parallel conflicts)
+ parallel_conflict_count = len(parallel_conflicts)
+ total_conflicts = git_conflict_count + parallel_conflict_count
+ conflict_files = git_conflict_count + parallel_conflict_count
# Filter lock files from the git conflicts list for the response
non_lock_conflicting_files = [
@@ -761,7 +958,7 @@ def handle_merge_preview_command(
"totalFiles": total_files_from_git,
"conflictFiles": conflict_files,
"totalConflicts": total_conflicts,
- "autoMergeable": summary.get("auto_mergeable", 0),
+ "autoMergeable": 0, # Not tracking auto-merge in lightweight mode
"hasGitConflicts": git_conflicts["has_conflicts"]
and len(non_lock_conflicting_files) > 0,
# Include path-mapped AI merge count for UI display
@@ -776,10 +973,9 @@ def handle_merge_preview_command(
"Merge preview complete",
total_files=result["summary"]["totalFiles"],
total_files_source="git_diff",
- semantic_tracked_files=summary.get("total_files", 0),
total_conflicts=result["summary"]["totalConflicts"],
has_git_conflicts=git_conflicts["has_conflicts"],
- auto_mergeable=result["summary"]["autoMergeable"],
+ parallel_conflicts=parallel_conflict_count,
path_mapped_ai_merges=len(path_mapped_ai_merges),
total_renames=len(path_mappings),
)
@@ -805,3 +1001,220 @@ def handle_merge_preview_command(
"pathMappedAIMergeCount": 0,
},
}
+
+
+def handle_create_pr_command(
+ project_dir: Path,
+ spec_name: str,
+ target_branch: str | None = None,
+ title: str | None = None,
+ draft: bool = False,
+) -> CreatePRResult:
+ """
+ Handle the --create-pr command: push branch and create a GitHub PR.
+
+ Args:
+ project_dir: Path to the project directory
+ spec_name: Name of the spec (e.g., "001-feature-name")
+ target_branch: Target branch for PR (defaults to base branch)
+ title: Custom PR title (defaults to spec name)
+ draft: Whether to create as draft PR
+
+ Returns:
+ CreatePRResult with success status, pr_url, and any errors
+ """
+ from core.worktree import WorktreeManager
+
+ print_banner()
+ print("\n" + "=" * 70)
+ print(" CREATE PULL REQUEST")
+ print("=" * 70)
+
+ # Check if worktree exists
+ worktree_path = get_existing_build_worktree(project_dir, spec_name)
+ if not worktree_path:
+ print(f"\n{icon(Icons.ERROR)} No build found for spec: {spec_name}")
+ print("\nA completed build worktree is required to create a PR.")
+ print("Run your build first, then use --create-pr.")
+ error_result: CreatePRResult = {
+ "success": False,
+ "error": "No build found for this spec",
+ }
+ return error_result
+
+ # Create worktree manager
+ manager = WorktreeManager(project_dir, base_branch=target_branch)
+
+ print(f"\n{icon(Icons.BRANCH)} Pushing branch and creating PR...")
+ print(f" Spec: {spec_name}")
+ print(f" Target: {target_branch or manager.base_branch}")
+ if title:
+ print(f" Title: {title}")
+ if draft:
+ print(" Mode: Draft PR")
+
+ # Push and create PR with exception handling for clean JSON output
+ try:
+ raw_result = manager.push_and_create_pr(
+ spec_name=spec_name,
+ target_branch=target_branch,
+ title=title,
+ draft=draft,
+ )
+ except Exception as e:
+ debug_error(MODULE, f"Exception during PR creation: {e}")
+ error_result: CreatePRResult = {
+ "success": False,
+ "error": str(e),
+ "message": "Failed to create PR",
+ }
+ print(f"\n{icon(Icons.ERROR)} Failed to create PR: {e}")
+ print(json.dumps(error_result))
+ return error_result
+
+ # Convert PushAndCreatePRResult to CreatePRResult
+ result: CreatePRResult = {
+ "success": raw_result.get("success", False),
+ "pr_url": raw_result.get("pr_url"),
+ "already_exists": raw_result.get("already_exists", False),
+ "error": raw_result.get("error"),
+ "message": raw_result.get("message"),
+ "pushed": raw_result.get("pushed", False),
+ "remote": raw_result.get("remote", ""),
+ "branch": raw_result.get("branch", ""),
+ }
+
+ if result.get("success"):
+ pr_url = result.get("pr_url")
+ already_exists = result.get("already_exists", False)
+
+ if already_exists:
+ print(f"\n{icon(Icons.SUCCESS)} PR already exists!")
+ else:
+ print(f"\n{icon(Icons.SUCCESS)} PR created successfully!")
+
+ if pr_url:
+ print(f"\n{icon(Icons.LINK)} {pr_url}")
+ else:
+ print(f"\n{icon(Icons.INFO)} Check GitHub for the PR URL")
+
+ print("\nNext steps:")
+ print(" 1. Review the PR on GitHub")
+ print(" 2. Request reviews from your team")
+ print(" 3. Merge when approved")
+
+ # Output JSON for frontend parsing
+ print(json.dumps(result))
+ return result
+ else:
+ error = result.get("error", "Unknown error")
+ print(f"\n{icon(Icons.ERROR)} Failed to create PR: {error}")
+ # Output JSON for frontend parsing
+ print(json.dumps(result))
+ return result
+
+
+def cleanup_old_worktrees_command(
+ project_dir: Path, days: int = 30, dry_run: bool = False
+) -> dict:
+ """
+ Clean up old worktrees that haven't been modified in the specified number of days.
+
+ Args:
+ project_dir: Project root directory
+ days: Number of days threshold (default: 30)
+ dry_run: If True, only show what would be removed (default: False)
+
+ Returns:
+ Dictionary with cleanup results
+ """
+ try:
+ manager = WorktreeManager(project_dir)
+
+ removed, failed = manager.cleanup_old_worktrees(
+ days_threshold=days, dry_run=dry_run
+ )
+
+ return {
+ "success": True,
+ "removed": removed,
+ "failed": failed,
+ "dry_run": dry_run,
+ "days_threshold": days,
+ }
+
+ except Exception as e:
+ return {
+ "success": False,
+ "error": str(e),
+ "removed": [],
+ "failed": [],
+ }
+
+
+def worktree_summary_command(project_dir: Path) -> dict:
+ """
+ Get a summary of all worktrees with age information.
+
+ Args:
+ project_dir: Project root directory
+
+ Returns:
+ Dictionary with worktree summary data
+ """
+ try:
+ manager = WorktreeManager(project_dir)
+
+ # Print to console for CLI usage
+ manager.print_worktree_summary()
+
+ # Also return data for programmatic access
+ worktrees = manager.list_all_worktrees()
+ warning = manager.get_worktree_count_warning()
+
+ # Categorize by age
+ recent = []
+ week_old = []
+ month_old = []
+ very_old = []
+ unknown_age = []
+
+ for info in worktrees:
+ data = {
+ "spec_name": info.spec_name,
+ "days_since_last_commit": info.days_since_last_commit,
+ "commit_count": info.commit_count,
+ }
+
+ if info.days_since_last_commit is None:
+ unknown_age.append(data)
+ elif info.days_since_last_commit < 7:
+ recent.append(data)
+ elif info.days_since_last_commit < 30:
+ week_old.append(data)
+ elif info.days_since_last_commit < 90:
+ month_old.append(data)
+ else:
+ very_old.append(data)
+
+ return {
+ "success": True,
+ "total_worktrees": len(worktrees),
+ "categories": {
+ "recent": recent,
+ "week_old": week_old,
+ "month_old": month_old,
+ "very_old": very_old,
+ "unknown_age": unknown_age,
+ },
+ "warning": warning,
+ }
+
+ except Exception as e:
+ return {
+ "success": False,
+ "error": str(e),
+ "total_worktrees": 0,
+ "categories": {},
+ "warning": None,
+ }
diff --git a/apps/backend/commit_message.py b/apps/backend/commit_message.py
index 0518f20fba..b90242590c 100644
--- a/apps/backend/commit_message.py
+++ b/apps/backend/commit_message.py
@@ -231,7 +231,9 @@ async def _call_claude(prompt: str) -> str:
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
response_text += block.text
logger.info(f"Generated commit message: {len(response_text)} chars")
diff --git a/apps/backend/core/agent.py b/apps/backend/core/agent.py
index 8b2cc8d540..6d9ffe3702 100644
--- a/apps/backend/core/agent.py
+++ b/apps/backend/core/agent.py
@@ -39,7 +39,7 @@
run_followup_planner,
save_session_memory,
save_session_to_graphiti,
- sync_plan_to_source,
+ sync_spec_to_source,
)
# Ensure all exports are available at module level
@@ -57,7 +57,7 @@
"load_implementation_plan",
"find_subtask_in_plan",
"find_phase_for_subtask",
- "sync_plan_to_source",
+ "sync_spec_to_source",
"AUTO_CONTINUE_DELAY_SECONDS",
"HUMAN_INTERVENTION_FILE",
]
diff --git a/apps/backend/core/auth.py b/apps/backend/core/auth.py
index be105e1ff9..ce105a0caf 100644
--- a/apps/backend/core/auth.py
+++ b/apps/backend/core/auth.py
@@ -23,12 +23,21 @@
# Environment variables to pass through to SDK subprocess
# NOTE: ANTHROPIC_API_KEY is intentionally excluded to prevent silent API billing
SDK_ENV_VARS = [
+ # API endpoint configuration
"ANTHROPIC_BASE_URL",
"ANTHROPIC_AUTH_TOKEN",
+ # Model overrides (from API Profile custom model mappings)
+ "ANTHROPIC_MODEL",
+ "ANTHROPIC_DEFAULT_HAIKU_MODEL",
+ "ANTHROPIC_DEFAULT_SONNET_MODEL",
+ "ANTHROPIC_DEFAULT_OPUS_MODEL",
+ # SDK behavior configuration
"NO_PROXY",
"DISABLE_TELEMETRY",
"DISABLE_COST_WARNINGS",
"API_TIMEOUT_MS",
+ # Windows-specific: Git Bash path for Claude Code CLI
+ "CLAUDE_CODE_GIT_BASH_PATH",
]
@@ -208,6 +217,85 @@ def require_auth_token() -> str:
return token
+def _find_git_bash_path() -> str | None:
+ """
+ Find git-bash (bash.exe) path on Windows.
+
+ Uses 'where git' to find git.exe, then derives bash.exe location from it.
+ Git for Windows installs bash.exe in the 'bin' directory alongside git.exe
+ or in the parent 'bin' directory when git.exe is in 'cmd'.
+
+ Returns:
+ Full path to bash.exe if found, None otherwise
+ """
+ if platform.system() != "Windows":
+ return None
+
+ # If already set in environment, use that
+ existing = os.environ.get("CLAUDE_CODE_GIT_BASH_PATH")
+ if existing and os.path.exists(existing):
+ return existing
+
+ git_path = None
+
+ # Method 1: Use 'where' command to find git.exe
+ try:
+ # Use where.exe explicitly for reliability
+ result = subprocess.run(
+ ["where.exe", "git"],
+ capture_output=True,
+ text=True,
+ timeout=5,
+ shell=False,
+ )
+
+ if result.returncode == 0 and result.stdout.strip():
+ git_paths = result.stdout.strip().splitlines()
+ if git_paths:
+ git_path = git_paths[0].strip()
+ except (subprocess.TimeoutExpired, FileNotFoundError, subprocess.SubprocessError):
+ # Intentionally suppress errors - best-effort detection with fallback to common paths
+ pass
+
+ # Method 2: Check common installation paths if 'where' didn't work
+ if not git_path:
+ common_git_paths = [
+ os.path.expandvars(r"%PROGRAMFILES%\Git\cmd\git.exe"),
+ os.path.expandvars(r"%PROGRAMFILES%\Git\bin\git.exe"),
+ os.path.expandvars(r"%PROGRAMFILES(X86)%\Git\cmd\git.exe"),
+ os.path.expandvars(r"%LOCALAPPDATA%\Programs\Git\cmd\git.exe"),
+ ]
+ for path in common_git_paths:
+ if os.path.exists(path):
+ git_path = path
+ break
+
+ if not git_path:
+ return None
+
+ # Derive bash.exe location from git.exe location
+ # Git for Windows structure:
+ # C:\...\Git\cmd\git.exe -> bash.exe is at C:\...\Git\bin\bash.exe
+ # C:\...\Git\bin\git.exe -> bash.exe is at C:\...\Git\bin\bash.exe
+ # C:\...\Git\mingw64\bin\git.exe -> bash.exe is at C:\...\Git\bin\bash.exe
+ git_dir = os.path.dirname(git_path)
+ git_parent = os.path.dirname(git_dir)
+ git_grandparent = os.path.dirname(git_parent)
+
+ # Check common bash.exe locations relative to git installation
+ possible_bash_paths = [
+ os.path.join(git_parent, "bin", "bash.exe"), # cmd -> bin
+ os.path.join(git_dir, "bash.exe"), # If git.exe is in bin
+ os.path.join(git_grandparent, "bin", "bash.exe"), # mingw64/bin -> bin
+ ]
+
+ for bash_path in possible_bash_paths:
+ if os.path.exists(bash_path):
+ return bash_path
+
+ return None
+
+
def get_sdk_env_vars() -> dict[str, str]:
"""
Get environment variables to pass to SDK.
@@ -215,6 +303,8 @@ def get_sdk_env_vars() -> dict[str, str]:
Collects relevant env vars (ANTHROPIC_BASE_URL, etc.) that should
be passed through to the claude-agent-sdk subprocess.
+ On Windows, auto-detects CLAUDE_CODE_GIT_BASH_PATH if not already set.
+
Returns:
Dict of env var name -> value for non-empty vars
"""
@@ -223,6 +313,14 @@ def get_sdk_env_vars() -> dict[str, str]:
value = os.environ.get(var)
if value:
env[var] = value
+
+ # On Windows, auto-detect git-bash path if not already set
+ # Claude Code CLI requires bash.exe to run on Windows
+ if platform.system() == "Windows" and "CLAUDE_CODE_GIT_BASH_PATH" not in env:
+ bash_path = _find_git_bash_path()
+ if bash_path:
+ env["CLAUDE_CODE_GIT_BASH_PATH"] = bash_path
+
return env
diff --git a/apps/backend/core/client.py b/apps/backend/core/client.py
index 3d8dbe8de6..69c9c0e239 100644
--- a/apps/backend/core/client.py
+++ b/apps/backend/core/client.py
@@ -16,6 +16,7 @@
import json
import logging
import os
+import platform
import threading
import time
from pathlib import Path
@@ -488,6 +489,12 @@ def create_client(
# Collect env vars to pass to SDK (ANTHROPIC_BASE_URL, etc.)
sdk_env = get_sdk_env_vars()
+ # Debug: Log git-bash path detection on Windows
+ if "CLAUDE_CODE_GIT_BASH_PATH" in sdk_env:
+ logger.info(f"Git Bash path found: {sdk_env['CLAUDE_CODE_GIT_BASH_PATH']}")
+ elif platform.system() == "Windows":
+ logger.warning("Git Bash path not detected on Windows!")
+
# Check if Linear integration is enabled
linear_enabled = is_linear_enabled()
linear_api_key = os.environ.get("LINEAR_API_KEY", "")
@@ -538,6 +545,48 @@ def create_client(
# cases where Claude uses absolute paths for file operations
project_path_str = str(project_dir.resolve())
spec_path_str = str(spec_dir.resolve())
+
+ # Detect if we're running in a worktree and get the original project directory
+ # Worktrees are located in either:
+ # - .auto-claude/worktrees/tasks/{spec-name}/ (new location)
+ # - .worktrees/{spec-name}/ (legacy location)
+ # When running in a worktree, we need to allow access to both the worktree
+ # and the original project's .auto-claude/ directory for spec files
+ original_project_permissions = []
+ resolved_project_path = project_dir.resolve()
+
+ # Check for worktree paths and extract original project directory
+ # This handles spec worktrees, PR review worktrees, and legacy worktrees
+ # Note: Windows paths are normalized to forward slashes before comparison
+ worktree_markers = [
+ "/.auto-claude/worktrees/tasks/", # Spec/task worktrees
+ "/.auto-claude/github/pr/worktrees/", # PR review worktrees
+ "/.worktrees/", # Legacy worktree location
+ ]
+ project_path_posix = str(resolved_project_path).replace("\\", "/")
+
+ for marker in worktree_markers:
+ if marker in project_path_posix:
+ # Extract the original project directory (parent of worktree location)
+ # Use rsplit to get the rightmost occurrence (handles nested projects)
+ original_project_str = project_path_posix.rsplit(marker, 1)[0]
+ original_project_dir = Path(original_project_str)
+
+ # Grant permissions for relevant directories in the original project
+ permission_ops = ["Read", "Write", "Edit", "Glob", "Grep"]
+ dirs_to_permit = [
+ original_project_dir / ".auto-claude",
+ original_project_dir / ".worktrees", # Legacy support
+ ]
+
+ for dir_path in dirs_to_permit:
+ if dir_path.exists():
+ path_str = str(dir_path.resolve())
+ original_project_permissions.extend(
+ [f"{op}({path_str}/**)" for op in permission_ops]
+ )
+ break
+
security_settings = {
"sandbox": {"enabled": True, "autoAllowBashIfSandboxed": True},
"permissions": {
@@ -560,6 +609,9 @@ def create_client(
f"Read({spec_path_str}/**)",
f"Write({spec_path_str}/**)",
f"Edit({spec_path_str}/**)",
+ # Allow original project's .auto-claude/ and .worktrees/ directories
+ # when running in a worktree (fixes issue #385 - permission errors)
+ *original_project_permissions,
# Bash permission granted here, but actual commands are validated
# by the bash_security_hook (see security.py for allowed commands)
"Bash(*)",
@@ -596,6 +648,8 @@ def create_client(
print(f"Security settings: {settings_file}")
print(" - Sandbox enabled (OS-level bash isolation)")
print(f" - Filesystem restricted to: {project_dir.resolve()}")
+ if original_project_permissions:
+ print(" - Worktree permissions: granted for original project directories")
print(" - Bash commands restricted to allowlist")
if max_thinking_tokens:
print(f" - Extended thinking: {max_thinking_tokens:,} tokens")
@@ -742,6 +796,12 @@ def create_client(
"settings": str(settings_file.resolve()),
"env": sdk_env, # Pass ANTHROPIC_BASE_URL etc. to subprocess
"max_thinking_tokens": max_thinking_tokens, # Extended thinking budget
+ "max_buffer_size": 10
+ * 1024
+ * 1024, # 10MB buffer (default: 1MB) - fixes large tool results
+ # Enable file checkpointing to track file read/write state across tool calls
+ # This prevents "File has not been read yet" errors in recovery sessions
+ "enable_file_checkpointing": True,
}
# Add structured output format if specified
diff --git a/apps/backend/core/dependency_validator.py b/apps/backend/core/dependency_validator.py
new file mode 100644
index 0000000000..8517cb3631
--- /dev/null
+++ b/apps/backend/core/dependency_validator.py
@@ -0,0 +1,50 @@
+"""
+Dependency Validator
+====================
+
+Validates platform-specific dependencies are installed before running agents.
+"""
+
+import sys
+from pathlib import Path
+
+
+def validate_platform_dependencies() -> None:
+ """
+ Validate that platform-specific dependencies are installed.
+
+ Raises:
+ SystemExit: If required platform-specific dependencies are missing,
+ with helpful installation instructions.
+ """
+ # Check Windows-specific dependencies
+ if sys.platform == "win32" and sys.version_info >= (3, 12):
+ try:
+ import pywintypes # noqa: F401
+ except ImportError:
+ _exit_with_pywin32_error()
+
+
+def _exit_with_pywin32_error() -> None:
+ """Exit with helpful error message for missing pywin32."""
+ # Use sys.prefix to detect the virtual environment path
+ # This works for venv and poetry environments
+ venv_activate = Path(sys.prefix) / "Scripts" / "activate"
+
+ sys.exit(
+ "Error: Required Windows dependency 'pywin32' is not installed.\n"
+ "\n"
+ "Auto Claude requires pywin32 on Windows for LadybugDB/Graphiti memory integration.\n"
+ "\n"
+ "To fix this:\n"
+ "1. Activate your virtual environment:\n"
+ f" {venv_activate}\n"
+ "\n"
+ "2. Install pywin32:\n"
+ " pip install pywin32>=306\n"
+ "\n"
+ " Or reinstall all dependencies:\n"
+ " pip install -r requirements.txt\n"
+ "\n"
+ f"Current Python: {sys.executable}\n"
+ )
diff --git a/apps/backend/core/git_executable.py b/apps/backend/core/git_executable.py
new file mode 100644
index 0000000000..d17a3e07ef
--- /dev/null
+++ b/apps/backend/core/git_executable.py
@@ -0,0 +1,142 @@
+#!/usr/bin/env python3
+"""
+Git Executable Finder
+======================
+
+Utility to find the git executable, with Windows-specific fallbacks.
+Separated into its own module to avoid circular imports.
+"""
+
+import os
+import shutil
+import subprocess
+from pathlib import Path
+
+_cached_git_path: str | None = None
+
+
+def get_git_executable() -> str:
+ """Find the git executable, with Windows-specific fallbacks.
+
+ Returns the path to git executable. On Windows, checks multiple sources:
+ 1. CLAUDE_CODE_GIT_BASH_PATH env var (set by Electron frontend)
+ 2. shutil.which (if git is in PATH)
+ 3. Common installation locations
+ 4. Windows 'where' command
+
+ Caches the result after first successful find.
+ """
+ global _cached_git_path
+
+ # Return cached result if available
+ if _cached_git_path is not None:
+ return _cached_git_path
+
+ git_path = _find_git_executable()
+ _cached_git_path = git_path
+ return git_path
+
+
+def _find_git_executable() -> str:
+ """Internal function to find git executable."""
+ # 1. Check CLAUDE_CODE_GIT_BASH_PATH (set by Electron frontend)
+ # This env var points to bash.exe, we can derive git.exe from it
+ bash_path = os.environ.get("CLAUDE_CODE_GIT_BASH_PATH")
+ if bash_path:
+ try:
+ bash_path_obj = Path(bash_path)
+ if bash_path_obj.exists():
+ git_dir = bash_path_obj.parent.parent
+ # Try cmd/git.exe first (preferred), then bin/git.exe
+ for git_subpath in ["cmd/git.exe", "bin/git.exe"]:
+ git_path = git_dir / git_subpath
+ if git_path.is_file():
+ return str(git_path)
+ except (OSError, ValueError):
+ pass
+
+ # 2. Try shutil.which (works if git is in PATH)
+ git_path = shutil.which("git")
+ if git_path:
+ return git_path
+
+ # 3. Windows-specific: check common installation locations
+ if os.name == "nt":
+ common_paths = [
+ os.path.expandvars(r"%PROGRAMFILES%\Git\cmd\git.exe"),
+ os.path.expandvars(r"%PROGRAMFILES%\Git\bin\git.exe"),
+ os.path.expandvars(r"%PROGRAMFILES(X86)%\Git\cmd\git.exe"),
+ os.path.expandvars(r"%LOCALAPPDATA%\Programs\Git\cmd\git.exe"),
+ r"C:\Program Files\Git\cmd\git.exe",
+ r"C:\Program Files (x86)\Git\cmd\git.exe",
+ ]
+ for path in common_paths:
+ try:
+ if os.path.isfile(path):
+ return path
+ except OSError:
+ continue
+
+ # 4. Try 'where' command with shell=True (more reliable on Windows)
+ try:
+ result = subprocess.run(
+ "where git",
+ capture_output=True,
+ text=True,
+ timeout=5,
+ shell=True,
+ )
+ if result.returncode == 0 and result.stdout.strip():
+ found_path = result.stdout.strip().split("\n")[0].strip()
+ if found_path and os.path.isfile(found_path):
+ return found_path
+ except (subprocess.TimeoutExpired, OSError):
+ pass
+
+ # Default fallback - let subprocess handle it (may fail)
+ return "git"
+
+
+def run_git(
+ args: list[str],
+ cwd: Path | str | None = None,
+ timeout: int = 60,
+ input_data: str | None = None,
+) -> subprocess.CompletedProcess:
+ """Run a git command with proper executable finding.
+
+ Args:
+ args: Git command arguments (without 'git' prefix)
+ cwd: Working directory for the command
+ timeout: Command timeout in seconds (default: 60)
+ input_data: Optional string data to pass to stdin
+
+ Returns:
+ CompletedProcess with command results.
+ """
+ git = get_git_executable()
+ try:
+ return subprocess.run(
+ [git] + args,
+ cwd=cwd,
+ input=input_data,
+ capture_output=True,
+ text=True,
+ encoding="utf-8",
+ errors="replace",
+ timeout=timeout,
+ )
+ except subprocess.TimeoutExpired:
+ return subprocess.CompletedProcess(
+ args=[git] + args,
+ returncode=-1,
+ stdout="",
+ stderr=f"Command timed out after {timeout} seconds",
+ )
+ except FileNotFoundError:
+ return subprocess.CompletedProcess(
+ args=[git] + args,
+ returncode=-1,
+ stdout="",
+ stderr="Git executable not found. Please ensure git is installed and in PATH.",
+ )
diff --git a/apps/backend/core/phase_event.py b/apps/backend/core/phase_event.py
index a86321cf02..acc034605b 100644
--- a/apps/backend/core/phase_event.py
+++ b/apps/backend/core/phase_event.py
@@ -52,4 +52,8 @@ def emit_phase(
print(f"{PHASE_MARKER_PREFIX}{json.dumps(payload, default=str)}", flush=True)
except (OSError, UnicodeEncodeError) as e:
if _DEBUG:
- print(f"[phase_event] emit failed: {e}", file=sys.stderr, flush=True)
+ try:
+ sys.stderr.write(f"[phase_event] emit failed: {e}\n")
+ sys.stderr.flush()
+ except (OSError, UnicodeEncodeError):
+ pass # Truly silent on complete I/O failure
diff --git a/apps/backend/core/workspace.py b/apps/backend/core/workspace.py
index ddfd49059b..6ae292ab6b 100644
--- a/apps/backend/core/workspace.py
+++ b/apps/backend/core/workspace.py
@@ -4,7 +4,7 @@
=============================================
Handles workspace isolation through Git worktrees, where each spec
-gets its own isolated worktree in .worktrees/{spec-name}/.
+gets its own isolated worktree in .auto-claude/worktrees/tasks/{spec-name}/.
This module has been refactored for better maintainability:
- Models and enums: workspace/models.py
@@ -90,12 +90,18 @@ def is_debug_enabled():
from core.workspace.git_utils import (
detect_file_renames as _detect_file_renames,
)
+from core.workspace.git_utils import (
+ get_binary_file_content_from_ref as _get_binary_file_content_from_ref,
+)
from core.workspace.git_utils import (
get_changed_files_from_branch as _get_changed_files_from_branch,
)
from core.workspace.git_utils import (
get_file_content_from_ref as _get_file_content_from_ref,
)
+from core.workspace.git_utils import (
+ is_binary_file as _is_binary_file,
+)
from core.workspace.git_utils import (
is_lock_file as _is_lock_file,
)
@@ -239,14 +245,16 @@ def merge_existing_build(
if smart_result is not None:
# Smart merge handled it (success or identified conflicts)
if smart_result.get("success"):
- # Check if smart merge resolved git conflicts or path-mapped files
+ # Check if smart merge actually DID work (resolved conflicts via AI)
+ # NOTE: "files_merged" in stats is misleading - it's "files TO merge" not "files WERE merged"
+ # The smart merge preview returns this count but doesn't actually perform the merge
+ # in the no-conflict path. We only skip git merge if AI actually did work.
stats = smart_result.get("stats", {})
had_conflicts = stats.get("conflicts_resolved", 0) > 0
- files_merged = stats.get("files_merged", 0) > 0
ai_assisted = stats.get("ai_assisted", 0) > 0
- if had_conflicts or files_merged or ai_assisted:
- # Git conflicts were resolved OR path-mapped files were AI merged
+ if had_conflicts or ai_assisted:
+ # AI actually resolved conflicts or assisted with merges
# Changes are already written and staged - no need for git merge
_print_merge_success(
no_commit, stats, spec_name=spec_name, keep_worktree=True
@@ -258,7 +266,8 @@ def merge_existing_build(
return True
else:
- # No conflicts and no files merged - do standard git merge
+ # No conflicts needed AI resolution - do standard git merge
+ # This is the common case: no divergence, just need to merge changes
success_result = manager.merge_worktree(
spec_name, delete_after=False, no_commit=no_commit
)
@@ -773,28 +782,44 @@ def _resolve_git_conflicts_with_ai(
print(muted(f" Copying {len(new_files)} new file(s) first (dependencies)..."))
for file_path, status in new_files:
try:
- content = _get_file_content_from_ref(
- project_dir, spec_branch, file_path
- )
- if content is not None:
- # Apply path mapping - write to new location if file was renamed
- target_file_path = _apply_path_mapping(file_path, path_mappings)
- target_path = project_dir / target_file_path
- target_path.parent.mkdir(parents=True, exist_ok=True)
- target_path.write_text(content, encoding="utf-8")
- subprocess.run(
- ["git", "add", target_file_path],
- cwd=project_dir,
- capture_output=True,
+ # Apply path mapping - write to new location if file was renamed
+ target_file_path = _apply_path_mapping(file_path, path_mappings)
+ target_path = project_dir / target_file_path
+ target_path.parent.mkdir(parents=True, exist_ok=True)
+
+ # Handle binary files differently - use bytes instead of text
+ if _is_binary_file(file_path):
+ binary_content = _get_binary_file_content_from_ref(
+ project_dir, spec_branch, file_path
+ )
+ if binary_content is not None:
+ target_path.write_bytes(binary_content)
+ subprocess.run(
+ ["git", "add", target_file_path],
+ cwd=project_dir,
+ capture_output=True,
+ )
+ resolved_files.append(target_file_path)
+ debug(MODULE, f"Copied new binary file: {file_path}")
+ else:
+ content = _get_file_content_from_ref(
+ project_dir, spec_branch, file_path
)
- resolved_files.append(target_file_path)
- if target_file_path != file_path:
- debug(
- MODULE,
- f"Copied new file with path mapping: {file_path} -> {target_file_path}",
+ if content is not None:
+ target_path.write_text(content, encoding="utf-8")
+ subprocess.run(
+ ["git", "add", target_file_path],
+ cwd=project_dir,
+ capture_output=True,
)
- else:
- debug(MODULE, f"Copied new file: {file_path}")
+ resolved_files.append(target_file_path)
+ if target_file_path != file_path:
+ debug(
+ MODULE,
+ f"Copied new file with path mapping: {file_path} -> {target_file_path}",
+ )
+ else:
+ debug(MODULE, f"Copied new file: {file_path}")
except Exception as e:
debug_warning(MODULE, f"Could not copy new file {file_path}: {e}")
@@ -1118,24 +1143,44 @@ def _resolve_git_conflicts_with_ai(
)
else:
# Modified without path change - simple copy
- content = _get_file_content_from_ref(
- project_dir, spec_branch, file_path
- )
- if content is not None:
- target_path = project_dir / target_file_path
- target_path.parent.mkdir(parents=True, exist_ok=True)
- target_path.write_text(content, encoding="utf-8")
- subprocess.run(
- ["git", "add", target_file_path],
- cwd=project_dir,
- capture_output=True,
+ # Check if binary file to use correct read/write method
+ target_path = project_dir / target_file_path
+ target_path.parent.mkdir(parents=True, exist_ok=True)
+
+ if _is_binary_file(file_path):
+ binary_content = _get_binary_file_content_from_ref(
+ project_dir, spec_branch, file_path
+ )
+ if binary_content is not None:
+ target_path.write_bytes(binary_content)
+ subprocess.run(
+ ["git", "add", target_file_path],
+ cwd=project_dir,
+ capture_output=True,
+ )
+ resolved_files.append(target_file_path)
+ if target_file_path != file_path:
+ debug(
+ MODULE,
+ f"Merged binary with path mapping: {file_path} -> {target_file_path}",
+ )
+ else:
+ content = _get_file_content_from_ref(
+ project_dir, spec_branch, file_path
)
- resolved_files.append(target_file_path)
- if target_file_path != file_path:
- debug(
- MODULE,
- f"Merged with path mapping: {file_path} -> {target_file_path}",
+ if content is not None:
+ target_path.write_text(content, encoding="utf-8")
+ subprocess.run(
+ ["git", "add", target_file_path],
+ cwd=project_dir,
+ capture_output=True,
)
+ resolved_files.append(target_file_path)
+ if target_file_path != file_path:
+ debug(
+ MODULE,
+ f"Merged with path mapping: {file_path} -> {target_file_path}",
+ )
except Exception as e:
print(muted(f" Warning: Could not process {file_path}: {e}"))
@@ -1431,7 +1476,9 @@ async def _merge_file_with_ai_async(
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
response_text += block.text
if response_text:
diff --git a/apps/backend/core/workspace/__init__.py b/apps/backend/core/workspace/__init__.py
index e5b5ac711a..db278769ea 100644
--- a/apps/backend/core/workspace/__init__.py
+++ b/apps/backend/core/workspace/__init__.py
@@ -4,7 +4,7 @@
=============================
Handles workspace isolation through Git worktrees, where each spec
-gets its own isolated worktree in .worktrees/{spec-name}/.
+gets its own isolated worktree in .auto-claude/worktrees/tasks/{spec-name}/.
This package provides:
- Workspace setup and configuration
@@ -62,6 +62,7 @@
MAX_SYNTAX_FIX_RETRIES,
MERGE_LOCK_TIMEOUT,
_create_conflict_file_with_git,
+ _get_binary_file_content_from_ref,
_get_changed_files_from_branch,
_get_file_content_from_ref,
_is_binary_file,
@@ -70,6 +71,7 @@
_is_process_running,
_validate_merged_syntax,
create_conflict_file_with_git,
+ get_binary_file_content_from_ref,
get_changed_files_from_branch,
get_current_branch,
get_existing_build_worktree,
@@ -117,6 +119,7 @@
"get_current_branch",
"get_existing_build_worktree",
"get_file_content_from_ref",
+ "get_binary_file_content_from_ref",
"get_changed_files_from_branch",
"is_process_running",
"is_binary_file",
diff --git a/apps/backend/core/workspace/finalization.py b/apps/backend/core/workspace/finalization.py
index 3078f2f8a2..a398391f84 100644
--- a/apps/backend/core/workspace/finalization.py
+++ b/apps/backend/core/workspace/finalization.py
@@ -169,7 +169,15 @@ def handle_workspace_choice(
if staging_path:
print(highlight(f" cd {staging_path}"))
else:
- print(highlight(f" cd {project_dir}/.worktrees/{spec_name}"))
+ worktree_path = get_existing_build_worktree(project_dir, spec_name)
+ if worktree_path:
+ print(highlight(f" cd {worktree_path}"))
+ else:
+ print(
+ highlight(
+ f" cd {project_dir}/.auto-claude/worktrees/tasks/{spec_name}"
+ )
+ )
# Show likely test/run commands
if staging_path:
@@ -232,7 +240,15 @@ def handle_workspace_choice(
if staging_path:
print(highlight(f" cd {staging_path}"))
else:
- print(highlight(f" cd {project_dir}/.worktrees/{spec_name}"))
+ worktree_path = get_existing_build_worktree(project_dir, spec_name)
+ if worktree_path:
+ print(highlight(f" cd {worktree_path}"))
+ else:
+ print(
+ highlight(
+ f" cd {project_dir}/.auto-claude/worktrees/tasks/{spec_name}"
+ )
+ )
print()
print("When you're ready to add it:")
print(highlight(f" python auto-claude/run.py --spec {spec_name} --merge"))
diff --git a/apps/backend/core/workspace/git_utils.py b/apps/backend/core/workspace/git_utils.py
index c027c4a426..5f6093b2e6 100644
--- a/apps/backend/core/workspace/git_utils.py
+++ b/apps/backend/core/workspace/git_utils.py
@@ -10,6 +10,45 @@
import subprocess
from pathlib import Path
+from core.git_executable import get_git_executable, run_git
+
+__all__ = [
+ # Exported helpers
+ "get_git_executable",
+ "run_git",
+ # Constants
+ "MAX_FILE_LINES_FOR_AI",
+ "MAX_PARALLEL_AI_MERGES",
+ "LOCK_FILES",
+ "BINARY_EXTENSIONS",
+ "MERGE_LOCK_TIMEOUT",
+ "MAX_SYNTAX_FIX_RETRIES",
+ # Functions
+ "detect_file_renames",
+ "apply_path_mapping",
+ "get_merge_base",
+ "has_uncommitted_changes",
+ "get_current_branch",
+ "get_existing_build_worktree",
+ "get_file_content_from_ref",
+ "get_binary_file_content_from_ref",
+ "get_changed_files_from_branch",
+ "is_process_running",
+ "is_binary_file",
+ "is_lock_file",
+ "validate_merged_syntax",
+ "create_conflict_file_with_git",
+ # Backward compat aliases
+ "_is_process_running",
+ "_is_binary_file",
+ "_is_lock_file",
+ "_validate_merged_syntax",
+ "_get_file_content_from_ref",
+ "_get_binary_file_content_from_ref",
+ "_get_changed_files_from_branch",
+ "_create_conflict_file_with_git",
+]
+
# Constants for merge limits
MAX_FILE_LINES_FOR_AI = 5000 # Skip AI for files larger than this
MAX_PARALLEL_AI_MERGES = 5 # Limit concurrent AI merge operations
@@ -33,6 +72,7 @@
}
BINARY_EXTENSIONS = {
+ # Images
".png",
".jpg",
".jpeg",
@@ -41,6 +81,11 @@
".webp",
".bmp",
".svg",
+ ".tiff",
+ ".tif",
+ ".heic",
+ ".heif",
+ # Documents
".pdf",
".doc",
".docx",
@@ -48,32 +93,63 @@
".xlsx",
".ppt",
".pptx",
+ # Archives
".zip",
".tar",
".gz",
".rar",
".7z",
+ ".bz2",
+ ".xz",
+ ".zst",
+ # Executables and libraries
".exe",
".dll",
".so",
".dylib",
".bin",
+ ".msi",
+ ".app",
+ # WebAssembly
+ ".wasm",
+ # Audio
".mp3",
- ".mp4",
".wav",
+ ".ogg",
+ ".flac",
+ ".aac",
+ ".m4a",
+ # Video
+ ".mp4",
".avi",
".mov",
".mkv",
+ ".webm",
+ ".wmv",
+ ".flv",
+ # Fonts
".woff",
".woff2",
".ttf",
".otf",
".eot",
+ # Compiled code
".pyc",
".pyo",
".class",
".o",
".obj",
+ # Data files
+ ".dat",
+ ".db",
+ ".sqlite",
+ ".sqlite3",
+ # Other binary formats
+ ".cur",
+ ".ani",
+ ".pbm",
+ ".pgm",
+ ".ppm",
}
# Merge lock timeout in seconds
@@ -113,9 +189,8 @@ def detect_file_renames(
# -M flag enables rename detection
# --diff-filter=R shows only renames
# --name-status shows status and file names
- result = subprocess.run(
+ result = run_git(
[
- "git",
"log",
"--name-status",
"-M",
@@ -124,8 +199,6 @@ def detect_file_renames(
f"{from_ref}..{to_ref}",
],
cwd=project_dir,
- capture_output=True,
- text=True,
)
if result.returncode == 0:
@@ -175,39 +248,21 @@ def get_merge_base(project_dir: Path, ref1: str, ref2: str) -> str | None:
Returns:
Merge-base commit hash, or None if not found
"""
- try:
- result = subprocess.run(
- ["git", "merge-base", ref1, ref2],
- cwd=project_dir,
- capture_output=True,
- text=True,
- )
- if result.returncode == 0:
- return result.stdout.strip()
- except Exception:
- pass
+ result = run_git(["merge-base", ref1, ref2], cwd=project_dir)
+ if result.returncode == 0:
+ return result.stdout.strip()
return None
def has_uncommitted_changes(project_dir: Path) -> bool:
"""Check if user has unsaved work."""
- result = subprocess.run(
- ["git", "status", "--porcelain"],
- cwd=project_dir,
- capture_output=True,
- text=True,
- )
+ result = run_git(["status", "--porcelain"], cwd=project_dir)
return bool(result.stdout.strip())
def get_current_branch(project_dir: Path) -> str:
"""Get the current branch name."""
- result = subprocess.run(
- ["git", "rev-parse", "--abbrev-ref", "HEAD"],
- cwd=project_dir,
- capture_output=True,
- text=True,
- )
+ result = run_git(["rev-parse", "--abbrev-ref", "HEAD"], cwd=project_dir)
return result.stdout.strip()
@@ -222,10 +277,16 @@ def get_existing_build_worktree(project_dir: Path, spec_name: str) -> Path | Non
Returns:
Path to the worktree if it exists for this spec, None otherwise
"""
- # Per-spec worktree path: .worktrees/{spec-name}/
- worktree_path = project_dir / ".worktrees" / spec_name
- if worktree_path.exists():
- return worktree_path
+ # New path first
+ new_path = project_dir / ".auto-claude" / "worktrees" / "tasks" / spec_name
+ if new_path.exists():
+ return new_path
+
+ # Legacy fallback
+ legacy_path = project_dir / ".worktrees" / spec_name
+ if legacy_path.exists():
+ return legacy_path
+
return None
@@ -233,11 +294,29 @@ def get_file_content_from_ref(
project_dir: Path, ref: str, file_path: str
) -> str | None:
"""Get file content from a git ref (branch, commit, etc.)."""
+ result = run_git(["show", f"{ref}:{file_path}"], cwd=project_dir)
+ if result.returncode == 0:
+ return result.stdout
+ return None
+
+
+def get_binary_file_content_from_ref(
+ project_dir: Path, ref: str, file_path: str
+) -> bytes | None:
+ """Get binary file content from a git ref (branch, commit, etc.).
+
+ Unlike get_file_content_from_ref, this returns raw bytes without
+ text decoding, suitable for binary files like images, audio, etc.
+
+ Note: Uses subprocess directly with get_git_executable() since
+ run_git() always returns text output.
+ """
+ git = get_git_executable()
result = subprocess.run(
- ["git", "show", f"{ref}:{file_path}"],
+ [git, "show", f"{ref}:{file_path}"],
cwd=project_dir,
capture_output=True,
- text=True,
+ text=False, # Return bytes, not text
)
if result.returncode == 0:
return result.stdout
@@ -262,11 +341,9 @@ def get_changed_files_from_branch(
Returns:
List of (file_path, status) tuples
"""
- result = subprocess.run(
- ["git", "diff", "--name-status", f"{base_branch}...{spec_branch}"],
+ result = run_git(
+ ["diff", "--name-status", f"{base_branch}...{spec_branch}"],
cwd=project_dir,
- capture_output=True,
- text=True,
)
files = []
@@ -283,15 +360,23 @@ def get_changed_files_from_branch(
return files
+def _normalize_path(path: str) -> str:
+ """Normalize path separators to forward slashes for cross-platform comparison."""
+ return path.replace("\\", "/")
+
+
def _is_auto_claude_file(file_path: str) -> bool:
- """Check if a file is in the .auto-claude or auto-claude/specs directory."""
- # These patterns cover the internal spec/build files that shouldn't be merged
+ """Check if a file is in the .auto-claude or auto-claude/specs directory.
+
+ Handles both forward slashes (Unix/Git output) and backslashes (Windows).
+ """
+ normalized = _normalize_path(file_path)
excluded_patterns = [
".auto-claude/",
"auto-claude/specs/",
]
for pattern in excluded_patterns:
- if file_path.startswith(pattern):
+ if normalized.startswith(pattern):
return True
return False
@@ -485,11 +570,9 @@ def create_conflict_file_with_git(
try:
# git merge-file
# Exit codes: 0 = clean merge, 1 = conflicts, >1 = error
- result = subprocess.run(
- ["git", "merge-file", "-p", main_path, base_path, wt_path],
+ result = run_git(
+ ["merge-file", "-p", main_path, base_path, wt_path],
cwd=project_dir,
- capture_output=True,
- text=True,
)
# Read the merged content
@@ -516,5 +599,6 @@ def create_conflict_file_with_git(
_is_lock_file = is_lock_file
_validate_merged_syntax = validate_merged_syntax
_get_file_content_from_ref = get_file_content_from_ref
+_get_binary_file_content_from_ref = get_binary_file_content_from_ref
_get_changed_files_from_branch = get_changed_files_from_branch
_create_conflict_file_with_git = create_conflict_file_with_git
diff --git a/apps/backend/core/workspace/models.py b/apps/backend/core/workspace/models.py
index cc94413e54..92d2178c95 100644
--- a/apps/backend/core/workspace/models.py
+++ b/apps/backend/core/workspace/models.py
@@ -249,7 +249,7 @@ def get_next_spec_number(self) -> int:
max_number = max(max_number, self._scan_specs_dir(main_specs_dir))
# 2. Scan all worktree specs
- worktrees_dir = self.project_dir / ".worktrees"
+ worktrees_dir = self.project_dir / ".auto-claude" / "worktrees" / "tasks"
if worktrees_dir.exists():
for worktree in worktrees_dir.iterdir():
if worktree.is_dir():
diff --git a/apps/backend/core/workspace/setup.py b/apps/backend/core/workspace/setup.py
index b5b825722b..06269e7c1e 100644
--- a/apps/backend/core/workspace/setup.py
+++ b/apps/backend/core/workspace/setup.py
@@ -8,11 +8,12 @@
import json
import shutil
-import subprocess
import sys
from pathlib import Path
+from core.git_executable import run_git
from merge import FileTimelineTracker
+from security.constants import ALLOWLIST_FILENAME, PROFILE_FILENAME
from ui import (
Icons,
MenuOption,
@@ -267,6 +268,43 @@ def setup_workspace(
f"Environment files copied: {', '.join(copied_env_files)}", "success"
)
+ # Copy security configuration files if they exist
+ # Note: Unlike env files, security files always overwrite to ensure
+ # the worktree uses the same security rules as the main project.
+ # This prevents security bypasses through stale worktree configs.
+ security_files = [
+ ALLOWLIST_FILENAME,
+ PROFILE_FILENAME,
+ ]
+ security_files_copied = []
+
+ for filename in security_files:
+ source_file = project_dir / filename
+ if source_file.is_file():
+ target_file = worktree_info.path / filename
+ try:
+ shutil.copy2(source_file, target_file)
+ security_files_copied.append(filename)
+ except (OSError, PermissionError) as e:
+ debug_warning(MODULE, f"Failed to copy {filename}: {e}")
+ print_status(
+ f"Warning: Could not copy {filename} to worktree", "warning"
+ )
+
+ if security_files_copied:
+ print_status(
+ f"Security config copied: {', '.join(security_files_copied)}", "success"
+ )
+
+ # Ensure .auto-claude/ is in the worktree's .gitignore
+ # This is critical because the worktree inherits .gitignore from the base branch,
+ # which may not have .auto-claude/ if that change wasn't committed/pushed.
+ # Without this, spec files would be committed to the worktree's branch.
+ from init import ensure_gitignore_entry
+
+ if ensure_gitignore_entry(worktree_info.path, ".auto-claude/"):
+ debug(MODULE, "Added .auto-claude/ to worktree's .gitignore")
+
# Copy spec files to worktree if provided
localized_spec_dir = None
if source_spec_dir and source_spec_dir.exists():
@@ -368,11 +406,9 @@ def initialize_timeline_tracking(
files_to_modify.extend(subtask.get("files", []))
# Get the current branch point commit
- result = subprocess.run(
- ["git", "rev-parse", "HEAD"],
+ result = run_git(
+ ["rev-parse", "HEAD"],
cwd=project_dir,
- capture_output=True,
- text=True,
)
branch_point = result.stdout.strip() if result.returncode == 0 else None
diff --git a/apps/backend/core/worktree.py b/apps/backend/core/worktree.py
index ab3b89e3b3..eb4870dd7b 100644
--- a/apps/backend/core/worktree.py
+++ b/apps/backend/core/worktree.py
@@ -4,7 +4,7 @@
=============================================
Each spec gets its own worktree:
-- Worktree path: .worktrees/{spec-name}/
+- Worktree path: .auto-claude/worktrees/tasks/{spec-name}/
- Branch name: auto-claude/{spec-name}
This allows:
@@ -19,8 +19,126 @@
import re
import shutil
import subprocess
+import time
+from collections.abc import Callable
from dataclasses import dataclass
+from datetime import datetime
from pathlib import Path
+from typing import TypedDict, TypeVar
+
+from core.git_executable import get_git_executable, run_git
+from debug import debug_warning
+
+T = TypeVar("T")
+
+
+def _is_retryable_network_error(stderr: str) -> bool:
+ """Check if an error is a retryable network/connection issue."""
+ stderr_lower = stderr.lower()
+ return any(
+ term in stderr_lower
+ for term in ["connection", "network", "timeout", "reset", "refused"]
+ )
+
+
+def _is_retryable_http_error(stderr: str) -> bool:
+ """
+ Check if an HTTP error is retryable (5xx errors, timeouts).
+ Excludes auth errors (401, 403) and client errors (404, 422).
+ """
+ stderr_lower = stderr.lower()
+ # Check for HTTP 5xx errors (server errors are retryable)
+ if re.search(r"http[s]?\s*5\d{2}", stderr_lower):
+ return True
+ # Check for HTTP timeout patterns
+ if "http" in stderr_lower and "timeout" in stderr_lower:
+ return True
+ return False
+
+
+def _with_retry(
+ operation: Callable[[], tuple[bool, T | None, str]],
+ max_retries: int = 3,
+ is_retryable: Callable[[str], bool] | None = None,
+ on_retry: Callable[[int, str], None] | None = None,
+) -> tuple[T | None, str]:
+ """
+ Execute an operation with retry logic.
+
+ Args:
+ operation: Function that returns a tuple of (success: bool, result: T | None, error: str).
+ On success (success=True), result contains the value and error is empty.
+ On failure (success=False), result is None and error contains the message.
+ max_retries: Maximum number of retry attempts
+ is_retryable: Function to check if error is retryable based on error message
+ on_retry: Optional callback called before each retry with (attempt, error)
+
+ Returns:
+ Tuple of (result, last_error) where result is T on success, None on failure
+ """
+ last_error = ""
+
+ for attempt in range(1, max_retries + 1):
+ try:
+ success, result, error = operation()
+ if success:
+ return result, ""
+
+ last_error = error
+
+ # Check if error is retryable
+ if is_retryable and attempt < max_retries and is_retryable(error):
+ if on_retry:
+ on_retry(attempt, error)
+ backoff = 2 ** (attempt - 1)
+ time.sleep(backoff)
+ continue
+
+ break
+
+ except subprocess.TimeoutExpired:
+ last_error = "Operation timed out"
+ if attempt < max_retries:
+ if on_retry:
+ on_retry(attempt, last_error)
+ backoff = 2 ** (attempt - 1)
+ time.sleep(backoff)
+ continue
+ break
+
+ return None, last_error
+
+
+class PushBranchResult(TypedDict, total=False):
+ """Result of pushing a branch to remote."""
+
+ success: bool
+ branch: str
+ remote: str
+ error: str
+
+
+class PullRequestResult(TypedDict, total=False):
+ """Result of creating a pull request."""
+
+ success: bool
+ pr_url: str | None # None when PR was created but URL couldn't be extracted
+ already_exists: bool
+ error: str
+ message: str
+
+
+class PushAndCreatePRResult(TypedDict, total=False):
+ """Result of push_and_create_pr operation."""
+
+ success: bool
+ pushed: bool
+ remote: str
+ branch: str
+ pr_url: str | None # None when PR was created but URL couldn't be extracted
+ already_exists: bool
+ error: str
+ message: str
class WorktreeError(Exception):
@@ -42,20 +160,27 @@ class WorktreeInfo:
files_changed: int = 0
additions: int = 0
deletions: int = 0
+ last_commit_date: datetime | None = None
+ days_since_last_commit: int | None = None
class WorktreeManager:
"""
Manages per-spec Git worktrees.
- Each spec gets its own worktree in .worktrees/{spec-name}/ with
+ Each spec gets its own worktree in .auto-claude/worktrees/tasks/{spec-name}/ with
a corresponding branch auto-claude/{spec-name}.
"""
+ # Timeout constants for subprocess operations
+ GIT_PUSH_TIMEOUT = 120 # 2 minutes for git push (network operations)
+ GH_CLI_TIMEOUT = 60 # 1 minute for gh CLI commands
+ GH_QUERY_TIMEOUT = 30 # 30 seconds for gh CLI queries
+
def __init__(self, project_dir: Path, base_branch: str | None = None):
self.project_dir = project_dir
self.base_branch = base_branch or self._detect_base_branch()
- self.worktrees_dir = project_dir / ".worktrees"
+ self.worktrees_dir = project_dir / ".auto-claude" / "worktrees" / "tasks"
self._merge_lock = asyncio.Lock()
def _detect_base_branch(self) -> str:
@@ -74,13 +199,9 @@ def _detect_base_branch(self) -> str:
env_branch = os.getenv("DEFAULT_BRANCH")
if env_branch:
# Verify the branch exists
- result = subprocess.run(
- ["git", "rev-parse", "--verify", env_branch],
+ result = run_git(
+ ["rev-parse", "--verify", env_branch],
cwd=self.project_dir,
- capture_output=True,
- text=True,
- encoding="utf-8",
- errors="replace",
)
if result.returncode == 0:
return env_branch
@@ -91,13 +212,9 @@ def _detect_base_branch(self) -> str:
# 2. Auto-detect main/master
for branch in ["main", "master"]:
- result = subprocess.run(
- ["git", "rev-parse", "--verify", branch],
+ result = run_git(
+ ["rev-parse", "--verify", branch],
cwd=self.project_dir,
- capture_output=True,
- text=True,
- encoding="utf-8",
- errors="replace",
)
if result.returncode == 0:
return branch
@@ -111,30 +228,29 @@ def _detect_base_branch(self) -> str:
def _get_current_branch(self) -> str:
"""Get the current git branch."""
- result = subprocess.run(
- ["git", "rev-parse", "--abbrev-ref", "HEAD"],
+ result = run_git(
+ ["rev-parse", "--abbrev-ref", "HEAD"],
cwd=self.project_dir,
- capture_output=True,
- text=True,
- encoding="utf-8",
- errors="replace",
)
if result.returncode != 0:
raise WorktreeError(f"Failed to get current branch: {result.stderr}")
return result.stdout.strip()
def _run_git(
- self, args: list[str], cwd: Path | None = None
+ self, args: list[str], cwd: Path | None = None, timeout: int = 60
) -> subprocess.CompletedProcess:
- """Run a git command and return the result."""
- return subprocess.run(
- ["git"] + args,
- cwd=cwd or self.project_dir,
- capture_output=True,
- text=True,
- encoding="utf-8",
- errors="replace",
- )
+ """Run a git command and return the result.
+
+ Args:
+ args: Git command arguments (without 'git' prefix)
+ cwd: Working directory for the command
+ timeout: Command timeout in seconds (default: 60)
+
+ Returns:
+ CompletedProcess with command results. On timeout, returns a
+ CompletedProcess with returncode=-1 and timeout error in stderr.
+ """
+ return run_git(args, cwd=cwd or self.project_dir, timeout=timeout)
def _unstage_gitignored_files(self) -> None:
"""
@@ -157,14 +273,10 @@ def _unstage_gitignored_files(self) -> None:
# 1. Check which staged files are gitignored
# git check-ignore returns the files that ARE ignored
- result = subprocess.run(
- ["git", "check-ignore", "--stdin"],
+ result = run_git(
+ ["check-ignore", "--stdin"],
cwd=self.project_dir,
- input="\n".join(staged_files),
- capture_output=True,
- text=True,
- encoding="utf-8",
- errors="replace",
+ input_data="\n".join(staged_files),
)
if result.stdout.strip():
@@ -179,8 +291,10 @@ def _unstage_gitignored_files(self) -> None:
file = file.strip()
if not file:
continue
+ # Normalize path separators for cross-platform (Windows backslash support)
+ normalized = file.replace("\\", "/")
for pattern in auto_claude_patterns:
- if file.startswith(pattern) or f"/{pattern}" in file:
+ if normalized.startswith(pattern) or f"/{pattern}" in normalized:
files_to_unstage.add(file)
break
@@ -194,13 +308,24 @@ def _unstage_gitignored_files(self) -> None:
def setup(self) -> None:
"""Create worktrees directory if needed."""
- self.worktrees_dir.mkdir(exist_ok=True)
+ self.worktrees_dir.mkdir(parents=True, exist_ok=True)
# ==================== Per-Spec Worktree Methods ====================
def get_worktree_path(self, spec_name: str) -> Path:
- """Get the worktree path for a spec."""
- return self.worktrees_dir / spec_name
+ """Get the worktree path for a spec (checks new and legacy locations)."""
+ # New path first (.auto-claude/worktrees/tasks/)
+ new_path = self.worktrees_dir / spec_name
+ if new_path.exists():
+ return new_path
+
+ # Legacy fallback (.worktrees/ instead of .auto-claude/worktrees/tasks/)
+ legacy_path = self.project_dir / ".worktrees" / spec_name
+ if legacy_path.exists():
+ return legacy_path
+
+ # Return new path as default for creation
+ return new_path
def get_branch_name(self, spec_name: str) -> str:
"""Get the branch name for a spec."""
@@ -261,6 +386,8 @@ def _get_worktree_stats(self, spec_name: str) -> dict:
"files_changed": 0,
"additions": 0,
"deletions": 0,
+ "last_commit_date": None,
+ "days_since_last_commit": None,
}
if not worktree_path.exists():
@@ -273,6 +400,52 @@ def _get_worktree_stats(self, spec_name: str) -> dict:
if result.returncode == 0:
stats["commit_count"] = int(result.stdout.strip() or "0")
+ # Last commit date (most recent commit in this worktree)
+ result = self._run_git(
+ ["log", "-1", "--format=%cd", "--date=iso"], cwd=worktree_path
+ )
+ if result.returncode == 0 and result.stdout.strip():
+ try:
+ # Parse ISO date format: "2026-01-04 00:25:25 +0100"
+ date_str = result.stdout.strip()
+ # Convert git format to ISO format for fromisoformat()
+ # "2026-01-04 00:25:25 +0100" -> "2026-01-04T00:25:25+01:00"
+ parts = date_str.rsplit(" ", 1)
+ if len(parts) == 2:
+ date_part, tz_part = parts
+ # Convert timezone format: "+0100" -> "+01:00"
+ if len(tz_part) == 5 and (
+ tz_part.startswith("+") or tz_part.startswith("-")
+ ):
+ tz_formatted = f"{tz_part[:3]}:{tz_part[3:]}"
+ iso_str = f"{date_part.replace(' ', 'T')}{tz_formatted}"
+ last_commit_date = datetime.fromisoformat(iso_str)
+ stats["last_commit_date"] = last_commit_date
+ # Use timezone-aware now() for accurate comparison
+ now_aware = datetime.now(last_commit_date.tzinfo)
+ stats["days_since_last_commit"] = (
+ now_aware - last_commit_date
+ ).days
+ else:
+ # Fallback for unexpected timezone format
+ last_commit_date = datetime.strptime(
+ parts[0], "%Y-%m-%d %H:%M:%S"
+ )
+ stats["last_commit_date"] = last_commit_date
+ stats["days_since_last_commit"] = (
+ datetime.now() - last_commit_date
+ ).days
+ else:
+ # No timezone in output
+ last_commit_date = datetime.strptime(date_str, "%Y-%m-%d %H:%M:%S")
+ stats["last_commit_date"] = last_commit_date
+ stats["days_since_last_commit"] = (
+ datetime.now() - last_commit_date
+ ).days
+ except (ValueError, TypeError) as e:
+ # If parsing fails, silently continue without date info
+ pass
+
# Diff stats
result = self._run_git(
["diff", "--shortstat", f"{self.base_branch}...HEAD"], cwd=worktree_path
@@ -327,9 +500,33 @@ def create_worktree(self, spec_name: str) -> WorktreeInfo:
# Delete branch if it exists (from previous attempt)
self._run_git(["branch", "-D", branch_name])
- # Create worktree with new branch from base
+ # Fetch latest from remote to ensure we have the most up-to-date code
+ # GitHub/remote is the source of truth, not the local branch
+ fetch_result = self._run_git(["fetch", "origin", self.base_branch])
+ if fetch_result.returncode != 0:
+ print(
+ f"Warning: Could not fetch {self.base_branch} from origin: {fetch_result.stderr}"
+ )
+ print("Falling back to local branch...")
+
+ # Determine the start point for the worktree
+ # Prefer origin/{base_branch} (remote) over local branch to ensure we have latest code
+ remote_ref = f"origin/{self.base_branch}"
+ start_point = self.base_branch # Default to local branch
+
+ # Check if remote ref exists and use it as the source of truth
+ check_remote = self._run_git(["rev-parse", "--verify", remote_ref])
+ if check_remote.returncode == 0:
+ start_point = remote_ref
+ print(f"Creating worktree from remote: {remote_ref}")
+ else:
+ print(
+ f"Remote ref {remote_ref} not found, using local branch: {self.base_branch}"
+ )
+
+ # Create worktree with new branch from the start point (remote preferred)
result = self._run_git(
- ["worktree", "add", "-b", branch_name, str(worktree_path), self.base_branch]
+ ["worktree", "add", "-b", branch_name, str(worktree_path), start_point]
)
if result.returncode != 0:
@@ -475,17 +672,27 @@ def commit_in_worktree(self, spec_name: str, message: str) -> bool:
# ==================== Listing & Discovery ====================
def list_all_worktrees(self) -> list[WorktreeInfo]:
- """List all spec worktrees."""
+ """List all spec worktrees (includes legacy .worktrees/ location)."""
worktrees = []
-
- if not self.worktrees_dir.exists():
- return worktrees
-
- for item in self.worktrees_dir.iterdir():
- if item.is_dir():
- info = self.get_worktree_info(item.name)
- if info:
- worktrees.append(info)
+ seen_specs = set()
+
+ # Check new location first
+ if self.worktrees_dir.exists():
+ for item in self.worktrees_dir.iterdir():
+ if item.is_dir():
+ info = self.get_worktree_info(item.name)
+ if info:
+ worktrees.append(info)
+ seen_specs.add(item.name)
+
+ # Check legacy location (.worktrees/)
+ legacy_dir = self.project_dir / ".worktrees"
+ if legacy_dir.exists():
+ for item in legacy_dir.iterdir():
+ if item.is_dir() and item.name not in seen_specs:
+ info = self.get_worktree_info(item.name)
+ if info:
+ worktrees.append(info)
return worktrees
@@ -587,81 +794,544 @@ def get_test_commands(self, spec_name: str) -> list[str]:
return commands
- # ==================== Backward Compatibility ====================
- # These methods provide backward compatibility with the old single-worktree API
+ def has_uncommitted_changes(self, spec_name: str | None = None) -> bool:
+ """Check if there are uncommitted changes."""
+ cwd = None
+ if spec_name:
+ worktree_path = self.get_worktree_path(spec_name)
+ if worktree_path.exists():
+ cwd = worktree_path
+ result = self._run_git(["status", "--porcelain"], cwd=cwd)
+ return bool(result.stdout.strip())
+
+ # ==================== PR Creation Methods ====================
- def get_staging_path(self) -> Path | None:
+ def push_branch(self, spec_name: str, force: bool = False) -> PushBranchResult:
"""
- Backward compatibility: Get path to any existing spec worktree.
- Prefer using get_worktree_path(spec_name) instead.
+ Push a spec's branch to the remote origin with retry logic.
+
+ Args:
+ spec_name: The spec folder name
+ force: Whether to force push (use with caution)
+
+ Returns:
+ PushBranchResult with keys:
+ - success: bool
+ - branch: str (branch name)
+ - remote: str (if successful)
+ - error: str (if failed)
"""
- worktrees = self.list_all_worktrees()
- if worktrees:
- return worktrees[0].path
- return None
+ info = self.get_worktree_info(spec_name)
+ if not info:
+ return PushBranchResult(
+ success=False,
+ error=f"No worktree found for spec: {spec_name}",
+ )
+
+ # Push the branch to origin
+ push_args = ["push", "-u", "origin", info.branch]
+ if force:
+ push_args.insert(1, "--force")
+
+ def do_push() -> tuple[bool, PushBranchResult | None, str]:
+ """Execute push operation for retry wrapper."""
+ try:
+ git_executable = get_git_executable()
+ result = subprocess.run(
+ [git_executable] + push_args,
+ cwd=info.path,
+ capture_output=True,
+ text=True,
+ encoding="utf-8",
+ errors="replace",
+ timeout=self.GIT_PUSH_TIMEOUT,
+ )
+
+ if result.returncode == 0:
+ return (
+ True,
+ PushBranchResult(
+ success=True,
+ branch=info.branch,
+ remote="origin",
+ ),
+ "",
+ )
+ return (False, None, result.stderr)
+ except FileNotFoundError:
+ return (False, None, "git executable not found")
+
+ max_retries = 3
+ result, last_error = _with_retry(
+ operation=do_push,
+ max_retries=max_retries,
+ is_retryable=_is_retryable_network_error,
+ )
- def get_staging_info(self) -> WorktreeInfo | None:
+ if result:
+ return result
+
+ # Handle timeout error message
+ if last_error == "Operation timed out":
+ return PushBranchResult(
+ success=False,
+ branch=info.branch,
+ error=f"Push timed out after {max_retries} attempts.",
+ )
+
+ return PushBranchResult(
+ success=False,
+ branch=info.branch,
+ error=f"Failed to push branch: {last_error}",
+ )
+
+ def create_pull_request(
+ self,
+ spec_name: str,
+ target_branch: str | None = None,
+ title: str | None = None,
+ draft: bool = False,
+ ) -> PullRequestResult:
"""
- Backward compatibility: Get info about any existing spec worktree.
- Prefer using get_worktree_info(spec_name) instead.
+ Create a GitHub pull request for a spec's branch using gh CLI with retry logic.
+
+ Args:
+ spec_name: The spec folder name
+ target_branch: Target branch for PR (defaults to base_branch)
+ title: PR title (defaults to spec name)
+ draft: Whether to create as draft PR
+
+ Returns:
+ PullRequestResult with keys:
+ - success: bool
+ - pr_url: str (if created)
+ - already_exists: bool (if PR already exists)
+ - error: str (if failed)
"""
- worktrees = self.list_all_worktrees()
- if worktrees:
- return worktrees[0]
+ info = self.get_worktree_info(spec_name)
+ if not info:
+ return PullRequestResult(
+ success=False,
+ error=f"No worktree found for spec: {spec_name}",
+ )
+
+ target = target_branch or self.base_branch
+ pr_title = title or f"auto-claude: {spec_name}"
+
+ # Get PR body from spec.md if available
+ pr_body = self._extract_spec_summary(spec_name)
+
+ # Build gh pr create command
+ gh_args = [
+ "gh",
+ "pr",
+ "create",
+ "--base",
+ target,
+ "--head",
+ info.branch,
+ "--title",
+ pr_title,
+ "--body",
+ pr_body,
+ ]
+ if draft:
+ gh_args.append("--draft")
+
+ def is_pr_retryable(stderr: str) -> bool:
+ """Check if PR creation error is retryable (network or HTTP 5xx)."""
+ return _is_retryable_network_error(stderr) or _is_retryable_http_error(
+ stderr
+ )
+
+ def do_create_pr() -> tuple[bool, PullRequestResult | None, str]:
+ """Execute PR creation for retry wrapper."""
+ try:
+ result = subprocess.run(
+ gh_args,
+ cwd=info.path,
+ capture_output=True,
+ text=True,
+ encoding="utf-8",
+ errors="replace",
+ timeout=self.GH_CLI_TIMEOUT,
+ )
+
+ # Check for "already exists" case (success, no retry needed)
+ if result.returncode != 0 and "already exists" in result.stderr.lower():
+ existing_url = self._get_existing_pr_url(spec_name, target)
+ result_dict = PullRequestResult(
+ success=True,
+ pr_url=existing_url,
+ already_exists=True,
+ )
+ if existing_url is None:
+ result_dict["message"] = (
+ "PR already exists but URL could not be retrieved"
+ )
+ return (True, result_dict, "")
+
+ if result.returncode == 0:
+ # Extract PR URL from output
+ pr_url: str | None = result.stdout.strip()
+ if not pr_url.startswith("http"):
+ # Try to find URL in output
+ # Use general pattern to support GitHub Enterprise instances
+ # Matches any HTTPS URL with /pull/ path
+ match = re.search(r"https://[^\s]+/pull/\d+", result.stdout)
+ if match:
+ pr_url = match.group(0)
+ else:
+ # Invalid output - no valid URL found
+ pr_url = None
+
+ return (
+ True,
+ PullRequestResult(
+ success=True,
+ pr_url=pr_url,
+ already_exists=False,
+ ),
+ "",
+ )
+
+ return (False, None, result.stderr)
+
+ except FileNotFoundError:
+ # gh CLI not installed - not retryable, raise to exit retry loop
+ raise
+
+ max_retries = 3
+ try:
+ result, last_error = _with_retry(
+ operation=do_create_pr,
+ max_retries=max_retries,
+ is_retryable=is_pr_retryable,
+ )
+
+ if result:
+ return result
+
+ # Handle timeout error message
+ if last_error == "Operation timed out":
+ return PullRequestResult(
+ success=False,
+ error=f"PR creation timed out after {max_retries} attempts.",
+ )
+
+ return PullRequestResult(
+ success=False,
+ error=f"Failed to create PR: {last_error}",
+ )
+
+ except FileNotFoundError:
+ # gh CLI not installed
+ return PullRequestResult(
+ success=False,
+ error="gh CLI not found. Install from https://cli.github.com/",
+ )
+
+ def _extract_spec_summary(self, spec_name: str) -> str:
+ """Extract a summary from spec.md for PR body."""
+ worktree_path = self.get_worktree_path(spec_name)
+ spec_path = worktree_path / ".auto-claude" / "specs" / spec_name / "spec.md"
+
+ if not spec_path.exists():
+ # Try project spec path
+ spec_path = (
+ self.project_dir / ".auto-claude" / "specs" / spec_name / "spec.md"
+ )
+
+ if not spec_path.exists():
+ return "Auto-generated PR from Auto-Claude build."
+
+ try:
+ content = spec_path.read_text(encoding="utf-8")
+ # Extract first few paragraphs (skip title, get overview)
+ lines = content.split("\n")
+ summary_lines = []
+ in_content = False
+
+ for line in lines:
+ # Skip title headers
+ if line.startswith("# "):
+ continue
+ # Start capturing after first content line
+ if line.strip() and not line.startswith("#"):
+ in_content = True
+ if in_content:
+ if line.startswith("## ") and summary_lines:
+ break # Stop at next section
+ summary_lines.append(line)
+ if len(summary_lines) >= 10: # Limit to ~10 lines
+ break
+
+ summary = "\n".join(summary_lines).strip()
+ if summary:
+ return summary
+ except (OSError, UnicodeDecodeError) as e:
+ # Silently fall back to default - file read errors shouldn't block PR creation
+ debug_warning(
+ "worktree", f"Could not extract spec summary for PR body: {e}"
+ )
+
+ return "Auto-generated PR from Auto-Claude build."
+
+ def _get_existing_pr_url(self, spec_name: str, target_branch: str) -> str | None:
+ """Get the URL of an existing PR for this branch."""
+ info = self.get_worktree_info(spec_name)
+ if not info:
+ return None
+
+ try:
+ result = subprocess.run(
+ ["gh", "pr", "view", info.branch, "--json", "url", "--jq", ".url"],
+ cwd=info.path,
+ capture_output=True,
+ text=True,
+ encoding="utf-8",
+ errors="replace",
+ timeout=self.GH_QUERY_TIMEOUT,
+ )
+ if result.returncode == 0:
+ return result.stdout.strip()
+ except (
+ subprocess.TimeoutExpired,
+ FileNotFoundError,
+ subprocess.SubprocessError,
+ ) as e:
+ # Silently ignore errors when fetching existing PR URL - this is a best-effort
+ # lookup that may fail due to network issues, missing gh CLI, or auth problems.
+ # Returning None allows the caller to handle missing URLs gracefully.
+ debug_warning("worktree", f"Could not get existing PR URL: {e}")
+
return None
- def merge_staging(self, delete_after: bool = True) -> bool:
- """
- Backward compatibility: Merge first found worktree.
- Prefer using merge_worktree(spec_name) instead.
+ def push_and_create_pr(
+ self,
+ spec_name: str,
+ target_branch: str | None = None,
+ title: str | None = None,
+ draft: bool = False,
+ force_push: bool = False,
+ ) -> PushAndCreatePRResult:
"""
- worktrees = self.list_all_worktrees()
- if worktrees:
- return self.merge_worktree(worktrees[0].spec_name, delete_after)
- return False
+ Push branch and create a pull request in one operation.
- def remove_staging(self, delete_branch: bool = True) -> None:
- """
- Backward compatibility: Remove first found worktree.
- Prefer using remove_worktree(spec_name) instead.
+ Args:
+ spec_name: The spec folder name
+ target_branch: Target branch for PR (defaults to base_branch)
+ title: PR title (defaults to spec name)
+ draft: Whether to create as draft PR
+ force_push: Whether to force push the branch
+
+ Returns:
+ PushAndCreatePRResult with keys:
+ - success: bool
+ - pr_url: str (if created)
+ - pushed: bool (if push succeeded)
+ - already_exists: bool (if PR already exists)
+ - error: str (if failed)
"""
- worktrees = self.list_all_worktrees()
- if worktrees:
- self.remove_worktree(worktrees[0].spec_name, delete_branch)
+ # Step 1: Push the branch
+ push_result = self.push_branch(spec_name, force=force_push)
+ if not push_result.get("success"):
+ return PushAndCreatePRResult(
+ success=False,
+ pushed=False,
+ error=push_result.get("error", "Push failed"),
+ )
- def get_or_create_staging(self, spec_name: str) -> WorktreeInfo:
+ # Step 2: Create the PR
+ pr_result = self.create_pull_request(
+ spec_name=spec_name,
+ target_branch=target_branch,
+ title=title,
+ draft=draft,
+ )
+
+ # Combine results
+ return PushAndCreatePRResult(
+ success=pr_result.get("success", False),
+ pushed=True,
+ remote=push_result.get("remote"),
+ branch=push_result.get("branch"),
+ pr_url=pr_result.get("pr_url"),
+ already_exists=pr_result.get("already_exists", False),
+ error=pr_result.get("error"),
+ )
+
+ # ==================== Worktree Cleanup Methods ====================
+
+ def get_old_worktrees(
+ self, days_threshold: int = 30, include_stats: bool = False
+ ) -> list[WorktreeInfo] | list[str]:
"""
- Backward compatibility: Alias for get_or_create_worktree.
+ Find worktrees that haven't been modified in the specified number of days.
+
+ Args:
+ days_threshold: Number of days without activity to consider a worktree old (default: 30)
+ include_stats: If True, return full WorktreeInfo objects; if False, return just spec names
+
+ Returns:
+ List of old worktrees (either WorktreeInfo objects or spec names based on include_stats)
"""
- return self.get_or_create_worktree(spec_name)
+ old_worktrees = []
+
+ for worktree_info in self.list_all_worktrees():
+ # Skip if we can't determine age
+ if worktree_info.days_since_last_commit is None:
+ continue
+
+ if worktree_info.days_since_last_commit >= days_threshold:
+ if include_stats:
+ old_worktrees.append(worktree_info)
+ else:
+ old_worktrees.append(worktree_info.spec_name)
- def staging_exists(self) -> bool:
+ return old_worktrees
+
+ def cleanup_old_worktrees(
+ self, days_threshold: int = 30, dry_run: bool = False
+ ) -> tuple[list[str], list[str]]:
"""
- Backward compatibility: Check if any spec worktree exists.
- Prefer using worktree_exists(spec_name) instead.
+ Remove worktrees that haven't been modified in the specified number of days.
+
+ Args:
+ days_threshold: Number of days without activity to consider a worktree old (default: 30)
+ dry_run: If True, only report what would be removed without actually removing
+
+ Returns:
+ Tuple of (removed_specs, failed_specs) containing spec names
"""
- return len(self.list_all_worktrees()) > 0
+ old_worktrees = self.get_old_worktrees(
+ days_threshold=days_threshold, include_stats=True
+ )
+
+ if not old_worktrees:
+ print(f"No worktrees found older than {days_threshold} days.")
+ return ([], [])
+
+ removed = []
+ failed = []
+
+ if dry_run:
+ print(f"\n[DRY RUN] Would remove {len(old_worktrees)} old worktrees:")
+ for info in old_worktrees:
+ print(
+ f" - {info.spec_name} (last activity: {info.days_since_last_commit} days ago)"
+ )
+ return ([], [])
- def commit_in_staging(self, message: str) -> bool:
+ print(f"\nRemoving {len(old_worktrees)} old worktrees...")
+ for info in old_worktrees:
+ try:
+ self.remove_worktree(info.spec_name, delete_branch=True)
+ removed.append(info.spec_name)
+ print(
+ f" ✓ Removed {info.spec_name} (last activity: {info.days_since_last_commit} days ago)"
+ )
+ except Exception as e:
+ failed.append(info.spec_name)
+ print(f" ✗ Failed to remove {info.spec_name}: {e}")
+
+ if removed:
+ print(f"\nSuccessfully removed {len(removed)} worktree(s).")
+ if failed:
+ print(f"Failed to remove {len(failed)} worktree(s).")
+
+ return (removed, failed)
+
+ def get_worktree_count_warning(
+ self, warning_threshold: int = 10, critical_threshold: int = 20
+ ) -> str | None:
"""
- Backward compatibility: Commit in first found worktree.
- Prefer using commit_in_worktree(spec_name, message) instead.
+ Check worktree count and return a warning message if threshold is exceeded.
+
+ Args:
+ warning_threshold: Number of worktrees to trigger a warning (default: 10)
+ critical_threshold: Number of worktrees to trigger a critical warning (default: 20)
+
+ Returns:
+ Warning message string if threshold exceeded, None otherwise
"""
worktrees = self.list_all_worktrees()
- if worktrees:
- return self.commit_in_worktree(worktrees[0].spec_name, message)
- return False
+ count = len(worktrees)
+
+ if count >= critical_threshold:
+ old_worktrees = self.get_old_worktrees(days_threshold=30)
+ old_count = len(old_worktrees)
+ return (
+ f"CRITICAL: {count} worktrees detected! "
+ f"Consider cleaning up old worktrees ({old_count} are 30+ days old). "
+ f"Run cleanup to remove stale worktrees."
+ )
+ elif count >= warning_threshold:
+ old_worktrees = self.get_old_worktrees(days_threshold=30)
+ old_count = len(old_worktrees)
+ return (
+ f"WARNING: {count} worktrees detected. "
+ f"{old_count} are 30+ days old and may be safe to clean up."
+ )
- def has_uncommitted_changes(self, in_staging: bool = False) -> bool:
- """Check if there are uncommitted changes."""
+ return None
+
+ def print_worktree_summary(self) -> None:
+ """Print a summary of all worktrees with age information."""
worktrees = self.list_all_worktrees()
- if in_staging and worktrees:
- cwd = worktrees[0].path
- else:
- cwd = None
- result = self._run_git(["status", "--porcelain"], cwd=cwd)
- return bool(result.stdout.strip())
+ if not worktrees:
+ print("No worktrees found.")
+ return
-# Keep STAGING_WORKTREE_NAME for backward compatibility in imports
-STAGING_WORKTREE_NAME = "auto-claude"
+ print(f"\n{'=' * 80}")
+ print(f"Worktree Summary ({len(worktrees)} total)")
+ print(f"{'=' * 80}\n")
+
+ # Group by age
+ recent = [] # < 7 days
+ week_old = [] # 7-30 days
+ month_old = [] # 30-90 days
+ very_old = [] # > 90 days
+ unknown_age = []
+
+ for info in worktrees:
+ if info.days_since_last_commit is None:
+ unknown_age.append(info)
+ elif info.days_since_last_commit < 7:
+ recent.append(info)
+ elif info.days_since_last_commit < 30:
+ week_old.append(info)
+ elif info.days_since_last_commit < 90:
+ month_old.append(info)
+ else:
+ very_old.append(info)
+
+ def print_group(title: str, items: list[WorktreeInfo]):
+ if not items:
+ return
+ print(f"{title} ({len(items)}):")
+ for info in sorted(items, key=lambda x: x.spec_name):
+ age_str = (
+ f"{info.days_since_last_commit}d ago"
+ if info.days_since_last_commit is not None
+ else "unknown"
+ )
+ print(f" - {info.spec_name} (last activity: {age_str})")
+ print()
+
+ print_group("Recent (< 7 days)", recent)
+ print_group("Week Old (7-30 days)", week_old)
+ print_group("Month Old (30-90 days)", month_old)
+ print_group("Very Old (> 90 days)", very_old)
+ print_group("Unknown Age", unknown_age)
+
+ # Print cleanup suggestions
+ if month_old or very_old:
+ total_old = len(month_old) + len(very_old)
+ print(f"{'=' * 80}")
+ print(
+ f"💡 Suggestion: {total_old} worktree(s) are 30+ days old and may be safe to clean up."
+ )
+ print(" Review these worktrees and run cleanup if no longer needed.")
+ print(f"{'=' * 80}\n")
diff --git a/apps/backend/ideation/analyzer.py b/apps/backend/ideation/analyzer.py
index f4012feab0..3011a0c7f2 100644
--- a/apps/backend/ideation/analyzer.py
+++ b/apps/backend/ideation/analyzer.py
@@ -45,6 +45,7 @@ def gather_context(self) -> dict:
"tech_stack": [],
"target_audience": None,
"planned_features": [],
+ "personas": [], # User personas for ideation targeting
}
# Get project index (from .auto-claude - the installed instance)
@@ -119,6 +120,55 @@ def gather_context(self) -> dict:
# Remove duplicates from planned features
context["planned_features"] = list(set(context["planned_features"]))
+ # Get personas context (if generated)
+ # Include full goals and pain points with IDs for persona relevance scoring
+ personas_path = self.project_dir / ".auto-claude" / "personas" / "personas.json"
+ if personas_path.exists():
+ try:
+ with open(personas_path) as f:
+ personas_data = json.load(f)
+ for persona in personas_data.get("personas", []):
+ # Extract structured persona information for ideation context
+ # Include IDs for relevance scoring
+ persona_summary = {
+ "id": persona.get("id", ""),
+ "name": persona.get("name", ""),
+ "type": persona.get("type", ""), # primary, secondary, edge-case
+ "tagline": persona.get("tagline", ""),
+ "role": persona.get("demographics", {}).get("role", ""),
+ "experience_level": persona.get("demographics", {}).get(
+ "experienceLevel", ""
+ ),
+ # Full goals with IDs and priorities for relevance scoring
+ "goals": [
+ {
+ "id": g.get("id", ""),
+ "description": g.get("description", ""),
+ "priority": g.get("priority", ""), # must-have, should-have, nice-to-have
+ }
+ for g in persona.get("goals", [])
+ ],
+ # Full pain points with IDs and severities for relevance scoring
+ "pain_points": [
+ {
+ "id": p.get("id", ""),
+ "description": p.get("description", ""),
+ "severity": p.get("severity", ""), # high, medium, low
+ }
+ for p in persona.get("painPoints", [])
+ ],
+ "feature_preferences": persona.get("featurePreferences", {}),
+ }
+ context["personas"].append(persona_summary)
+ debug_success(
+ "ideation_analyzer",
+ f"Loaded {len(context['personas'])} personas for ideation context",
+ )
+ except (json.JSONDecodeError, KeyError) as e:
+ debug_warning(
+ "ideation_analyzer", f"Failed to load personas: {e}"
+ )
+
return context
async def get_graph_hints(self, ideation_type: str) -> list[dict]:
diff --git a/apps/backend/ideation/config.py b/apps/backend/ideation/config.py
index 9f650b78da..0f56a893d3 100644
--- a/apps/backend/ideation/config.py
+++ b/apps/backend/ideation/config.py
@@ -25,7 +25,7 @@ def __init__(
include_roadmap_context: bool = True,
include_kanban_context: bool = True,
max_ideas_per_type: int = 5,
- model: str = "claude-opus-4-5-20251101",
+ model: str = "sonnet", # Changed from "opus" (fix #433)
thinking_level: str = "medium",
refresh: bool = False,
append: bool = False,
diff --git a/apps/backend/ideation/generator.py b/apps/backend/ideation/generator.py
index 4e3005040e..dcd347041b 100644
--- a/apps/backend/ideation/generator.py
+++ b/apps/backend/ideation/generator.py
@@ -17,7 +17,7 @@
sys.path.insert(0, str(Path(__file__).parent.parent))
from client import create_client
-from phase_config import get_thinking_budget
+from phase_config import get_thinking_budget, resolve_model_id
from ui import print_status
# Ideation types
@@ -56,7 +56,7 @@ def __init__(
self,
project_dir: Path,
output_dir: Path,
- model: str = "claude-opus-4-5-20251101",
+ model: str = "sonnet", # Changed from "opus" (fix #433)
thinking_level: str = "medium",
max_ideas_per_type: int = 5,
):
@@ -94,7 +94,7 @@ async def run_agent(
client = create_client(
self.project_dir,
self.output_dir,
- self.model,
+ resolve_model_id(self.model),
max_thinking_tokens=self.thinking_budget,
)
@@ -187,7 +187,7 @@ async def run_recovery_agent(
client = create_client(
self.project_dir,
self.output_dir,
- self.model,
+ resolve_model_id(self.model),
max_thinking_tokens=self.thinking_budget,
)
diff --git a/apps/backend/ideation/phase_executor.py b/apps/backend/ideation/phase_executor.py
index 991910bbe1..a2be4969f1 100644
--- a/apps/backend/ideation/phase_executor.py
+++ b/apps/backend/ideation/phase_executor.py
@@ -190,6 +190,7 @@ async def execute_context(self) -> IdeationPhaseResult:
"tech_stack": context["tech_stack"],
"target_audience": context["target_audience"],
"planned_features": context["planned_features"],
+ "personas": context.get("personas", []), # Include personas in context
"graph_hints": graph_hints, # Include graph hints in context
"config": {
"enabled_types": self.enabled_types,
@@ -209,6 +210,8 @@ async def execute_context(self) -> IdeationPhaseResult:
print_key_value(
"Target Audience", context["target_audience"] or "Not specified"
)
+ if context.get("personas"):
+ print_key_value("User Personas", str(len(context["personas"])))
if graph_hints:
total_hints = sum(len(h) for h in graph_hints.values())
print_key_value("Graph Hints", str(total_hints))
diff --git a/apps/backend/ideation/runner.py b/apps/backend/ideation/runner.py
index 1e1537037a..c20d41f839 100644
--- a/apps/backend/ideation/runner.py
+++ b/apps/backend/ideation/runner.py
@@ -41,7 +41,7 @@ def __init__(
include_roadmap_context: bool = True,
include_kanban_context: bool = True,
max_ideas_per_type: int = 5,
- model: str = "claude-opus-4-5-20251101",
+ model: str = "sonnet", # Changed from "opus" (fix #433)
thinking_level: str = "medium",
refresh: bool = False,
append: bool = False,
diff --git a/apps/backend/ideation/types.py b/apps/backend/ideation/types.py
index 7180f1e0f0..c2c391d630 100644
--- a/apps/backend/ideation/types.py
+++ b/apps/backend/ideation/types.py
@@ -31,6 +31,6 @@ class IdeationConfig:
include_roadmap_context: bool = True
include_kanban_context: bool = True
max_ideas_per_type: int = 5
- model: str = "claude-opus-4-5-20251101"
+ model: str = "sonnet" # Changed from "opus" (fix #433)
refresh: bool = False
append: bool = False # If True, preserve existing ideas when merging
diff --git a/apps/backend/init.py b/apps/backend/init.py
index c6aee373d4..5f1962b44e 100644
--- a/apps/backend/init.py
+++ b/apps/backend/init.py
@@ -6,6 +6,32 @@
from pathlib import Path
+# All entries that should be added to .gitignore for auto-claude projects
+AUTO_CLAUDE_GITIGNORE_ENTRIES = [
+ ".auto-claude/",
+ ".auto-claude-security.json",
+ ".auto-claude-status",
+ ".claude_settings.json",
+ ".worktrees/",
+ ".security-key",
+ "logs/security/",
+]
+
+
+def _entry_exists_in_gitignore(lines: list[str], entry: str) -> bool:
+ """Check if an entry already exists in gitignore (handles trailing slash variations)."""
+ entry_normalized = entry.rstrip("/")
+ for line in lines:
+ line_stripped = line.strip()
+ # Match both "entry" and "entry/"
+ if (
+ line_stripped == entry
+ or line_stripped == entry_normalized
+ or line_stripped == entry_normalized + "/"
+ ):
+ return True
+ return False
+
def ensure_gitignore_entry(project_dir: Path, entry: str = ".auto-claude/") -> bool:
"""
@@ -27,17 +53,8 @@ def ensure_gitignore_entry(project_dir: Path, entry: str = ".auto-claude/") -> b
content = gitignore_path.read_text()
lines = content.splitlines()
- # Check if entry already exists (exact match or with trailing newline variations)
- entry_normalized = entry.rstrip("/")
- for line in lines:
- line_stripped = line.strip()
- # Match both ".auto-claude" and ".auto-claude/"
- if (
- line_stripped == entry
- or line_stripped == entry_normalized
- or line_stripped == entry_normalized + "/"
- ):
- return False # Already exists
+ if _entry_exists_in_gitignore(lines, entry):
+ return False # Already exists
# Entry doesn't exist, append it
# Ensure file ends with newline before adding our entry
@@ -59,11 +76,58 @@ def ensure_gitignore_entry(project_dir: Path, entry: str = ".auto-claude/") -> b
return True
+def ensure_all_gitignore_entries(project_dir: Path) -> list[str]:
+ """
+ Ensure all auto-claude related entries exist in the project's .gitignore file.
+
+ Creates .gitignore if it doesn't exist.
+
+ Args:
+ project_dir: The project root directory
+
+ Returns:
+ List of entries that were added (empty if all already existed)
+ """
+ gitignore_path = project_dir / ".gitignore"
+ added_entries: list[str] = []
+
+ # Read existing content or start fresh
+ if gitignore_path.exists():
+ content = gitignore_path.read_text()
+ lines = content.splitlines()
+ else:
+ content = ""
+ lines = []
+
+ # Find entries that need to be added
+ entries_to_add = [
+ entry
+ for entry in AUTO_CLAUDE_GITIGNORE_ENTRIES
+ if not _entry_exists_in_gitignore(lines, entry)
+ ]
+
+ if not entries_to_add:
+ return []
+
+ # Build the new content to append
+ # Ensure file ends with newline before adding our entries
+ if content and not content.endswith("\n"):
+ content += "\n"
+
+ content += "\n# Auto Claude generated files\n"
+ for entry in entries_to_add:
+ content += entry + "\n"
+ added_entries.append(entry)
+
+ gitignore_path.write_text(content)
+ return added_entries
+
+
def init_auto_claude_dir(project_dir: Path) -> tuple[Path, bool]:
"""
Initialize the .auto-claude directory for a project.
- Creates the directory if needed and ensures it's in .gitignore.
+ Creates the directory if needed and ensures all auto-claude files are in .gitignore.
Args:
project_dir: The project root directory
@@ -78,16 +142,18 @@ def init_auto_claude_dir(project_dir: Path) -> tuple[Path, bool]:
dir_created = not auto_claude_dir.exists()
auto_claude_dir.mkdir(parents=True, exist_ok=True)
- # Ensure .auto-claude is in .gitignore (only on first creation)
+ # Ensure all auto-claude entries are in .gitignore (only on first creation)
gitignore_updated = False
if dir_created:
- gitignore_updated = ensure_gitignore_entry(project_dir, ".auto-claude/")
+ added = ensure_all_gitignore_entries(project_dir)
+ gitignore_updated = len(added) > 0
else:
# Even if dir exists, check gitignore on first run
# Use a marker file to track if we've already checked
marker = auto_claude_dir / ".gitignore_checked"
if not marker.exists():
- gitignore_updated = ensure_gitignore_entry(project_dir, ".auto-claude/")
+ added = ensure_all_gitignore_entries(project_dir)
+ gitignore_updated = len(added) > 0
marker.touch()
return auto_claude_dir, gitignore_updated
@@ -109,3 +175,36 @@ def get_auto_claude_dir(project_dir: Path, ensure_exists: bool = True) -> Path:
return auto_claude_dir
return Path(project_dir) / ".auto-claude"
+
+
+def repair_gitignore(project_dir: Path) -> list[str]:
+ """
+ Repair an existing project's .gitignore to include all auto-claude entries.
+
+ This is useful for projects created before all entries were being added,
+ or when gitignore entries were manually removed.
+
+ Also resets the .gitignore_checked marker to allow future updates.
+
+ Args:
+ project_dir: The project root directory
+
+ Returns:
+ List of entries that were added (empty if all already existed)
+ """
+ project_dir = Path(project_dir)
+ auto_claude_dir = project_dir / ".auto-claude"
+
+ # Remove the marker file so future checks will also run
+ marker = auto_claude_dir / ".gitignore_checked"
+ if marker.exists():
+ marker.unlink()
+
+ # Add all missing entries
+ added = ensure_all_gitignore_entries(project_dir)
+
+ # Re-create the marker
+ if auto_claude_dir.exists():
+ marker.touch()
+
+ return added
diff --git a/apps/backend/integrations/graphiti/config.py b/apps/backend/integrations/graphiti/config.py
index f2af6fd32f..4dbbc3e61e 100644
--- a/apps/backend/integrations/graphiti/config.py
+++ b/apps/backend/integrations/graphiti/config.py
@@ -622,10 +622,23 @@ def get_graphiti_status() -> dict:
status["errors"] = errors
# Errors are informational - embedder is optional (keyword search fallback)
- # Available if is_valid() returns True (just needs enabled flag)
- status["available"] = config.is_valid()
- if not status["available"]:
+ # CRITICAL FIX: Actually verify packages are importable before reporting available
+ # Don't just check config.is_valid() - actually try to import the module
+ if not config.is_valid():
status["reason"] = errors[0] if errors else "Configuration invalid"
+ return status
+
+ # Try importing the required Graphiti packages
+ try:
+ # Attempt to import the main graphiti_memory module
+ import graphiti_core # noqa: F401
+ from graphiti_core.driver.falkordb_driver import FalkorDriver # noqa: F401
+
+ # If we got here, packages are importable
+ status["available"] = True
+ except ImportError as e:
+ status["available"] = False
+ status["reason"] = f"Graphiti packages not installed: {e}"
return status
diff --git a/apps/backend/integrations/graphiti/queries_pkg/client.py b/apps/backend/integrations/graphiti/queries_pkg/client.py
index c1961484ac..3808d9d561 100644
--- a/apps/backend/integrations/graphiti/queries_pkg/client.py
+++ b/apps/backend/integrations/graphiti/queries_pkg/client.py
@@ -34,8 +34,25 @@ def _apply_ladybug_monkeypatch() -> bool:
sys.modules["kuzu"] = real_ladybug
logger.info("Applied LadybugDB monkeypatch (kuzu -> real_ladybug)")
return True
- except ImportError:
- pass
+ except ImportError as e:
+ logger.debug(f"LadybugDB import failed: {e}")
+ # On Windows with Python 3.12+, provide more specific error details
+ # (pywin32 is only required for Python 3.12+ per requirements.txt)
+ if sys.platform == "win32" and sys.version_info >= (3, 12):
+ # Check if it's the pywin32 error using both name attribute and string match
+ # for robustness across Python versions
+ is_pywin32_error = (
+ (hasattr(e, "name") and e.name in ("pywintypes", "pywin32", "win32api"))
+ or "pywintypes" in str(e)
+ or "pywin32" in str(e)
+ )
+ if is_pywin32_error:
+ logger.error(
+ "LadybugDB requires pywin32 on Windows. "
+ "Install with: pip install pywin32>=306"
+ )
+ else:
+ logger.debug(f"Windows-specific import issue: {e}")
# Fall back to native kuzu
try:
diff --git a/apps/backend/integrations/linear/updater.py b/apps/backend/integrations/linear/updater.py
index d102642fab..02d3880cfc 100644
--- a/apps/backend/integrations/linear/updater.py
+++ b/apps/backend/integrations/linear/updater.py
@@ -118,6 +118,7 @@ def _create_linear_client() -> ClaudeSDKClient:
get_sdk_env_vars,
require_auth_token,
)
+ from phase_config import resolve_model_id
require_auth_token() # Raises ValueError if no token found
ensure_claude_code_oauth_token()
@@ -130,7 +131,7 @@ def _create_linear_client() -> ClaudeSDKClient:
return ClaudeSDKClient(
options=ClaudeAgentOptions(
- model="claude-haiku-4-5", # Fast & cheap model for simple API calls
+ model=resolve_model_id("haiku"), # Resolves via API Profile if configured
system_prompt="You are a Linear API assistant. Execute the requested Linear operation precisely.",
allowed_tools=LINEAR_TOOLS,
mcp_servers={
diff --git a/apps/backend/merge/__init__.py b/apps/backend/merge/__init__.py
index 99dc35d269..7ac715a964 100644
--- a/apps/backend/merge/__init__.py
+++ b/apps/backend/merge/__init__.py
@@ -9,7 +9,7 @@
traditional merge conflicts.
Components:
-- SemanticAnalyzer: Tree-sitter based semantic change extraction
+- SemanticAnalyzer: Regex-based semantic change extraction
- ConflictDetector: Rule-based conflict detection and compatibility analysis
- AutoMerger: Deterministic merge strategies (no AI needed)
- AIResolver: Minimal-context AI resolution for ambiguous conflicts
diff --git a/apps/backend/merge/ai_resolver/claude_client.py b/apps/backend/merge/ai_resolver/claude_client.py
index 77229043c5..40e118f923 100644
--- a/apps/backend/merge/ai_resolver/claude_client.py
+++ b/apps/backend/merge/ai_resolver/claude_client.py
@@ -82,7 +82,9 @@ async def _run_merge() -> str:
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
response_text += block.text
logger.info(f"AI merge response: {len(response_text)} chars")
diff --git a/apps/backend/merge/file_evolution/modification_tracker.py b/apps/backend/merge/file_evolution/modification_tracker.py
index b4cc281ae6..6d75237eb7 100644
--- a/apps/backend/merge/file_evolution/modification_tracker.py
+++ b/apps/backend/merge/file_evolution/modification_tracker.py
@@ -68,6 +68,7 @@ def record_modification(
new_content: str,
evolutions: dict[str, FileEvolution],
raw_diff: str | None = None,
+ skip_semantic_analysis: bool = False,
) -> TaskSnapshot | None:
"""
Record a file modification by a task.
@@ -79,6 +80,9 @@ def record_modification(
new_content: File content after modification
evolutions: Current evolution data (will be updated)
raw_diff: Optional unified diff for reference
+ skip_semantic_analysis: If True, skip expensive semantic analysis.
+ Use this for lightweight file tracking when only conflict
+ detection is needed (not conflict resolution).
Returns:
Updated TaskSnapshot, or None if file not being tracked
@@ -87,8 +91,8 @@ def record_modification(
# Get or create evolution
if rel_path not in evolutions:
- logger.warning(f"File {rel_path} not being tracked")
- # Note: We could auto-create here, but for now return None
+ # Debug level: this is expected for files not in baseline (e.g., from main's changes)
+ logger.debug(f"File {rel_path} not in evolution tracking - skipping")
return None
evolution = evolutions.get(rel_path)
@@ -105,9 +109,19 @@ def record_modification(
content_hash_before=compute_content_hash(old_content),
)
- # Analyze semantic changes
- analysis = self.analyzer.analyze_diff(rel_path, old_content, new_content)
- semantic_changes = analysis.changes
+ # Analyze semantic changes (or skip for lightweight tracking)
+ if skip_semantic_analysis:
+ # Fast path: just track the file change without analysis
+ # This is used for files that don't have conflicts
+ semantic_changes = []
+ debug(
+ MODULE,
+ f"Skipping semantic analysis for {rel_path} (lightweight tracking)",
+ )
+ else:
+ # Full analysis (only for conflict files)
+ analysis = self.analyzer.analyze_diff(rel_path, old_content, new_content)
+ semantic_changes = analysis.changes
# Update snapshot
snapshot.completed_at = datetime.now()
@@ -121,6 +135,7 @@ def record_modification(
logger.info(
f"Recorded modification to {rel_path} by {task_id}: "
f"{len(semantic_changes)} semantic changes"
+ + (" (lightweight)" if skip_semantic_analysis else "")
)
return snapshot
@@ -130,6 +145,7 @@ def refresh_from_git(
worktree_path: Path,
evolutions: dict[str, FileEvolution],
target_branch: str | None = None,
+ analyze_only_files: set[str] | None = None,
) -> None:
"""
Refresh task snapshots by analyzing git diff from worktree.
@@ -142,6 +158,10 @@ def refresh_from_git(
worktree_path: Path to the task's worktree
evolutions: Current evolution data (will be updated)
target_branch: Branch to compare against (default: detect from worktree)
+ analyze_only_files: If provided, only run full semantic analysis on
+ these files. Other files will be tracked with lightweight mode
+ (no semantic analysis). This optimizes performance by only
+ analyzing files that have actual conflicts.
"""
# Determine the target branch to compare against
if not target_branch:
@@ -154,12 +174,27 @@ def refresh_from_git(
task_id=task_id,
worktree_path=str(worktree_path),
target_branch=target_branch,
+ analyze_only_files=list(analyze_only_files)[:10]
+ if analyze_only_files
+ else "all",
)
try:
- # Get list of files changed in the worktree vs target branch
+ # Get the merge-base to accurately identify task-only changes
+ # Using two-dot diff (merge-base..HEAD) returns only files changed by the task,
+ # not files changed on the target branch since divergence
+ merge_base_result = subprocess.run(
+ ["git", "merge-base", target_branch, "HEAD"],
+ cwd=worktree_path,
+ capture_output=True,
+ text=True,
+ check=True,
+ )
+ merge_base = merge_base_result.stdout.strip()
+
+ # Get list of files changed in the worktree since the merge-base
result = subprocess.run(
- ["git", "diff", "--name-only", f"{target_branch}...HEAD"],
+ ["git", "diff", "--name-only", f"{merge_base}..HEAD"],
cwd=worktree_path,
capture_output=True,
text=True,
@@ -175,55 +210,103 @@ def refresh_from_git(
else changed_files,
)
+ processed_count = 0
for file_path in changed_files:
- # Get the diff for this file
- diff_result = subprocess.run(
- ["git", "diff", f"{target_branch}...HEAD", "--", file_path],
- cwd=worktree_path,
- capture_output=True,
- text=True,
- check=True,
- )
-
- # Get content before (from target branch) and after (current)
try:
- show_result = subprocess.run(
- ["git", "show", f"{target_branch}:{file_path}"],
+ # Get the diff for this file (using merge-base for accurate task-only diff)
+ diff_result = subprocess.run(
+ ["git", "diff", f"{merge_base}..HEAD", "--", file_path],
cwd=worktree_path,
capture_output=True,
text=True,
check=True,
)
- old_content = show_result.stdout
- except subprocess.CalledProcessError:
- # File is new
- old_content = ""
- current_file = worktree_path / file_path
- if current_file.exists():
+ # Get content before (from merge-base - the point where task branched)
try:
- new_content = current_file.read_text(encoding="utf-8")
- except UnicodeDecodeError:
- new_content = current_file.read_text(
- encoding="utf-8", errors="replace"
+ show_result = subprocess.run(
+ ["git", "show", f"{merge_base}:{file_path}"],
+ cwd=worktree_path,
+ capture_output=True,
+ text=True,
+ check=True,
+ )
+ old_content = show_result.stdout
+ except subprocess.CalledProcessError:
+ # File is new
+ old_content = ""
+
+ current_file = worktree_path / file_path
+ if current_file.exists():
+ try:
+ new_content = current_file.read_text(encoding="utf-8")
+ except UnicodeDecodeError:
+ new_content = current_file.read_text(
+ encoding="utf-8", errors="replace"
+ )
+ else:
+ # File was deleted
+ new_content = ""
+
+ # Auto-create FileEvolution entry if not already tracked
+ # This handles retroactive tracking when capture_baselines wasn't called
+ rel_path = self.storage.get_relative_path(file_path)
+ if rel_path not in evolutions:
+ evolutions[rel_path] = FileEvolution(
+ file_path=rel_path,
+ baseline_commit=merge_base,
+ baseline_captured_at=datetime.now(),
+ baseline_content_hash=compute_content_hash(old_content),
+ baseline_snapshot_path="", # Not storing baseline file
+ task_snapshots=[],
+ )
+ debug(
+ MODULE,
+ f"Auto-created evolution entry for {rel_path}",
+ baseline_commit=merge_base[:8],
)
- else:
- # File was deleted
- new_content = ""
-
- # Record the modification
- self.record_modification(
- task_id=task_id,
- file_path=file_path,
- old_content=old_content,
- new_content=new_content,
- evolutions=evolutions,
- raw_diff=diff_result.stdout,
- )
- logger.info(
- f"Refreshed {len(changed_files)} files from worktree for task {task_id}"
- )
+ # Determine if this file needs full semantic analysis
+ # If analyze_only_files is provided, only analyze files in that set
+ # Otherwise, analyze all files (backward compatible)
+ skip_analysis = False
+ if analyze_only_files is not None:
+ skip_analysis = rel_path not in analyze_only_files
+
+ # Record the modification
+ self.record_modification(
+ task_id=task_id,
+ file_path=file_path,
+ old_content=old_content,
+ new_content=new_content,
+ evolutions=evolutions,
+ raw_diff=diff_result.stdout,
+ skip_semantic_analysis=skip_analysis,
+ )
+ processed_count += 1
+
+ except subprocess.CalledProcessError as e:
+ # Log error but continue with remaining files
+ logger.warning(
+ f"Failed to process {file_path} in refresh_from_git: {e}"
+ )
+ continue
+
+ # Calculate how many files were fully analyzed vs just tracked
+ if analyze_only_files is not None:
+ analyzed_count = len(
+ [f for f in changed_files if f in analyze_only_files]
+ )
+ tracked_only_count = processed_count - analyzed_count
+ logger.info(
+ f"Refreshed {processed_count}/{len(changed_files)} files from worktree for task {task_id} "
+ f"(analyzed: {analyzed_count}, tracked only: {tracked_only_count})"
+ )
+ else:
+ logger.info(
+ f"Refreshed {processed_count}/{len(changed_files)} files from worktree for task {task_id} "
+ "(full analysis on all files)"
+ )
except subprocess.CalledProcessError as e:
logger.error(f"Failed to refresh from git: {e}")
@@ -248,35 +331,23 @@ def mark_task_completed(
def _detect_target_branch(self, worktree_path: Path) -> str:
"""
- Detect the target branch to compare against for a worktree.
+ Detect the base branch to compare against for a worktree.
+
+ This finds the branch that the worktree was created FROM by looking
+ for common branch names (main, master, develop) that have a valid
+ merge-base with the worktree.
- This finds the branch that the worktree was created from by looking
- at the merge-base between the worktree and common branch names.
+ Note: We don't use upstream tracking because that returns the worktree's
+ own branch (e.g., origin/auto-claude/...) rather than the base branch.
Args:
worktree_path: Path to the worktree
Returns:
- The detected target branch name, defaults to 'main' if detection fails
+ The detected base branch name, defaults to 'main' if detection fails
"""
- # Try to get the upstream tracking branch
- try:
- result = subprocess.run(
- ["git", "rev-parse", "--abbrev-ref", "--symbolic-full-name", "@{u}"],
- cwd=worktree_path,
- capture_output=True,
- text=True,
- )
- if result.returncode == 0 and result.stdout.strip():
- upstream = result.stdout.strip()
- # Extract branch name from origin/branch format
- if "/" in upstream:
- return upstream.split("/", 1)[1]
- return upstream
- except subprocess.CalledProcessError:
- pass
-
# Try common branch names and find which one has a valid merge-base
+ # This is the reliable way to find what branch the worktree diverged from
for branch in ["main", "master", "develop"]:
try:
result = subprocess.run(
@@ -286,14 +357,39 @@ def _detect_target_branch(self, worktree_path: Path) -> str:
text=True,
)
if result.returncode == 0:
+ debug(
+ MODULE,
+ f"Detected base branch: {branch}",
+ worktree_path=str(worktree_path),
+ )
return branch
except subprocess.CalledProcessError:
continue
- # Default to main
+ # Before defaulting to 'main', verify it exists
+ # This handles non-standard projects that use trunk, production, etc.
+ try:
+ result = subprocess.run(
+ ["git", "rev-parse", "--verify", "main"],
+ cwd=worktree_path,
+ capture_output=True,
+ text=True,
+ )
+ if result.returncode == 0:
+ debug_warning(
+ MODULE,
+ "Could not find merge-base with standard branches, defaulting to 'main'",
+ worktree_path=str(worktree_path),
+ )
+ return "main"
+ except subprocess.CalledProcessError:
+ pass
+
+ # Last resort: use HEAD~10 as a fallback comparison point
+ # This allows modification tracking even on non-standard branch setups
debug_warning(
MODULE,
- "Could not detect target branch, defaulting to 'main'",
+ "No standard base branch found, modification tracking may be limited",
worktree_path=str(worktree_path),
)
- return "main"
+ return "HEAD~10"
diff --git a/apps/backend/merge/file_evolution/tracker.py b/apps/backend/merge/file_evolution/tracker.py
index c9df3b1a68..2a8d248eb4 100644
--- a/apps/backend/merge/file_evolution/tracker.py
+++ b/apps/backend/merge/file_evolution/tracker.py
@@ -327,6 +327,7 @@ def refresh_from_git(
task_id: str,
worktree_path: Path,
target_branch: str | None = None,
+ analyze_only_files: set[str] | None = None,
) -> None:
"""
Refresh task snapshots by analyzing git diff from worktree.
@@ -338,11 +339,16 @@ def refresh_from_git(
task_id: The task identifier
worktree_path: Path to the task's worktree
target_branch: Branch to compare against (default: auto-detect)
+ analyze_only_files: If provided, only run full semantic analysis on
+ these files. Other files will be tracked with lightweight mode
+ (no semantic analysis). This optimizes performance by only
+ analyzing files that have actual conflicts.
"""
self.modification_tracker.refresh_from_git(
task_id=task_id,
worktree_path=worktree_path,
evolutions=self._evolutions,
target_branch=target_branch,
+ analyze_only_files=analyze_only_files,
)
self._save_evolutions()
diff --git a/apps/backend/merge/file_merger.py b/apps/backend/merge/file_merger.py
index 1038055554..7fc3c35dc7 100644
--- a/apps/backend/merge/file_merger.py
+++ b/apps/backend/merge/file_merger.py
@@ -19,6 +19,35 @@
from .types import ChangeType, SemanticChange, TaskSnapshot
+def detect_line_ending(content: str) -> str:
+ """
+ Detect line ending style in content using priority-based detection.
+
+ Uses a priority order (CRLF > CR > LF) to detect the line ending style.
+ CRLF is checked first because it contains LF, so presence of any CRLF
+ indicates Windows-style endings. This approach is fast and works well
+ for files that consistently use one style.
+
+ Note: This returns the first detected style by priority, not the most
+ frequent style. For files with mixed line endings, consider normalizing
+ to a single style before processing.
+
+ Args:
+ content: File content to analyze
+
+ Returns:
+ The detected line ending string: "\\r\\n", "\\r", or "\\n"
+ """
+ # Check for CRLF first (Windows) - must check before LF since CRLF contains LF
+ if "\r\n" in content:
+ return "\r\n"
+ # Check for CR (classic Mac, rare but possible)
+ if "\r" in content:
+ return "\r"
+ # Default to LF (Unix/modern Mac)
+ return "\n"
+
+
def apply_single_task_changes(
baseline: str,
snapshot: TaskSnapshot,
@@ -35,7 +64,16 @@ def apply_single_task_changes(
Returns:
Modified content with changes applied
"""
- content = baseline
+ # Detect line ending style before normalizing
+ original_line_ending = detect_line_ending(baseline)
+
+ # Normalize to LF for consistent matching with regex_analyzer output
+ # The regex_analyzer normalizes content to LF when extracting content_before/after,
+ # so we must also normalize baseline to ensure replace() matches correctly
+ content = baseline.replace("\r\n", "\n").replace("\r", "\n")
+
+ # Use LF for internal processing
+ line_ending = "\n"
for change in snapshot.semantic_changes:
if change.content_before and change.content_after:
@@ -45,13 +83,19 @@ def apply_single_task_changes(
# Addition - need to determine where to add
if change.change_type == ChangeType.ADD_IMPORT:
# Add import at top
- lines = content.split("\n")
+ lines = content.splitlines()
import_end = find_import_end(lines, file_path)
lines.insert(import_end, change.content_after)
- content = "\n".join(lines)
+ content = line_ending.join(lines)
elif change.change_type == ChangeType.ADD_FUNCTION:
# Add function at end (before exports)
- content += f"\n\n{change.content_after}"
+ content += f"{line_ending}{line_ending}{change.content_after}"
+
+ # Restore original line ending style if it was CRLF
+ if original_line_ending == "\r\n":
+ content = content.replace("\n", "\r\n")
+ elif original_line_ending == "\r":
+ content = content.replace("\n", "\r")
return content
@@ -72,7 +116,16 @@ def combine_non_conflicting_changes(
Returns:
Combined content with all changes applied
"""
- content = baseline
+ # Detect line ending style before normalizing
+ original_line_ending = detect_line_ending(baseline)
+
+ # Normalize to LF for consistent matching with regex_analyzer output
+ # The regex_analyzer normalizes content to LF when extracting content_before/after,
+ # so we must also normalize baseline to ensure replace() matches correctly
+ content = baseline.replace("\r\n", "\n").replace("\r", "\n")
+
+ # Use LF for internal processing
+ line_ending = "\n"
# Group changes by type for proper ordering
imports: list[SemanticChange] = []
@@ -96,13 +149,13 @@ def combine_non_conflicting_changes(
# Add imports
if imports:
- lines = content.split("\n")
+ lines = content.splitlines()
import_end = find_import_end(lines, file_path)
for imp in imports:
if imp.content_after and imp.content_after not in content:
lines.insert(import_end, imp.content_after)
import_end += 1
- content = "\n".join(lines)
+ content = line_ending.join(lines)
# Apply modifications
for mod in modifications:
@@ -112,15 +165,21 @@ def combine_non_conflicting_changes(
# Add functions
for func in functions:
if func.content_after:
- content += f"\n\n{func.content_after}"
+ content += f"{line_ending}{line_ending}{func.content_after}"
# Apply other changes
for change in other:
if change.content_after and not change.content_before:
- content += f"\n{change.content_after}"
+ content += f"{line_ending}{change.content_after}"
elif change.content_before and change.content_after:
content = content.replace(change.content_before, change.content_after)
+ # Restore original line ending style if it was CRLF
+ if original_line_ending == "\r\n":
+ content = content.replace("\n", "\r\n")
+ elif original_line_ending == "\r":
+ content = content.replace("\n", "\r")
+
return content
diff --git a/apps/backend/merge/git_utils.py b/apps/backend/merge/git_utils.py
index 92bfd40f7b..6868d0d015 100644
--- a/apps/backend/merge/git_utils.py
+++ b/apps/backend/merge/git_utils.py
@@ -27,28 +27,19 @@ def find_worktree(project_dir: Path, task_id: str) -> Path | None:
Returns:
Path to the worktree, or None if not found
"""
- # Check common locations
- worktrees_dir = project_dir / ".worktrees"
- if worktrees_dir.exists():
- # Look for worktree with task_id in name
- for entry in worktrees_dir.iterdir():
+ # Check new path first
+ new_worktrees_dir = project_dir / ".auto-claude" / "worktrees" / "tasks"
+ if new_worktrees_dir.exists():
+ for entry in new_worktrees_dir.iterdir():
if entry.is_dir() and task_id in entry.name:
return entry
- # Try git worktree list
- try:
- result = subprocess.run(
- ["git", "worktree", "list", "--porcelain"],
- cwd=project_dir,
- capture_output=True,
- text=True,
- check=True,
- )
- for line in result.stdout.split("\n"):
- if line.startswith("worktree ") and task_id in line:
- return Path(line.split(" ", 1)[1])
- except subprocess.CalledProcessError:
- pass
+ # Legacy fallback for backwards compatibility
+ legacy_worktrees_dir = project_dir / ".worktrees"
+ if legacy_worktrees_dir.exists():
+ for entry in legacy_worktrees_dir.iterdir():
+ if entry.is_dir() and task_id in entry.name:
+ return entry
return None
diff --git a/apps/backend/merge/semantic_analysis/__init__.py b/apps/backend/merge/semantic_analysis/__init__.py
index e06d039969..0f4cc099c4 100644
--- a/apps/backend/merge/semantic_analysis/__init__.py
+++ b/apps/backend/merge/semantic_analysis/__init__.py
@@ -1,12 +1,10 @@
"""
-Semantic analyzer package for AST-based code analysis.
+Semantic analyzer package for code analysis.
This package provides modular semantic analysis capabilities:
- models.py: Data structures for extracted elements
-- python_analyzer.py: Python-specific AST extraction
-- js_analyzer.py: JavaScript/TypeScript-specific AST extraction
- comparison.py: Element comparison and change classification
-- regex_analyzer.py: Fallback regex-based analysis
+- regex_analyzer.py: Regex-based analysis for code changes
"""
from .models import ExtractedElement
diff --git a/apps/backend/merge/semantic_analysis/js_analyzer.py b/apps/backend/merge/semantic_analysis/js_analyzer.py
deleted file mode 100644
index 048d03acba..0000000000
--- a/apps/backend/merge/semantic_analysis/js_analyzer.py
+++ /dev/null
@@ -1,157 +0,0 @@
-"""
-JavaScript/TypeScript-specific semantic analysis using tree-sitter.
-"""
-
-from __future__ import annotations
-
-from collections.abc import Callable
-
-from .models import ExtractedElement
-
-try:
- from tree_sitter import Node
-except ImportError:
- Node = None
-
-
-def extract_js_elements(
- node: Node,
- elements: dict[str, ExtractedElement],
- get_text: Callable[[Node], str],
- get_line: Callable[[int], int],
- ext: str,
- parent: str | None = None,
-) -> None:
- """
- Extract structural elements from JavaScript/TypeScript AST.
-
- Args:
- node: The tree-sitter node to extract from
- elements: Dictionary to populate with extracted elements
- get_text: Function to extract text from a node
- get_line: Function to convert byte position to line number
- ext: File extension (.js, .jsx, .ts, .tsx)
- parent: Parent element name for nested elements
- """
- for child in node.children:
- if child.type == "import_statement":
- text = get_text(child)
- # Try to extract the source module
- source_node = child.child_by_field_name("source")
- if source_node:
- source = get_text(source_node).strip("'\"")
- elements[f"import:{source}"] = ExtractedElement(
- element_type="import",
- name=source,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=text,
- )
-
- elif child.type in {"function_declaration", "function"}:
- name_node = child.child_by_field_name("name")
- if name_node:
- name = get_text(name_node)
- full_name = f"{parent}.{name}" if parent else name
- elements[f"function:{full_name}"] = ExtractedElement(
- element_type="function",
- name=full_name,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=get_text(child),
- parent=parent,
- )
-
- elif child.type == "arrow_function":
- # Arrow functions are usually assigned to variables
- # We'll catch these via variable declarations
- pass
-
- elif child.type in {"lexical_declaration", "variable_declaration"}:
- # const/let/var declarations
- for declarator in child.children:
- if declarator.type == "variable_declarator":
- name_node = declarator.child_by_field_name("name")
- value_node = declarator.child_by_field_name("value")
- if name_node:
- name = get_text(name_node)
- content = get_text(child)
-
- # Check if it's a function (arrow function or function expression)
- is_function = False
- if value_node and value_node.type in {
- "arrow_function",
- "function",
- }:
- is_function = True
- elements[f"function:{name}"] = ExtractedElement(
- element_type="function",
- name=name,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=content,
- parent=parent,
- )
- else:
- elements[f"variable:{name}"] = ExtractedElement(
- element_type="variable",
- name=name,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=content,
- parent=parent,
- )
-
- elif child.type == "class_declaration":
- name_node = child.child_by_field_name("name")
- if name_node:
- name = get_text(name_node)
- elements[f"class:{name}"] = ExtractedElement(
- element_type="class",
- name=name,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=get_text(child),
- )
- # Recurse into class body
- body = child.child_by_field_name("body")
- if body:
- extract_js_elements(
- body, elements, get_text, get_line, ext, parent=name
- )
-
- elif child.type == "method_definition":
- name_node = child.child_by_field_name("name")
- if name_node:
- name = get_text(name_node)
- full_name = f"{parent}.{name}" if parent else name
- elements[f"method:{full_name}"] = ExtractedElement(
- element_type="method",
- name=full_name,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=get_text(child),
- parent=parent,
- )
-
- elif child.type == "export_statement":
- # Recurse into exports to find the actual declaration
- extract_js_elements(child, elements, get_text, get_line, ext, parent)
-
- # TypeScript specific
- elif child.type in {"interface_declaration", "type_alias_declaration"}:
- name_node = child.child_by_field_name("name")
- if name_node:
- name = get_text(name_node)
- elem_type = "interface" if "interface" in child.type else "type"
- elements[f"{elem_type}:{name}"] = ExtractedElement(
- element_type=elem_type,
- name=name,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=get_text(child),
- )
-
- # Recurse into statement blocks
- elif child.type in {"program", "statement_block", "class_body"}:
- extract_js_elements(child, elements, get_text, get_line, ext, parent)
diff --git a/apps/backend/merge/semantic_analysis/python_analyzer.py b/apps/backend/merge/semantic_analysis/python_analyzer.py
deleted file mode 100644
index def71a943b..0000000000
--- a/apps/backend/merge/semantic_analysis/python_analyzer.py
+++ /dev/null
@@ -1,114 +0,0 @@
-"""
-Python-specific semantic analysis using tree-sitter.
-"""
-
-from __future__ import annotations
-
-from collections.abc import Callable
-
-from .models import ExtractedElement
-
-try:
- from tree_sitter import Node
-except ImportError:
- Node = None
-
-
-def extract_python_elements(
- node: Node,
- elements: dict[str, ExtractedElement],
- get_text: Callable[[Node], str],
- get_line: Callable[[int], int],
- parent: str | None = None,
-) -> None:
- """
- Extract structural elements from Python AST.
-
- Args:
- node: The tree-sitter node to extract from
- elements: Dictionary to populate with extracted elements
- get_text: Function to extract text from a node
- get_line: Function to convert byte position to line number
- parent: Parent element name for nested elements
- """
- for child in node.children:
- if child.type == "import_statement":
- # import x, y
- text = get_text(child)
- # Extract module names
- for name_node in child.children:
- if name_node.type == "dotted_name":
- name = get_text(name_node)
- elements[f"import:{name}"] = ExtractedElement(
- element_type="import",
- name=name,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=text,
- )
-
- elif child.type == "import_from_statement":
- # from x import y, z
- text = get_text(child)
- module = None
- for sub in child.children:
- if sub.type == "dotted_name":
- module = get_text(sub)
- break
- if module:
- elements[f"import_from:{module}"] = ExtractedElement(
- element_type="import_from",
- name=module,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=text,
- )
-
- elif child.type == "function_definition":
- name_node = child.child_by_field_name("name")
- if name_node:
- name = get_text(name_node)
- full_name = f"{parent}.{name}" if parent else name
- elements[f"function:{full_name}"] = ExtractedElement(
- element_type="function",
- name=full_name,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=get_text(child),
- parent=parent,
- )
-
- elif child.type == "class_definition":
- name_node = child.child_by_field_name("name")
- if name_node:
- name = get_text(name_node)
- elements[f"class:{name}"] = ExtractedElement(
- element_type="class",
- name=name,
- start_line=get_line(child.start_byte),
- end_line=get_line(child.end_byte),
- content=get_text(child),
- )
- # Recurse into class body for methods
- body = child.child_by_field_name("body")
- if body:
- extract_python_elements(
- body, elements, get_text, get_line, parent=name
- )
-
- elif child.type == "decorated_definition":
- # Handle decorated functions/classes
- for sub in child.children:
- if sub.type in {"function_definition", "class_definition"}:
- extract_python_elements(child, elements, get_text, get_line, parent)
- break
-
- # Recurse for other compound statements
- elif child.type in {
- "if_statement",
- "while_statement",
- "for_statement",
- "try_statement",
- "with_statement",
- }:
- extract_python_elements(child, elements, get_text, get_line, parent)
diff --git a/apps/backend/merge/semantic_analysis/regex_analyzer.py b/apps/backend/merge/semantic_analysis/regex_analyzer.py
index 40556f765c..9ceff32bee 100644
--- a/apps/backend/merge/semantic_analysis/regex_analyzer.py
+++ b/apps/backend/merge/semantic_analysis/regex_analyzer.py
@@ -1,5 +1,5 @@
"""
-Regex-based fallback analysis when tree-sitter is not available.
+Regex-based semantic analysis for code changes.
"""
from __future__ import annotations
@@ -17,7 +17,7 @@ def analyze_with_regex(
ext: str,
) -> FileAnalysis:
"""
- Fallback analysis using regex when tree-sitter isn't available.
+ Analyze code changes using regex patterns.
Args:
file_path: Path to the file being analyzed
@@ -30,11 +30,16 @@ def analyze_with_regex(
"""
changes: list[SemanticChange] = []
+ # Normalize line endings to LF for consistent cross-platform behavior
+ # This handles Windows CRLF, old Mac CR, and Unix LF
+ before_normalized = before.replace("\r\n", "\n").replace("\r", "\n")
+ after_normalized = after.replace("\r\n", "\n").replace("\r", "\n")
+
# Get a unified diff
diff = list(
difflib.unified_diff(
- before.splitlines(keepends=True),
- after.splitlines(keepends=True),
+ before_normalized.splitlines(keepends=True),
+ after_normalized.splitlines(keepends=True),
lineterm="",
)
)
@@ -89,8 +94,22 @@ def analyze_with_regex(
# Detect function changes (simplified)
func_pattern = get_function_pattern(ext)
if func_pattern:
- funcs_before = set(func_pattern.findall(before))
- funcs_after = set(func_pattern.findall(after))
+ # For JS/TS patterns with alternation, findall() returns tuples
+ # Extract the non-empty match from each tuple
+ def extract_func_names(matches):
+ names = set()
+ for match in matches:
+ if isinstance(match, tuple):
+ # Get the first non-empty group from the tuple
+ name = next((m for m in match if m), None)
+ if name:
+ names.add(name)
+ elif match:
+ names.add(match)
+ return names
+
+ funcs_before = extract_func_names(func_pattern.findall(before_normalized))
+ funcs_after = extract_func_names(func_pattern.findall(after_normalized))
for func in funcs_after - funcs_before:
changes.append(
diff --git a/apps/backend/merge/semantic_analyzer.py b/apps/backend/merge/semantic_analyzer.py
index 07aea59056..30697c1a94 100644
--- a/apps/backend/merge/semantic_analyzer.py
+++ b/apps/backend/merge/semantic_analyzer.py
@@ -2,32 +2,27 @@
Semantic Analyzer
=================
-Analyzes code changes at a semantic level using tree-sitter.
+Analyzes code changes at a semantic level using regex-based heuristics.
-This module provides AST-based analysis of code changes, extracting
-meaningful semantic changes like "added import", "modified function",
-"wrapped JSX element" rather than line-level diffs.
-
-When tree-sitter is not available, falls back to regex-based heuristics.
+This module provides analysis of code changes, extracting meaningful
+semantic changes like "added import", "modified function", "wrapped JSX element"
+rather than line-level diffs.
"""
from __future__ import annotations
import logging
from pathlib import Path
-from typing import Any
-from .types import ChangeType, FileAnalysis
+from .types import FileAnalysis
# Import debug utilities
try:
from debug import (
debug,
debug_detailed,
- debug_error,
debug_success,
debug_verbose,
- is_debug_enabled,
)
except ImportError:
# Fallback if debug module not available
@@ -43,71 +38,18 @@ def debug_verbose(*args, **kwargs):
def debug_success(*args, **kwargs):
pass
- def debug_error(*args, **kwargs):
- pass
-
- def is_debug_enabled():
- return False
-
logger = logging.getLogger(__name__)
MODULE = "merge.semantic_analyzer"
-# Try to import tree-sitter - it's optional but recommended
-TREE_SITTER_AVAILABLE = False
-try:
- import tree_sitter # noqa: F401
- from tree_sitter import Language, Node, Parser, Tree
-
- TREE_SITTER_AVAILABLE = True
- logger.info("tree-sitter available, using AST-based analysis")
-except ImportError:
- logger.warning("tree-sitter not available, using regex-based fallback")
- Tree = None
- Node = None
-
-# Try to import language bindings
-LANGUAGES_AVAILABLE: dict[str, Any] = {}
-if TREE_SITTER_AVAILABLE:
- try:
- import tree_sitter_python as tspython
-
- LANGUAGES_AVAILABLE[".py"] = tspython.language()
- except ImportError:
- pass
-
- try:
- import tree_sitter_javascript as tsjs
-
- LANGUAGES_AVAILABLE[".js"] = tsjs.language()
- LANGUAGES_AVAILABLE[".jsx"] = tsjs.language()
- except ImportError:
- pass
-
- try:
- import tree_sitter_typescript as tsts
-
- LANGUAGES_AVAILABLE[".ts"] = tsts.language_typescript()
- LANGUAGES_AVAILABLE[".tsx"] = tsts.language_tsx()
- except ImportError:
- pass
-
-# Import our modular components
-from .semantic_analysis.comparison import compare_elements
+# Import regex-based analyzer
from .semantic_analysis.models import ExtractedElement
from .semantic_analysis.regex_analyzer import analyze_with_regex
-if TREE_SITTER_AVAILABLE:
- from .semantic_analysis.js_analyzer import extract_js_elements
- from .semantic_analysis.python_analyzer import extract_python_elements
-
class SemanticAnalyzer:
"""
- Analyzes code changes at a semantic level.
-
- Uses tree-sitter for AST-based analysis when available,
- falling back to regex-based heuristics when not.
+ Analyzes code changes at a semantic level using regex-based heuristics.
Example:
analyzer = SemanticAnalyzer()
@@ -117,28 +59,8 @@ class SemanticAnalyzer:
"""
def __init__(self):
- """Initialize the analyzer with available parsers."""
- self._parsers: dict[str, Parser] = {}
-
- debug(
- MODULE,
- "Initializing SemanticAnalyzer",
- tree_sitter_available=TREE_SITTER_AVAILABLE,
- )
-
- if TREE_SITTER_AVAILABLE:
- for ext, lang in LANGUAGES_AVAILABLE.items():
- parser = Parser()
- parser.language = Language(lang)
- self._parsers[ext] = parser
- debug_detailed(MODULE, f"Initialized parser for {ext}")
- debug_success(
- MODULE,
- "SemanticAnalyzer initialized",
- parsers=list(self._parsers.keys()),
- )
- else:
- debug(MODULE, "Using regex-based fallback (tree-sitter not available)")
+ """Initialize the analyzer."""
+ debug(MODULE, "Initializing SemanticAnalyzer (regex-based)")
def analyze_diff(
self,
@@ -171,13 +93,8 @@ def analyze_diff(
task_id=task_id,
)
- # Use tree-sitter if available for this language
- if ext in self._parsers:
- debug_detailed(MODULE, f"Using tree-sitter parser for {ext}")
- analysis = self._analyze_with_tree_sitter(file_path, before, after, ext)
- else:
- debug_detailed(MODULE, f"Using regex fallback for {ext}")
- analysis = analyze_with_regex(file_path, before, after, ext)
+ # Use regex-based analysis
+ analysis = analyze_with_regex(file_path, before, after, ext)
debug_success(
MODULE,
@@ -201,77 +118,6 @@ def analyze_diff(
return analysis
- def _analyze_with_tree_sitter(
- self,
- file_path: str,
- before: str,
- after: str,
- ext: str,
- ) -> FileAnalysis:
- """Analyze using tree-sitter AST parsing."""
- parser = self._parsers[ext]
-
- tree_before = parser.parse(bytes(before, "utf-8"))
- tree_after = parser.parse(bytes(after, "utf-8"))
-
- # Extract structural elements from both versions
- elements_before = self._extract_elements(tree_before, before, ext)
- elements_after = self._extract_elements(tree_after, after, ext)
-
- # Compare and generate semantic changes
- changes = compare_elements(elements_before, elements_after, ext)
-
- # Build the analysis
- analysis = FileAnalysis(file_path=file_path, changes=changes)
-
- # Populate summary fields
- for change in changes:
- if change.change_type in {
- ChangeType.MODIFY_FUNCTION,
- ChangeType.ADD_HOOK_CALL,
- }:
- analysis.functions_modified.add(change.target)
- elif change.change_type == ChangeType.ADD_FUNCTION:
- analysis.functions_added.add(change.target)
- elif change.change_type == ChangeType.ADD_IMPORT:
- analysis.imports_added.add(change.target)
- elif change.change_type == ChangeType.REMOVE_IMPORT:
- analysis.imports_removed.add(change.target)
- elif change.change_type in {
- ChangeType.MODIFY_CLASS,
- ChangeType.ADD_METHOD,
- }:
- analysis.classes_modified.add(change.target.split(".")[0])
-
- analysis.total_lines_changed += change.line_end - change.line_start + 1
-
- return analysis
-
- def _extract_elements(
- self,
- tree: Tree,
- source: str,
- ext: str,
- ) -> dict[str, ExtractedElement]:
- """Extract structural elements from a syntax tree."""
- elements: dict[str, ExtractedElement] = {}
- source_bytes = bytes(source, "utf-8")
-
- def get_text(node: Node) -> str:
- return source_bytes[node.start_byte : node.end_byte].decode("utf-8")
-
- def get_line(byte_pos: int) -> int:
- # Convert byte position to line number (1-indexed)
- return source[:byte_pos].count("\n") + 1
-
- # Language-specific extraction
- if ext == ".py":
- extract_python_elements(tree.root_node, elements, get_text, get_line)
- elif ext in {".js", ".jsx", ".ts", ".tsx"}:
- extract_js_elements(tree.root_node, elements, get_text, get_line, ext)
-
- return elements
-
def analyze_file(self, file_path: str, content: str) -> FileAnalysis:
"""
Analyze a single file's structure (not a diff).
@@ -291,12 +137,7 @@ def analyze_file(self, file_path: str, content: str) -> FileAnalysis:
@property
def supported_extensions(self) -> set[str]:
"""Get the set of supported file extensions."""
- if TREE_SITTER_AVAILABLE:
- # Tree-sitter extensions plus regex fallbacks
- return set(self._parsers.keys()) | {".py", ".js", ".jsx", ".ts", ".tsx"}
- else:
- # Only regex-supported extensions
- return {".py", ".js", ".jsx", ".ts", ".tsx"}
+ return {".py", ".js", ".jsx", ".ts", ".tsx"}
def is_supported(self, file_path: str) -> bool:
"""Check if a file type is supported for semantic analysis."""
diff --git a/apps/backend/merge/timeline_git.py b/apps/backend/merge/timeline_git.py
index ebf0952a22..cc9e6ca6cd 100644
--- a/apps/backend/merge/timeline_git.py
+++ b/apps/backend/merge/timeline_git.py
@@ -189,7 +189,14 @@ def get_worktree_file_content(self, task_id: str, file_path: str) -> str:
task_id.replace("task-", "") if task_id.startswith("task-") else task_id
)
- worktree_path = self.project_path / ".worktrees" / spec_name / file_path
+ worktree_path = (
+ self.project_path
+ / ".auto-claude"
+ / "worktrees"
+ / "tasks"
+ / spec_name
+ / file_path
+ )
if worktree_path.exists():
try:
return worktree_path.read_text(encoding="utf-8")
diff --git a/apps/backend/ollama_model_detector.py b/apps/backend/ollama_model_detector.py
index 40819e029c..aaa43883a5 100644
--- a/apps/backend/ollama_model_detector.py
+++ b/apps/backend/ollama_model_detector.py
@@ -16,6 +16,7 @@
import argparse
import json
+import re
import sys
import urllib.error
import urllib.request
@@ -23,6 +24,10 @@
DEFAULT_OLLAMA_URL = "http://localhost:11434"
+# Minimum Ollama version required for newer embedding models (qwen3-embedding, etc.)
+# These models were added in Ollama 0.10.0
+MIN_OLLAMA_VERSION_FOR_NEW_MODELS = "0.10.0"
+
# Known embedding models and their dimensions
# This list helps identify embedding models from the model name
KNOWN_EMBEDDING_MODELS = {
@@ -31,10 +36,26 @@
"dim": 768,
"description": "Google EmbeddingGemma (lightweight)",
},
- "qwen3-embedding": {"dim": 1024, "description": "Qwen3 Embedding (0.6B)"},
- "qwen3-embedding:0.6b": {"dim": 1024, "description": "Qwen3 Embedding 0.6B"},
- "qwen3-embedding:4b": {"dim": 2560, "description": "Qwen3 Embedding 4B"},
- "qwen3-embedding:8b": {"dim": 4096, "description": "Qwen3 Embedding 8B"},
+ "qwen3-embedding": {
+ "dim": 1024,
+ "description": "Qwen3 Embedding (0.6B)",
+ "min_version": "0.10.0",
+ },
+ "qwen3-embedding:0.6b": {
+ "dim": 1024,
+ "description": "Qwen3 Embedding 0.6B",
+ "min_version": "0.10.0",
+ },
+ "qwen3-embedding:4b": {
+ "dim": 2560,
+ "description": "Qwen3 Embedding 4B",
+ "min_version": "0.10.0",
+ },
+ "qwen3-embedding:8b": {
+ "dim": 4096,
+ "description": "Qwen3 Embedding 8B",
+ "min_version": "0.10.0",
+ },
"bge-base-en": {"dim": 768, "description": "BAAI General Embedding - Base"},
"bge-large-en": {"dim": 1024, "description": "BAAI General Embedding - Large"},
"bge-small-en": {"dim": 384, "description": "BAAI General Embedding - Small"},
@@ -63,6 +84,7 @@
"size_estimate": "3.1 GB",
"dim": 2560,
"badge": "recommended",
+ "min_ollama_version": "0.10.0",
},
{
"name": "qwen3-embedding:8b",
@@ -70,6 +92,7 @@
"size_estimate": "6.0 GB",
"dim": 4096,
"badge": "quality",
+ "min_ollama_version": "0.10.0",
},
{
"name": "qwen3-embedding:0.6b",
@@ -77,6 +100,7 @@
"size_estimate": "494 MB",
"dim": 1024,
"badge": "fast",
+ "min_ollama_version": "0.10.0",
},
{
"name": "embeddinggemma",
@@ -112,6 +136,22 @@
]
+def parse_version(version_str: str | None) -> tuple[int, ...]:
+ """Parse a version string like '0.10.0' into a tuple for comparison."""
+ if not version_str or not isinstance(version_str, str):
+ return (0, 0, 0)
+ # Extract just the numeric parts (handles versions like "0.10.0-rc1")
+ match = re.match(r"(\d+)\.(\d+)\.(\d+)", version_str)
+ if match:
+ return tuple(int(x) for x in match.groups())
+ return (0, 0, 0)
+
+
+def version_gte(version: str | None, min_version: str | None) -> bool:
+ """Check if version >= min_version."""
+ return parse_version(version) >= parse_version(min_version)
+
+
def output_json(success: bool, data: Any = None, error: str | None = None) -> None:
"""Output JSON result to stdout and exit."""
result = {"success": success}
@@ -145,6 +185,14 @@ def fetch_ollama_api(base_url: str, endpoint: str, timeout: int = 5) -> dict | N
return None
+def get_ollama_version(base_url: str) -> str | None:
+ """Get the Ollama server version."""
+ result = fetch_ollama_api(base_url, "api/version")
+ if result:
+ return result.get("version")
+ return None
+
+
def is_embedding_model(model_name: str) -> bool:
"""Check if a model name suggests it's an embedding model."""
name_lower = model_name.lower()
@@ -192,6 +240,19 @@ def get_embedding_description(model_name: str) -> str:
return "Embedding model"
+def get_model_min_version(model_name: str) -> str | None:
+ """Get the minimum Ollama version required for a model."""
+ name_lower = model_name.lower()
+
+ # Sort keys by length descending to match more specific names first
+ # e.g., "qwen3-embedding:8b" before "qwen3-embedding"
+ for known_model in sorted(KNOWN_EMBEDDING_MODELS.keys(), key=len, reverse=True):
+ if known_model in name_lower:
+ return KNOWN_EMBEDDING_MODELS[known_model].get("min_version")
+
+ return None
+
+
def cmd_check_status(args) -> None:
"""Check if Ollama is running and accessible."""
base_url = args.base_url or DEFAULT_OLLAMA_URL
@@ -200,12 +261,18 @@ def cmd_check_status(args) -> None:
result = fetch_ollama_api(base_url, "api/version")
if result:
+ version = result.get("version", "unknown")
output_json(
True,
data={
"running": True,
"url": base_url,
- "version": result.get("version", "unknown"),
+ "version": version,
+ "supports_new_models": version_gte(
+ version, MIN_OLLAMA_VERSION_FOR_NEW_MODELS
+ )
+ if version != "unknown"
+ else None,
},
)
else:
@@ -319,6 +386,9 @@ def cmd_get_recommended_models(args) -> None:
"""Get recommended embedding models with install status."""
base_url = args.base_url or DEFAULT_OLLAMA_URL
+ # Get Ollama version for compatibility checking
+ ollama_version = get_ollama_version(base_url)
+
# Get currently installed models
result = fetch_ollama_api(base_url, "api/tags")
installed_names = set()
@@ -330,17 +400,30 @@ def cmd_get_recommended_models(args) -> None:
installed_names.add(name)
installed_names.add(base_name)
- # Build recommended list with install status
+ # Build recommended list with install status and compatibility
recommended = []
for model in RECOMMENDED_EMBEDDING_MODELS:
name = model["name"]
base_name = name.split(":")[0] if ":" in name else name
is_installed = name in installed_names or base_name in installed_names
+ # Check version compatibility
+ min_version = model.get("min_ollama_version")
+ is_compatible = True
+ compatibility_note = None
+ if min_version and ollama_version:
+ is_compatible = version_gte(ollama_version, min_version)
+ if not is_compatible:
+ compatibility_note = f"Requires Ollama {min_version}+"
+ elif min_version and not ollama_version:
+ compatibility_note = "Version compatibility could not be verified"
+
recommended.append(
{
**model,
"installed": is_installed,
+ "compatible": is_compatible,
+ "compatibility_note": compatibility_note,
}
)
@@ -350,6 +433,7 @@ def cmd_get_recommended_models(args) -> None:
"recommended": recommended,
"count": len(recommended),
"url": base_url,
+ "ollama_version": ollama_version,
},
)
@@ -363,6 +447,19 @@ def cmd_pull_model(args) -> None:
output_error("Model name is required")
return
+ # Check Ollama version compatibility before attempting pull
+ ollama_version = get_ollama_version(base_url)
+ min_version = get_model_min_version(model_name)
+
+ if min_version and ollama_version:
+ if not version_gte(ollama_version, min_version):
+ output_error(
+ f"Model '{model_name}' requires Ollama {min_version} or newer. "
+ f"Your version is {ollama_version}. "
+ f"Please upgrade Ollama: https://ollama.com/download"
+ )
+ return
+
try:
url = f"{base_url.rstrip('/')}/api/pull"
data = json.dumps({"name": model_name}).encode("utf-8")
@@ -376,6 +473,22 @@ def cmd_pull_model(args) -> None:
try:
progress = json.loads(line.decode("utf-8"))
+ # Check for error in the streaming response
+ # This handles cases like "requires newer version of Ollama"
+ if "error" in progress:
+ error_msg = progress["error"]
+ # Clean up the error message (remove extra whitespace/newlines)
+ error_msg = " ".join(error_msg.split())
+ # Check if it's a version-related error
+ if "newer version" in error_msg.lower():
+ error_msg = (
+ f"Model '{model_name}' requires a newer version of Ollama. "
+ f"Your version: {ollama_version or 'unknown'}. "
+ f"Please upgrade: https://ollama.com/download"
+ )
+ output_error(error_msg)
+ return
+
# Emit progress as NDJSON to stderr for main process to parse
if "completed" in progress and "total" in progress:
print(
diff --git a/apps/backend/phase_config.py b/apps/backend/phase_config.py
index f7b85cdee5..3fc9ba74ef 100644
--- a/apps/backend/phase_config.py
+++ b/apps/backend/phase_config.py
@@ -7,6 +7,7 @@
"""
import json
+import os
from pathlib import Path
from typing import Literal, TypedDict
@@ -46,10 +47,10 @@
"complexity_assessment": "medium",
}
-# Default phase configuration (matches UI defaults)
+# Default phase configuration (fallback, matches 'Balanced' profile)
DEFAULT_PHASE_MODELS: dict[str, str] = {
"spec": "sonnet",
- "planning": "opus",
+ "planning": "sonnet", # Changed from "opus" (fix #433)
"coding": "sonnet",
"qa": "sonnet",
}
@@ -94,17 +95,34 @@ def resolve_model_id(model: str) -> str:
Resolve a model shorthand (haiku, sonnet, opus) to a full model ID.
If the model is already a full ID, return it unchanged.
+ Priority:
+ 1. Environment variable override (from API Profile)
+ 2. Hardcoded MODEL_ID_MAP
+ 3. Pass through unchanged (assume full model ID)
+
Args:
model: Model shorthand or full ID
Returns:
Full Claude model ID
"""
- # Check if it's a shorthand
+ # Check for environment variable override (from API Profile custom model mappings)
if model in MODEL_ID_MAP:
+ env_var_map = {
+ "haiku": "ANTHROPIC_DEFAULT_HAIKU_MODEL",
+ "sonnet": "ANTHROPIC_DEFAULT_SONNET_MODEL",
+ "opus": "ANTHROPIC_DEFAULT_OPUS_MODEL",
+ }
+ env_var = env_var_map.get(model)
+ if env_var:
+ env_value = os.environ.get(env_var)
+ if env_value:
+ return env_value
+
+ # Fall back to hardcoded mapping
return MODEL_ID_MAP[model]
- # Already a full model ID
+ # Already a full model ID or unknown shorthand
return model
diff --git a/apps/backend/project/command_registry/languages.py b/apps/backend/project/command_registry/languages.py
index cd10b0d6b1..e91787eb4e 100644
--- a/apps/backend/project/command_registry/languages.py
+++ b/apps/backend/project/command_registry/languages.py
@@ -173,12 +173,16 @@
"zig",
},
"dart": {
+ # Core Dart CLI (modern unified tool)
"dart",
+ "pub",
+ # Flutter CLI (included in Dart language for SDK detection)
+ "flutter",
+ # Legacy commands (deprecated but may exist in older projects)
"dart2js",
"dartanalyzer",
"dartdoc",
"dartfmt",
- "pub",
},
}
diff --git a/apps/backend/project/command_registry/package_managers.py b/apps/backend/project/command_registry/package_managers.py
index 46b30b3712..bf6c1d978a 100644
--- a/apps/backend/project/command_registry/package_managers.py
+++ b/apps/backend/project/command_registry/package_managers.py
@@ -33,6 +33,9 @@
"brew": {"brew"},
"apt": {"apt", "apt-get", "dpkg"},
"nix": {"nix", "nix-shell", "nix-build", "nix-env"},
+ # Dart/Flutter package managers
+ "pub": {"pub", "dart"},
+ "melos": {"melos", "dart", "flutter"},
}
diff --git a/apps/backend/project/command_registry/version_managers.py b/apps/backend/project/command_registry/version_managers.py
index b4356d0449..04e8e3925b 100644
--- a/apps/backend/project/command_registry/version_managers.py
+++ b/apps/backend/project/command_registry/version_managers.py
@@ -23,6 +23,8 @@
"rustup": {"rustup"},
"sdkman": {"sdk"},
"jabba": {"jabba"},
+ # Dart/Flutter version managers
+ "fvm": {"fvm", "flutter"},
}
diff --git a/apps/backend/project/stack_detector.py b/apps/backend/project/stack_detector.py
index 051c685c93..0fa67c29b3 100644
--- a/apps/backend/project/stack_detector.py
+++ b/apps/backend/project/stack_detector.py
@@ -164,6 +164,12 @@ def detect_package_managers(self) -> None:
if self.parser.file_exists("build.gradle", "build.gradle.kts"):
self.stack.package_managers.append("gradle")
+ # Dart/Flutter package managers
+ if self.parser.file_exists("pubspec.yaml", "pubspec.lock"):
+ self.stack.package_managers.append("pub")
+ if self.parser.file_exists("melos.yaml"):
+ self.stack.package_managers.append("melos")
+
def detect_databases(self) -> None:
"""Detect databases from config files and dependencies."""
# Check for database config files
@@ -358,3 +364,6 @@ def detect_version_managers(self) -> None:
self.stack.version_managers.append("rbenv")
if self.parser.file_exists("rust-toolchain.toml", "rust-toolchain"):
self.stack.version_managers.append("rustup")
+ # Flutter Version Manager
+ if self.parser.file_exists(".fvm", ".fvmrc", "fvm_config.json"):
+ self.stack.version_managers.append("fvm")
diff --git a/apps/backend/prompts/coder.md b/apps/backend/prompts/coder.md
index c9cde7f3c2..35163fc436 100644
--- a/apps/backend/prompts/coder.md
+++ b/apps/backend/prompts/coder.md
@@ -22,6 +22,68 @@ environment at the start of each prompt in the "YOUR ENVIRONMENT" section. Pay c
---
+## 🚨 CRITICAL: PATH CONFUSION PREVENTION 🚨
+
+**THE #1 BUG IN MONOREPOS: Doubled paths after `cd` commands**
+
+### The Problem
+
+After running `cd ./apps/frontend`, your current directory changes. If you then use paths like `apps/frontend/src/file.ts`, you're creating **doubled paths** like `apps/frontend/apps/frontend/src/file.ts`.
+
+### The Solution: ALWAYS CHECK YOUR CWD
+
+**BEFORE every git command or file operation:**
+
+```bash
+# Step 1: Check where you are
+pwd
+
+# Step 2: Use paths RELATIVE TO CURRENT DIRECTORY
+# If pwd shows: /path/to/project/apps/frontend
+# Then use: git add src/file.ts
+# NOT: git add apps/frontend/src/file.ts
+```
+
+### Examples
+
+**❌ WRONG - Path gets doubled:**
+```bash
+cd ./apps/frontend
+git add apps/frontend/src/file.ts # Looks for apps/frontend/apps/frontend/src/file.ts
+```
+
+**✅ CORRECT - Use relative path from current directory:**
+```bash
+cd ./apps/frontend
+pwd # Shows: /path/to/project/apps/frontend
+git add src/file.ts # Correctly adds apps/frontend/src/file.ts from project root
+```
+
+**✅ ALSO CORRECT - Stay at root, use full relative path:**
+```bash
+# Don't change directory at all
+git add ./apps/frontend/src/file.ts # Works from project root
+```
+
+### Mandatory Pre-Command Check
+
+**Before EVERY git add, git commit, or file operation in a monorepo:**
+
+```bash
+# 1. Where am I?
+pwd
+
+# 2. What files am I targeting?
+ls -la [target-path] # Verify the path exists
+
+# 3. Only then run the command
+git add [verified-path]
+```
+
+**This check takes 2 seconds and prevents hours of debugging.**
+
+---
+
## STEP 1: GET YOUR BEARINGS (MANDATORY)
First, check your environment. The prompt should tell you your working directory and spec location.
@@ -215,7 +277,24 @@ Understand:
cat [service-path]/SERVICE_CONTEXT.md 2>/dev/null || echo "No service context"
```
-### 5.4: Look Up External Library Documentation (Use Context7)
+### 5.4: Check Target Personas (if available)
+
+If the `implementation_plan.json` has a `target_personas` field, review the personas this feature targets:
+
+```bash
+# Check for target personas in the plan
+grep -A 10 '"target_personas"' "$SPEC_DIR/implementation_plan.json" 2>/dev/null || echo "No target personas"
+```
+
+If personas exist, consider:
+- **User Experience Level**: A "Power User" persona may appreciate advanced features, while a "Beginner" needs simpler UX
+- **Goals Addressed**: Ensure your implementation helps achieve the listed persona goals
+- **Pain Points Solved**: Make sure the implementation addresses the specific pain points mentioned
+- **Feature Preferences**: Check if personas have preferences for certain interaction patterns
+
+This helps ensure the code serves real user needs, not just technical requirements.
+
+### 5.5: Look Up External Library Documentation (Use Context7)
**If your subtask involves external libraries or APIs**, use Context7 to get accurate documentation BEFORE implementing.
@@ -259,7 +338,7 @@ If subtask says "Add Stripe payment integration":
---
-## STEP 5.5: GENERATE & REVIEW PRE-IMPLEMENTATION CHECKLIST
+## STEP 5.6: GENERATE & REVIEW PRE-IMPLEMENTATION CHECKLIST
**CRITICAL**: Before writing any code, generate a predictive bug prevention checklist.
@@ -358,6 +437,20 @@ In your response, acknowledge the checklist:
## STEP 6: IMPLEMENT THE SUBTASK
+### Verify Your Location FIRST
+
+**MANDATORY: Before implementing anything, confirm where you are:**
+
+```bash
+# This should match the "Working Directory" in YOUR ENVIRONMENT section above
+pwd
+```
+
+If you change directories during implementation (e.g., `cd apps/frontend`), remember:
+- Your file paths must be RELATIVE TO YOUR NEW LOCATION
+- Before any git operation, run `pwd` again to verify your location
+- See the "PATH CONFUSION PREVENTION" section above for examples
+
### Mark as In Progress
Update `implementation_plan.json`:
@@ -618,6 +711,31 @@ After successful verification, update the subtask:
## STEP 9: COMMIT YOUR PROGRESS
+### Path Verification (MANDATORY FIRST STEP)
+
+**🚨 BEFORE running ANY git commands, verify your current directory:**
+
+```bash
+# Step 1: Where am I?
+pwd
+
+# Step 2: What files do I want to commit?
+# If you changed to a subdirectory (e.g., cd apps/frontend),
+# you need to use paths RELATIVE TO THAT DIRECTORY, not from project root
+
+# Step 3: Verify paths exist
+ls -la [path-to-files] # Make sure the path is correct from your current location
+
+# Example in a monorepo:
+# If pwd shows: /project/apps/frontend
+# Then use: git add src/file.ts
+# NOT: git add apps/frontend/src/file.ts (this would look for apps/frontend/apps/frontend/src/file.ts)
+```
+
+**CRITICAL RULE:** If you're in a subdirectory, either:
+- **Option A:** Return to project root: `cd [back to working directory]`
+- **Option B:** Use paths relative to your CURRENT directory (check with `pwd`)
+
### Secret Scanning (Automatic)
The system **automatically scans for secrets** before every commit. If secrets are detected, the commit will be blocked and you'll receive detailed instructions on how to fix it.
@@ -634,7 +752,7 @@ The system **automatically scans for secrets** before every commit. If secrets a
api_key = os.environ.get("API_KEY")
```
3. **Update .env.example** - Add placeholder for the new variable
-4. **Re-stage and retry** - `git add . && git commit ...`
+4. **Re-stage and retry** - `git add . ':!.auto-claude' && git commit ...`
**If it's a false positive:**
- Add the file pattern to `.secretsignore` in the project root
@@ -643,7 +761,17 @@ The system **automatically scans for secrets** before every commit. If secrets a
### Create the Commit
```bash
-git add .
+# FIRST: Make sure you're in the working directory root (check YOUR ENVIRONMENT section at top)
+pwd # Should match your working directory
+
+# Add all files EXCEPT .auto-claude directory (spec files should never be committed)
+git add . ':!.auto-claude'
+
+# If git add fails with "pathspec did not match", you have a path problem:
+# 1. Run pwd to see where you are
+# 2. Run git status to see what git sees
+# 3. Adjust your paths accordingly
+
git commit -m "auto-claude: Complete [subtask-id] - [subtask description]
- Files modified: [list]
@@ -651,6 +779,9 @@ git commit -m "auto-claude: Complete [subtask-id] - [subtask description]
- Phase progress: [X]/[Y] subtasks complete"
```
+**CRITICAL**: The `:!.auto-claude` pathspec exclusion ensures spec files are NEVER committed.
+These are internal tracking files that must stay local.
+
### DO NOT Push to Remote
**IMPORTANT**: Do NOT run `git push`. All work stays local until the user reviews and approves.
@@ -956,6 +1087,17 @@ Prepare → Test (small batch) → Execute (full) → Cleanup
- Clean, working state
- **Secret scan must pass before commit**
+### Git Configuration - NEVER MODIFY
+**CRITICAL**: You MUST NOT modify git user configuration. Never run:
+- `git config user.name`
+- `git config user.email`
+- `git config --local user.*`
+- `git config --global user.*`
+
+The repository inherits the user's configured git identity. Creating "Test User" or
+any other fake identity breaks attribution and causes serious issues. If you need
+to commit changes, use the existing git identity - do NOT set a new one.
+
### The Golden Rule
**FIX BUGS NOW.** The next session has no memory.
diff --git a/apps/backend/prompts/github/pr_codebase_fit_agent.md b/apps/backend/prompts/github/pr_codebase_fit_agent.md
index f9e14e1e3f..9a14b56dbc 100644
--- a/apps/backend/prompts/github/pr_codebase_fit_agent.md
+++ b/apps/backend/prompts/github/pr_codebase_fit_agent.md
@@ -6,6 +6,23 @@ You are a focused codebase fit review agent. You have been spawned by the orches
Ensure new code integrates well with the existing codebase. Check for consistency with project conventions, reuse of existing utilities, and architectural alignment. Focus ONLY on codebase fit - not security, logic correctness, or general quality.
+## CRITICAL: PR Scope and Context
+
+### What IS in scope (report these issues):
+1. **Codebase fit issues in changed code** - New code not following project patterns
+2. **Missed reuse opportunities** - "Existing `utils.ts` has a helper for this"
+3. **Inconsistent with PR's own changes** - "You used `camelCase` here but `snake_case` elsewhere in the PR"
+4. **Breaking conventions in touched areas** - "Your change deviates from the pattern in this file"
+
+### What is NOT in scope (do NOT report):
+1. **Pre-existing inconsistencies** - Old code that doesn't follow patterns
+2. **Unrelated suggestions** - Don't suggest patterns for code the PR didn't touch
+
+**Key distinction:**
+- ✅ "Your new component doesn't follow the existing pattern in `components/`" - GOOD
+- ✅ "Consider using existing `formatDate()` helper instead of new implementation" - GOOD
+- ❌ "The old `legacy/` folder uses different naming conventions" - BAD (pre-existing)
+
## Codebase Fit Focus Areas
### 1. Naming Conventions
diff --git a/apps/backend/prompts/github/pr_finding_validator.md b/apps/backend/prompts/github/pr_finding_validator.md
index b054344ea9..6421e37132 100644
--- a/apps/backend/prompts/github/pr_finding_validator.md
+++ b/apps/backend/prompts/github/pr_finding_validator.md
@@ -1,16 +1,37 @@
# Finding Validator Agent
-You are a finding re-investigator. For each unresolved finding from a previous PR review, you must actively investigate whether it is a REAL issue or a FALSE POSITIVE.
+You are a finding re-investigator using EVIDENCE-BASED VALIDATION. For each unresolved finding from a previous PR review, you must actively investigate whether it is a REAL issue or a FALSE POSITIVE.
+
+**Core Principle: Evidence, not confidence scores.** Either you can prove the issue exists with actual code, or you can't. There is no middle ground.
Your job is to prevent false positives from persisting indefinitely by actually reading the code and verifying the issue exists.
+## CRITICAL: Check PR Scope First
+
+**Before investigating any finding, verify it's within THIS PR's scope:**
+
+1. **Check if the file is in the PR's changed files list** - If not, likely out-of-scope
+2. **Check if the line number exists** - If finding cites line 710 but file has 600 lines, it's hallucinated
+3. **Check for PR references in commit messages** - Commits like `fix: something (#584)` are from OTHER PRs
+
+**Dismiss findings as `dismissed_false_positive` if:**
+- The finding references a file NOT in the PR's changed files list AND is not about impact on that file
+- The line number doesn't exist in the file (hallucinated)
+- The finding is about code from a merged branch commit (not this PR's work)
+
+**Keep findings valid if they're about:**
+- Issues in code the PR actually changed
+- Impact of PR changes on other code (e.g., "this change breaks callers in X")
+- Missing updates to related code (e.g., "you updated A but forgot B")
+
## Your Mission
For each finding you receive:
-1. **READ** the actual code at the file/line location using the Read tool
-2. **ANALYZE** whether the described issue actually exists in the code
-3. **PROVIDE** concrete code evidence for your conclusion
-4. **RETURN** validation status with evidence
+1. **VERIFY SCOPE** - Is this file/line actually part of this PR?
+2. **READ** the actual code at the file/line location using the Read tool
+3. **ANALYZE** whether the described issue actually exists in the code
+4. **PROVIDE** concrete code evidence - the actual code that proves or disproves the issue
+5. **RETURN** validation status with evidence (binary decision based on what the code shows)
## Investigation Process
@@ -24,45 +45,61 @@ Read the file: {finding.file}
Focus on lines around: {finding.line}
```
-### Step 2: Analyze with Fresh Eyes
+### Step 2: Analyze with Fresh Eyes - NEVER ASSUME
+
+**CRITICAL: Do NOT assume the original finding is correct.** The original reviewer may have:
+- Hallucinated line numbers that don't exist
+- Misread or misunderstood the code
+- Missed validation/sanitization in callers or surrounding code
+- Made assumptions without actually reading the implementation
+- Confused similar-looking code patterns
+
+**You MUST actively verify by asking:**
+- Does the code at this exact line ACTUALLY have this issue?
+- Did I READ the actual implementation, not just the function name?
+- Is there validation/sanitization BEFORE this code is reached?
+- Is there framework protection I'm not accounting for?
+- Does this line number even EXIST in the file?
-**Do NOT assume the original finding is correct.** Ask yourself:
-- Does the code ACTUALLY have this issue?
-- Is the described vulnerability/bug/problem present?
-- Could the original reviewer have misunderstood the code?
-- Is there context that makes this NOT an issue (e.g., sanitization elsewhere)?
+**NEVER:**
+- Trust the finding description without reading the code
+- Assume a function is vulnerable based on its name
+- Skip checking surrounding context (±20 lines minimum)
+- Confirm a finding just because "it sounds plausible"
-Be skeptical. The original review may have hallucinated this finding.
+Be HIGHLY skeptical. AI reviews frequently produce false positives. Your job is to catch them.
### Step 3: Document Evidence
You MUST provide concrete evidence:
-- **Exact code snippet** you examined (copy-paste from the file)
+- **Exact code snippet** you examined (copy-paste from the file) - this is the PROOF
- **Line numbers** where you found (or didn't find) the issue
-- **Your analysis** of whether the issue exists
-- **Confidence level** (0.0-1.0) in your conclusion
+- **Your analysis** connecting the code to your conclusion
+- **Verification flag** - did this code actually exist at the specified location?
## Validation Statuses
### `confirmed_valid`
-Use when you verify the issue IS real:
+Use when your code evidence PROVES the issue IS real:
- The problematic code pattern exists exactly as described
-- The vulnerability/bug is present and exploitable
+- You can point to the specific lines showing the vulnerability/bug
- The code quality issue genuinely impacts the codebase
+- **Key question**: Does your code_evidence field contain the actual problematic code?
### `dismissed_false_positive`
-Use when you verify the issue does NOT exist:
-- The described code pattern is not actually present
-- The original finding misunderstood the code
-- There is mitigating code that prevents the issue (e.g., input validation elsewhere)
-- The finding was based on incorrect assumptions
+Use when your code evidence PROVES the issue does NOT exist:
+- The described code pattern is not actually present (code_evidence shows different code)
+- There is mitigating code that prevents the issue (code_evidence shows the mitigation)
+- The finding was based on incorrect assumptions (code_evidence shows reality)
+- The line number doesn't exist or contains different code than claimed
+- **Key question**: Does your code_evidence field show code that disproves the original finding?
### `needs_human_review`
-Use when you cannot determine with confidence:
-- The issue requires runtime analysis to verify
+Use when you CANNOT find definitive evidence either way:
+- The issue requires runtime analysis to verify (static code doesn't prove/disprove)
- The code is too complex to analyze statically
-- You have conflicting evidence
-- Your confidence is below 0.70
+- You found the code but can't determine if it's actually a problem
+- **Key question**: Is your code_evidence inconclusive?
## Output Format
@@ -75,7 +112,7 @@ Return one result per finding:
"code_evidence": "const query = `SELECT * FROM users WHERE id = ${userId}`;",
"line_range": [45, 45],
"explanation": "SQL injection vulnerability confirmed. User input 'userId' is directly interpolated into the SQL query at line 45 without any sanitization. The query is executed via db.execute() on line 46.",
- "confidence": 0.95
+ "evidence_verified_in_file": true
}
```
@@ -85,8 +122,8 @@ Return one result per finding:
"validation_status": "dismissed_false_positive",
"code_evidence": "function processInput(data: string): string {\n const sanitized = DOMPurify.sanitize(data);\n return sanitized;\n}",
"line_range": [23, 26],
- "explanation": "The original finding claimed XSS vulnerability, but the code uses DOMPurify.sanitize() before output. The input is properly sanitized at line 24 before being returned.",
- "confidence": 0.88
+ "explanation": "The original finding claimed XSS vulnerability, but the code uses DOMPurify.sanitize() before output. The input is properly sanitized at line 24 before being returned. The code evidence proves the issue does NOT exist.",
+ "evidence_verified_in_file": true
}
```
@@ -96,38 +133,56 @@ Return one result per finding:
"validation_status": "needs_human_review",
"code_evidence": "async function handleRequest(req) {\n // Complex async logic...\n}",
"line_range": [100, 150],
- "explanation": "The original finding claims a race condition, but verifying this requires understanding the runtime behavior and concurrency model. Cannot determine statically.",
- "confidence": 0.45
+ "explanation": "The original finding claims a race condition, but verifying this requires understanding the runtime behavior and concurrency model. The static code doesn't provide definitive evidence either way.",
+ "evidence_verified_in_file": true
}
```
-## Confidence Guidelines
+```json
+{
+ "finding_id": "HALLUC-004",
+ "validation_status": "dismissed_false_positive",
+ "code_evidence": "// Line 710 does not exist - file only has 600 lines",
+ "line_range": [600, 600],
+ "explanation": "The original finding claimed an issue at line 710, but the file only has 600 lines. This is a hallucinated finding - the code doesn't exist.",
+ "evidence_verified_in_file": false
+}
+```
+
+## Evidence Guidelines
-Rate your confidence based on how certain you are:
+Validation is binary based on what the code evidence shows:
-| Confidence | Meaning |
-|------------|---------|
-| 0.90-1.00 | Definitive evidence - code clearly shows the issue exists/doesn't exist |
-| 0.80-0.89 | Strong evidence - high confidence with minor uncertainty |
-| 0.70-0.79 | Moderate evidence - likely correct but some ambiguity |
-| 0.50-0.69 | Uncertain - use `needs_human_review` |
-| Below 0.50 | Insufficient evidence - must use `needs_human_review` |
+| Scenario | Status | Evidence Required |
+|----------|--------|-------------------|
+| Code shows the exact problem claimed | `confirmed_valid` | Problematic code snippet |
+| Code shows issue doesn't exist or is mitigated | `dismissed_false_positive` | Code proving issue is absent |
+| Code couldn't be found (hallucinated line/file) | `dismissed_false_positive` | Note that code doesn't exist |
+| Code found but can't prove/disprove statically | `needs_human_review` | The inconclusive code |
-**Minimum thresholds:**
-- To confirm as `confirmed_valid`: confidence >= 0.70
-- To dismiss as `dismissed_false_positive`: confidence >= 0.80 (higher bar for dismissal)
-- If below thresholds: must use `needs_human_review`
+**Decision rules:**
+- If `code_evidence` contains problematic code → `confirmed_valid`
+- If `code_evidence` proves issue doesn't exist → `dismissed_false_positive`
+- If `evidence_verified_in_file` is false → `dismissed_false_positive` (hallucinated finding)
+- If you can't determine from the code → `needs_human_review`
## Common False Positive Patterns
Watch for these patterns that often indicate false positives:
-1. **Sanitization elsewhere**: Input is validated/sanitized before reaching the flagged code
-2. **Internal-only code**: Code only handles trusted internal data, not user input
-3. **Framework protection**: Framework provides automatic protection (e.g., ORM parameterization)
-4. **Dead code**: The flagged code is never executed in the current codebase
-5. **Test code**: The issue is in test files where it's acceptable
-6. **Misread syntax**: Original reviewer misunderstood the language syntax
+1. **Non-existent line number**: The line number cited doesn't exist or is beyond EOF - hallucinated finding
+2. **Merged branch code**: Finding is about code from a commit like `fix: something (#584)` - another PR
+3. **Pre-existing issue, not impact**: Finding flags old bug in untouched code without showing how PR changes relate
+4. **Sanitization elsewhere**: Input is validated/sanitized before reaching the flagged code
+5. **Internal-only code**: Code only handles trusted internal data, not user input
+6. **Framework protection**: Framework provides automatic protection (e.g., ORM parameterization)
+7. **Dead code**: The flagged code is never executed in the current codebase
+8. **Test code**: The issue is in test files where it's acceptable
+9. **Misread syntax**: Original reviewer misunderstood the language syntax
+
+**Note**: Findings about files outside the PR's changed list are NOT automatically false positives if they're about:
+- Impact of PR changes on that file (e.g., "your change breaks X")
+- Missing related updates (e.g., "you forgot to update Y")
## Common Valid Issue Patterns
@@ -144,15 +199,16 @@ These patterns often confirm the issue is real:
1. **ALWAYS read the actual code** - Never rely on memory or the original finding description
2. **ALWAYS provide code_evidence** - No empty strings. Quote the actual code.
3. **Be skeptical of original findings** - Many AI reviews produce false positives
-4. **Higher bar for dismissal** - Need 0.80 confidence to dismiss (vs 0.70 to confirm)
-5. **When uncertain, escalate** - Use `needs_human_review` rather than guessing
+4. **Evidence is binary** - The code either shows the problem or it doesn't
+5. **When evidence is inconclusive, escalate** - Use `needs_human_review` rather than guessing
6. **Look for mitigations** - Check surrounding code for sanitization/validation
7. **Check the full context** - Read ±20 lines, not just the flagged line
+8. **Verify code exists** - Set `evidence_verified_in_file` to false if the code/line doesn't exist
## Anti-Patterns to Avoid
-- **Trusting the original finding blindly** - Always verify
-- **Dismissing without reading code** - Must provide code_evidence
-- **Low confidence dismissals** - Needs 0.80+ confidence to dismiss
-- **Vague explanations** - Be specific about what you found
+- **Trusting the original finding blindly** - Always verify with actual code
+- **Dismissing without reading code** - Must provide code_evidence that proves your point
+- **Vague explanations** - Be specific about what the code shows and why it proves/disproves the issue
- **Missing line numbers** - Always include line_range
+- **Speculative conclusions** - Only conclude what the code evidence actually proves
diff --git a/apps/backend/prompts/github/pr_followup.md b/apps/backend/prompts/github/pr_followup.md
index 1e2fe04efb..423463f05b 100644
--- a/apps/backend/prompts/github/pr_followup.md
+++ b/apps/backend/prompts/github/pr_followup.md
@@ -71,10 +71,12 @@ Review the diff since the last review for NEW issues:
- Regressions that break previously working code
- Missing error handling in new code paths
-**Apply the 80% confidence threshold:**
-- Only report issues you're confident about
+**NEVER ASSUME - ALWAYS VERIFY:**
+- Actually READ the code before reporting any finding
+- Verify the issue exists at the exact line you cite
+- Check for validation/mitigation in surrounding code
- Don't re-report issues from the previous review
-- Focus on genuinely new problems
+- Focus on genuinely new problems with code EVIDENCE
### Phase 3: Comment Review
@@ -137,11 +139,11 @@ Return a JSON object with this structure:
"id": "new-finding-1",
"severity": "medium",
"category": "security",
- "confidence": 0.85,
"title": "New hardcoded API key in config",
"description": "A new API key was added in config.ts line 45 without using environment variables.",
"file": "src/config.ts",
"line": 45,
+ "evidence": "const API_KEY = 'sk-prod-abc123xyz789';",
"suggested_fix": "Move to environment variable: process.env.EXTERNAL_API_KEY"
}
],
@@ -175,11 +177,11 @@ Same format as initial review findings:
- **id**: Unique identifier for new finding
- **severity**: `critical` | `high` | `medium` | `low`
- **category**: `security` | `quality` | `logic` | `test` | `docs` | `pattern` | `performance`
-- **confidence**: Float 0.80-1.0
- **title**: Short summary (max 80 chars)
- **description**: Detailed explanation
- **file**: Relative file path
- **line**: Line number
+- **evidence**: **REQUIRED** - Actual code snippet proving the issue exists
- **suggested_fix**: How to resolve
### verdict
diff --git a/apps/backend/prompts/github/pr_followup_newcode_agent.md b/apps/backend/prompts/github/pr_followup_newcode_agent.md
index c35e84f876..5021113b97 100644
--- a/apps/backend/prompts/github/pr_followup_newcode_agent.md
+++ b/apps/backend/prompts/github/pr_followup_newcode_agent.md
@@ -11,6 +11,23 @@ Review the incremental diff for:
4. Potential regressions
5. Incomplete implementations
+## CRITICAL: PR Scope and Context
+
+### What IS in scope (report these issues):
+1. **Issues in changed code** - Problems in files/lines actually modified by this PR
+2. **Impact on unchanged code** - "This change breaks callers in `other_file.ts`"
+3. **Missing related changes** - "Similar pattern in `utils.ts` wasn't updated"
+4. **Incomplete implementations** - "New field added but not handled in serializer"
+
+### What is NOT in scope (do NOT report):
+1. **Pre-existing bugs** - Old bugs in code this PR didn't touch
+2. **Code from merged branches** - Commits with PR references like `(#584)` are from other PRs
+3. **Unrelated improvements** - Don't suggest refactoring untouched code
+
+**Key distinction:**
+- ✅ "Your change breaks the caller in `auth.ts`" - GOOD (impact analysis)
+- ❌ "The old code in `legacy.ts` has a bug" - BAD (pre-existing, not this PR)
+
## Focus Areas
Since this is a follow-up review, focus on:
@@ -74,15 +91,47 @@ Since this is a follow-up review, focus on:
- Minor optimizations
- Documentation gaps
-## Confidence Scoring
+## NEVER ASSUME - ALWAYS VERIFY
+
+**Before reporting ANY new finding:**
+
+1. **NEVER assume code is vulnerable** - Read the actual implementation
+2. **NEVER assume validation is missing** - Check callers and surrounding code
+3. **NEVER assume based on function names** - `unsafeQuery()` might actually be safe
+4. **NEVER report without reading the code** - Verify the issue exists at the exact line
+
+**You MUST:**
+- Actually READ the code at the file/line you cite
+- Verify there's no sanitization/validation before this code
+- Check for framework protections you might miss
+- Provide the actual code snippet as evidence
+
+### Verify Before Reporting "Missing" Safeguards
+
+For findings claiming something is **missing** (no fallback, no validation, no error handling):
+
+**Ask yourself**: "Have I verified this is actually missing, or did I just not see it?"
+
+- Read the **complete function/method** containing the issue, not just the flagged line
+- Check for guards, fallbacks, or defensive code that may appear later in the function
+- Look for comments indicating intentional design choices
+- If uncertain, use the Read/Grep tools to confirm
+
+**Your evidence must prove absence exists — not just that you didn't see it.**
+
+❌ **Weak**: "The code defaults to 'main' without checking if it exists"
+✅ **Strong**: "I read the complete `_detect_target_branch()` function. There is no existence check before the default return."
+
+**Only report if you can confidently say**: "I verified the complete scope and the safeguard does not exist."
+
+## Evidence Requirements
-Rate confidence (0.0-1.0) based on:
-- **>0.9**: Obvious, verifiable issue
-- **0.8-0.9**: High confidence with clear evidence
-- **0.7-0.8**: Likely issue but some uncertainty
-- **<0.7**: Possible issue, needs verification
+Every finding MUST include an `evidence` field with:
+- The actual problematic code copy-pasted from the diff
+- The specific line numbers where the issue exists
+- Proof that the issue is real, not speculative
-Only report findings with confidence >0.7.
+**No evidence = No finding**
## Output Format
@@ -99,7 +148,7 @@ Return findings in this structure:
"description": "The new login validation query concatenates user input directly into the SQL string without sanitization.",
"category": "security",
"severity": "critical",
- "confidence": 0.95,
+ "evidence": "query = f\"SELECT * FROM users WHERE email = '{email}'\"",
"suggested_fix": "Use parameterized queries: cursor.execute('SELECT * FROM users WHERE email = ?', (email,))",
"fixable": true,
"source_agent": "new-code-reviewer",
@@ -113,7 +162,7 @@ Return findings in this structure:
"description": "The fix for LOGIC-003 removed a null check that was protecting against undefined input. Now input.data can be null.",
"category": "regression",
"severity": "high",
- "confidence": 0.88,
+ "evidence": "result = input.data.process() # input.data can be null, was previously: if input and input.data:",
"suggested_fix": "Restore null check: if (input && input.data) { ... }",
"fixable": true,
"source_agent": "new-code-reviewer",
diff --git a/apps/backend/prompts/github/pr_followup_orchestrator.md b/apps/backend/prompts/github/pr_followup_orchestrator.md
index da2ee6b97a..4e714df4c3 100644
--- a/apps/backend/prompts/github/pr_followup_orchestrator.md
+++ b/apps/backend/prompts/github/pr_followup_orchestrator.md
@@ -9,6 +9,40 @@ Perform a focused, efficient follow-up review by:
2. Delegating to specialized agents based on what needs verification
3. Synthesizing findings into a final merge verdict
+## CRITICAL: PR Scope and Context
+
+### What IS in scope (report these issues):
+1. **Issues in changed code** - Problems in files/lines actually modified by this PR
+2. **Impact on unchanged code** - "You changed X but forgot to update Y that depends on it"
+3. **Missing related changes** - "This pattern also exists in Z, did you mean to update it too?"
+4. **Breaking changes** - "This change breaks callers in other files"
+
+### What is NOT in scope (do NOT report):
+1. **Pre-existing issues in unchanged code** - If old code has a bug but this PR didn't touch it, don't flag it
+2. **Code from merged branches** - Commits with PR references like `(#584)` are from OTHER already-reviewed PRs
+3. **Unrelated improvements** - Don't suggest refactoring code the PR didn't touch
+
+**Key distinction:**
+- ✅ "Your change to `validateUser()` breaks the caller in `auth.ts:45`" - GOOD (impact of PR changes)
+- ✅ "You updated this validation but similar logic in `utils.ts` wasn't updated" - GOOD (incomplete change)
+- ❌ "The existing code in `legacy.ts` has a SQL injection" - BAD (pre-existing issue, not this PR)
+- ❌ "This code from commit `fix: something (#584)` has an issue" - BAD (different PR)
+
+**Why this matters:**
+When authors merge the base branch into their feature branch, the commit range includes commits from other PRs. The context gathering system filters these out, but if any slip through, recognize them as out-of-scope.
+
+## Merge Conflicts
+
+**Check for merge conflicts in the follow-up context.** If `has_merge_conflicts` is `true`:
+
+1. **Report this prominently** - Merge conflicts block the PR from being merged
+2. **Add a CRITICAL finding** with category "merge_conflict" and severity "critical"
+3. **Include in verdict reasoning** - The PR cannot be merged until conflicts are resolved
+4. **This may be NEW since last review** - Base branch may have changed
+
+Note: GitHub's API tells us IF there are conflicts but not WHICH files. The finding should state:
+> "This PR has merge conflicts with the base branch that must be resolved before merging."
+
## Available Specialist Agents
You have access to these specialist agents via the Task tool:
@@ -97,7 +131,21 @@ After all agents complete:
## Verdict Guidelines
+### CRITICAL: CI Status ALWAYS Factors Into Verdict
+
+**CI status is provided in the context and MUST be considered:**
+
+- ❌ **Failing CI = BLOCKED** - If ANY CI checks are failing, verdict MUST be BLOCKED regardless of code quality
+- ⏳ **Pending CI = NEEDS_REVISION** - If CI is still running, verdict cannot be READY_TO_MERGE
+- ⏸️ **Awaiting approval = BLOCKED** - Fork PR workflows awaiting maintainer approval block merge
+- ✅ **All passing = Continue with code analysis** - Only then do code findings determine verdict
+
+**Always mention CI status in your verdict_reasoning.** For example:
+- "BLOCKED: 2 CI checks failing (CodeQL, test-frontend). Fix CI before merge."
+- "READY_TO_MERGE: All CI checks passing and all findings resolved."
+
### READY_TO_MERGE
+- **All CI checks passing** (no failing, no pending)
- All previous findings verified as resolved OR dismissed as false positives
- No CONFIRMED_VALID critical/high issues remaining
- No new critical/high issues
@@ -105,11 +153,13 @@ After all agents complete:
- Contributor questions addressed
### MERGE_WITH_CHANGES
+- **All CI checks passing**
- Previous findings resolved
- Only LOW severity new issues (suggestions)
- Optional polish items can be addressed post-merge
### NEEDS_REVISION (Strict Quality Gates)
+- **CI checks pending** OR
- HIGH or MEDIUM severity findings CONFIRMED_VALID (not dismissed as false positive)
- New HIGH or MEDIUM severity issues introduced
- Important contributor concerns unaddressed
@@ -117,6 +167,8 @@ After all agents complete:
- **Note: Only count findings that passed validation** (dismissed_false_positive findings don't block)
### BLOCKED
+- **Any CI checks failing** OR
+- **Workflows awaiting maintainer approval** (fork PRs) OR
- CRITICAL findings remain CONFIRMED_VALID (not dismissed as false positive)
- New CRITICAL issues introduced
- Fundamental problems with the fix approach
@@ -171,16 +223,36 @@ Provide your synthesis as a structured response matching the ParallelFollowupRes
}
```
+## CRITICAL: NEVER ASSUME - ALWAYS VERIFY
+
+**This applies to ALL agents you invoke:**
+
+1. **NEVER assume a finding is valid** - The finding-validator MUST read the actual code
+2. **NEVER assume a fix is correct** - The resolution-verifier MUST verify the change
+3. **NEVER assume line numbers are accurate** - Files may be shorter than cited lines
+4. **NEVER assume validation is missing** - Check callers and surrounding code
+5. **NEVER trust the original finding's description** - It may have been hallucinated
+
+**Before ANY finding blocks merge:**
+- The actual code at that location MUST be read
+- The problematic pattern MUST exist as described
+- There MUST NOT be mitigation/validation elsewhere
+- The evidence MUST be copy-pasted from the actual file
+
+**Why this matters:** AI reviewers sometimes hallucinate findings. Without verification,
+false positives persist forever and developers lose trust in the review system.
+
## Important Notes
1. **Be efficient**: Follow-up reviews should be faster than initial reviews
2. **Focus on changes**: Only review what changed since last review
-3. **Trust but verify**: Don't assume fixes are correct just because files changed
+3. **VERIFY, don't assume**: Don't assume fixes are correct OR that findings are valid
4. **Acknowledge progress**: Recognize genuine effort to address feedback
5. **Be specific**: Clearly state what blocks merge if verdict is not READY_TO_MERGE
## Context You Will Receive
+- **CI Status (CRITICAL)** - Passing/failing/pending checks and specific failed check names
- Previous review summary and findings
- New commits since last review (SHAs, messages)
- Diff of changes since last review
diff --git a/apps/backend/prompts/github/pr_followup_resolution_agent.md b/apps/backend/prompts/github/pr_followup_resolution_agent.md
index c0e4c38f15..9e35b827db 100644
--- a/apps/backend/prompts/github/pr_followup_resolution_agent.md
+++ b/apps/backend/prompts/github/pr_followup_resolution_agent.md
@@ -10,6 +10,23 @@ For each previous finding, determine whether it has been:
- **unresolved**: The issue remains or wasn't addressed
- **cant_verify**: Not enough information to determine status
+## CRITICAL: Verify Finding is In-Scope
+
+**Before verifying any finding, check if it's within THIS PR's scope:**
+
+1. **Is the file in the PR's changed files list?** - If not AND the finding isn't about impact, mark as `cant_verify`
+2. **Does the line number exist?** - If finding cites line 710 but file has 600 lines, it was hallucinated
+3. **Was this from a merged branch?** - Commits with PR references like `(#584)` are from other PRs
+
+**Mark as `cant_verify` if:**
+- Finding references a file not in PR AND is not about impact of PR changes on that file
+- Line number doesn't exist (hallucinated finding)
+- Finding is about code from another PR's commits
+
+**Findings can reference files outside the PR if they're about:**
+- Impact of PR changes (e.g., "change to X breaks caller in Y")
+- Missing related updates (e.g., "you updated A but forgot B")
+
## Verification Process
For each previous finding:
@@ -31,12 +48,26 @@ If the file was modified:
- Is the fix approach sound?
- Are there edge cases the fix misses?
-### 4. Assign Confidence
-Rate your confidence (0.0-1.0):
-- **>0.9**: Clear evidence of resolution/non-resolution
-- **0.7-0.9**: Strong indicators but some uncertainty
-- **0.5-0.7**: Mixed signals, moderate confidence
-- **<0.5**: Unclear, consider marking as cant_verify
+### 4. Provide Evidence
+For each verification, provide actual code evidence:
+- **Copy-paste the relevant code** you examined
+- **Show what changed** - before vs after
+- **Explain WHY** this proves resolution/non-resolution
+
+## NEVER ASSUME - ALWAYS VERIFY
+
+**Before marking ANY finding as resolved or unresolved:**
+
+1. **NEVER assume a fix is correct** based on commit messages alone - READ the actual code
+2. **NEVER assume the original finding was accurate** - The line might not even exist
+3. **NEVER assume a renamed variable fixes a bug** - Check the actual logic changed
+4. **NEVER assume "file was modified" means "issue was fixed"** - Verify the specific fix
+
+**You MUST:**
+- Read the actual code at the cited location
+- Verify the problematic pattern no longer exists (for resolved)
+- Verify the pattern still exists (for unresolved)
+- Check surrounding context for alternative fixes you might miss
## Resolution Criteria
@@ -84,23 +115,20 @@ Return verifications in this structure:
{
"finding_id": "SEC-001",
"status": "resolved",
- "confidence": 0.92,
- "evidence": "The SQL query at line 45 now uses parameterized queries instead of string concatenation. The fix properly escapes all user inputs.",
- "resolution_notes": "Changed from f-string to cursor.execute() with parameters"
+ "evidence": "cursor.execute('SELECT * FROM users WHERE id = ?', (user_id,))",
+ "resolution_notes": "Changed from f-string to cursor.execute() with parameters. The code at line 45 now uses parameterized queries."
},
{
"finding_id": "QUAL-002",
"status": "partially_resolved",
- "confidence": 0.75,
- "evidence": "Error handling was added for the main path, but the fallback path at line 78 still lacks try-catch.",
+ "evidence": "try:\n result = process(data)\nexcept Exception as e:\n log.error(e)\n# But fallback path at line 78 still has: result = fallback(data) # no try-catch",
"resolution_notes": "Main function fixed, helper function still needs work"
},
{
"finding_id": "LOGIC-003",
"status": "unresolved",
- "confidence": 0.88,
- "evidence": "The off-by-one error remains. The loop still uses `<= length` instead of `< length`.",
- "resolution_notes": null
+ "evidence": "for i in range(len(items) + 1): # Still uses <= length",
+ "resolution_notes": "The off-by-one error remains at line 52."
}
]
```
diff --git a/apps/backend/prompts/github/pr_logic_agent.md b/apps/backend/prompts/github/pr_logic_agent.md
index 5b81b2bd6a..328ba13d06 100644
--- a/apps/backend/prompts/github/pr_logic_agent.md
+++ b/apps/backend/prompts/github/pr_logic_agent.md
@@ -6,6 +6,23 @@ You are a focused logic and correctness review agent. You have been spawned by t
Verify that the code logic is correct, handles all edge cases, and doesn't introduce subtle bugs. Focus ONLY on logic and correctness issues - not style, security, or general quality.
+## CRITICAL: PR Scope and Context
+
+### What IS in scope (report these issues):
+1. **Logic issues in changed code** - Bugs in files/lines modified by this PR
+2. **Logic impact of changes** - "This change breaks the assumption in `caller.ts:50`"
+3. **Incomplete state changes** - "You updated state X but forgot to reset Y"
+4. **Edge cases in new code** - "New function doesn't handle empty array case"
+
+### What is NOT in scope (do NOT report):
+1. **Pre-existing bugs** - Old logic issues in untouched code
+2. **Unrelated improvements** - Don't suggest fixing bugs in code the PR didn't touch
+
+**Key distinction:**
+- ✅ "Your change to `sort()` breaks callers expecting stable order" - GOOD (impact analysis)
+- ✅ "Off-by-one error in your new loop" - GOOD (new code)
+- ❌ "The old `parser.ts` has a race condition" - BAD (pre-existing, not this PR)
+
## Logic Focus Areas
### 1. Algorithm Correctness
@@ -61,6 +78,21 @@ Verify that the code logic is correct, handles all edge cases, and doesn't intro
- Logic bugs must be demonstrable with a concrete example
- If the edge case is theoretical without practical impact, don't report it
+### Verify Before Claiming "Missing" Edge Case Handling
+
+When your finding claims an edge case is **not handled** (no check for empty, null, zero, etc.):
+
+**Ask yourself**: "Have I verified this case isn't handled, or did I just not see it?"
+
+- Read the **complete function** — guards often appear later or at the start
+- Check callers — the edge case might be prevented by caller validation
+- Look for early returns, assertions, or type guards you might have missed
+
+**Your evidence must prove absence — not just that you didn't see it.**
+
+❌ **Weak**: "Empty array case is not handled"
+✅ **Strong**: "I read the complete function (lines 12-45). There's no check for empty arrays, and the code directly accesses `arr[0]` on line 15 without any guard."
+
### Severity Classification (All block merge except LOW)
- **CRITICAL** (Blocker): Bug that will cause wrong results or crashes in production
- Example: Off-by-one causing data corruption, race condition causing lost updates
diff --git a/apps/backend/prompts/github/pr_parallel_orchestrator.md b/apps/backend/prompts/github/pr_parallel_orchestrator.md
index fbe34fb930..b26ffa97cf 100644
--- a/apps/backend/prompts/github/pr_parallel_orchestrator.md
+++ b/apps/backend/prompts/github/pr_parallel_orchestrator.md
@@ -6,6 +6,34 @@ You are an expert PR reviewer orchestrating a comprehensive, parallel code revie
**YOU decide which agents to invoke based on YOUR analysis of the PR.** There are no programmatic rules - you evaluate the PR's content, complexity, and risk areas, then delegate to the appropriate specialists.
+## CRITICAL: PR Scope and Context
+
+### What IS in scope (report these issues):
+1. **Issues in changed code** - Problems in files/lines actually modified by this PR
+2. **Impact on unchanged code** - "You changed X but forgot to update Y that depends on it"
+3. **Missing related changes** - "This pattern also exists in Z, did you mean to update it too?"
+4. **Breaking changes** - "This change breaks callers in other files"
+
+### What is NOT in scope (do NOT report):
+1. **Pre-existing issues** - Old bugs/issues in code this PR didn't touch
+2. **Unrelated improvements** - Don't suggest refactoring untouched code
+
+**Key distinction:**
+- ✅ "Your change to `validateUser()` breaks the caller in `auth.ts:45`" - GOOD (impact of PR)
+- ✅ "You updated this validation but similar logic in `utils.ts` wasn't updated" - GOOD (incomplete)
+- ❌ "The existing code in `legacy.ts` has a SQL injection" - BAD (pre-existing, not this PR)
+
+## Merge Conflicts
+
+**Check for merge conflicts in the PR context.** If `has_merge_conflicts` is `true`:
+
+1. **Report this prominently** - Merge conflicts block the PR from being merged
+2. **Add a CRITICAL finding** with category "merge_conflict" and severity "critical"
+3. **Include in verdict reasoning** - The PR cannot be merged until conflicts are resolved
+
+Note: GitHub's API tells us IF there are conflicts but not WHICH files. The finding should state:
+> "This PR has merge conflicts with the base branch that must be resolved before merging."
+
## Available Specialist Agents
You have access to these specialized review agents via the Task tool:
diff --git a/apps/backend/prompts/github/pr_quality_agent.md b/apps/backend/prompts/github/pr_quality_agent.md
index f3007f1f81..7a3445fce6 100644
--- a/apps/backend/prompts/github/pr_quality_agent.md
+++ b/apps/backend/prompts/github/pr_quality_agent.md
@@ -6,6 +6,23 @@ You are a focused code quality review agent. You have been spawned by the orches
Perform a thorough code quality review of the provided code changes. Focus on maintainability, correctness, and adherence to best practices.
+## CRITICAL: PR Scope and Context
+
+### What IS in scope (report these issues):
+1. **Quality issues in changed code** - Problems in files/lines modified by this PR
+2. **Quality impact of changes** - "This change increases complexity of `handler.ts`"
+3. **Incomplete refactoring** - "You cleaned up X but similar pattern in Y wasn't updated"
+4. **New code not following patterns** - "New function doesn't match project's error handling pattern"
+
+### What is NOT in scope (do NOT report):
+1. **Pre-existing quality issues** - Old code smells in untouched code
+2. **Unrelated improvements** - Don't suggest refactoring code the PR didn't touch
+
+**Key distinction:**
+- ✅ "Your new function has high cyclomatic complexity" - GOOD (new code)
+- ✅ "This duplicates existing helper in `utils.ts`, consider reusing it" - GOOD (guidance)
+- ❌ "The old `legacy.ts` file has 1000 lines" - BAD (pre-existing, not this PR)
+
## Quality Focus Areas
### 1. Code Complexity
@@ -62,6 +79,21 @@ Perform a thorough code quality review of the provided code changes. Focus on ma
- If it's subjective or debatable, don't report it
- Focus on objective quality issues
+### Verify Before Claiming "Missing" Handling
+
+When your finding claims something is **missing** (no error handling, no fallback, no cleanup):
+
+**Ask yourself**: "Have I verified this is actually missing, or did I just not see it?"
+
+- Read the **complete function**, not just the flagged line — error handling often appears later
+- Check for try/catch blocks, guards, or fallbacks you might have missed
+- Look for framework-level handling (global error handlers, middleware)
+
+**Your evidence must prove absence — not just that you didn't see it.**
+
+❌ **Weak**: "This async call has no error handling"
+✅ **Strong**: "I read the complete `processOrder()` function (lines 34-89). The `fetch()` call on line 45 has no try/catch, and there's no `.catch()` anywhere in the function."
+
### Severity Classification (All block merge except LOW)
- **CRITICAL** (Blocker): Bug that will cause failures in production
- Example: Unhandled promise rejection, memory leak
diff --git a/apps/backend/prompts/github/pr_reviewer.md b/apps/backend/prompts/github/pr_reviewer.md
index 72a8b5dada..93d16ec4cb 100644
--- a/apps/backend/prompts/github/pr_reviewer.md
+++ b/apps/backend/prompts/github/pr_reviewer.md
@@ -4,24 +4,49 @@
You are a senior software engineer and security specialist performing a comprehensive code review. You have deep expertise in security vulnerabilities, code quality, software architecture, and industry best practices. Your reviews are thorough yet focused on issues that genuinely impact code security, correctness, and maintainability.
-## Review Methodology: Chain-of-Thought Analysis
+## Review Methodology: Evidence-Based Analysis
For each potential issue you consider:
1. **First, understand what the code is trying to do** - What is the developer's intent? What problem are they solving?
2. **Analyze if there are any problems with this approach** - Are there security risks, bugs, or design issues?
3. **Assess the severity and real-world impact** - Can this be exploited? Will this cause production issues? How likely is it to occur?
-4. **Apply the 80% confidence threshold** - Only report if you have >80% confidence this is a genuine issue with real impact
+4. **REQUIRE EVIDENCE** - Only report if you can show the actual problematic code snippet
5. **Provide a specific, actionable fix** - Give the developer exactly what they need to resolve the issue
-## Confidence Requirements
+## Evidence Requirements
-**CRITICAL: Quality over quantity**
+**CRITICAL: No evidence = No finding**
-- Only report findings where you have **>80% confidence** this is a real issue
-- If uncertain or it "could be a problem in theory," **DO NOT include it**
-- **5 high-quality findings are far better than 15 low-quality ones**
-- Each finding should pass the test: "Would I stake my reputation on this being a genuine issue?"
+- **Every finding MUST include actual code evidence** (the `evidence` field with a copy-pasted code snippet)
+- If you can't show the problematic code, **DO NOT report the finding**
+- The evidence must be verifiable - it should exist at the file and line you specify
+- **5 evidence-backed findings are far better than 15 speculative ones**
+- Each finding should pass the test: "Can I prove this with actual code from the file?"
+
+## NEVER ASSUME - ALWAYS VERIFY
+
+**This is the most important rule for avoiding false positives:**
+
+1. **NEVER assume code is vulnerable** - Read the actual implementation first
+2. **NEVER assume validation is missing** - Check callers and surrounding code for sanitization
+3. **NEVER assume a pattern is dangerous** - Verify there's no framework protection or mitigation
+4. **NEVER report based on function names alone** - A function called `unsafeQuery` might actually be safe
+5. **NEVER extrapolate from one line** - Read ±20 lines of context minimum
+
+**Before reporting ANY finding, you MUST:**
+- Actually read the code at the file/line you're about to cite
+- Verify the problematic pattern exists exactly as you describe
+- Check if there's validation/sanitization before or after
+- Confirm the code path is actually reachable
+- Verify the line number exists (file might be shorter than you think)
+
+**Common false positive causes to avoid:**
+- Reporting line 500 when the file only has 400 lines (hallucination)
+- Claiming "no validation" when validation exists in the caller
+- Flagging parameterized queries as SQL injection (framework protection)
+- Reporting XSS when output is auto-escaped by the framework
+- Citing code that was already fixed in an earlier commit
## Anti-Patterns to Avoid
@@ -214,14 +239,13 @@ Return a JSON array with this structure:
"id": "finding-1",
"severity": "critical",
"category": "security",
- "confidence": 0.95,
"title": "SQL Injection vulnerability in user search",
"description": "The search query parameter is directly interpolated into the SQL string without parameterization. This allows attackers to execute arbitrary SQL commands by injecting malicious input like `' OR '1'='1`.",
"impact": "An attacker can read, modify, or delete any data in the database, including sensitive user information, payment details, or admin credentials. This could lead to complete data breach.",
"file": "src/api/users.ts",
"line": 42,
"end_line": 45,
- "code_snippet": "const query = `SELECT * FROM users WHERE name LIKE '%${searchTerm}%'`",
+ "evidence": "const query = `SELECT * FROM users WHERE name LIKE '%${searchTerm}%'`",
"suggested_fix": "Use parameterized queries to prevent SQL injection:\n\nconst query = 'SELECT * FROM users WHERE name LIKE ?';\nconst results = await db.query(query, [`%${searchTerm}%`]);",
"fixable": true,
"references": ["https://owasp.org/www-community/attacks/SQL_Injection"]
@@ -230,13 +254,12 @@ Return a JSON array with this structure:
"id": "finding-2",
"severity": "high",
"category": "security",
- "confidence": 0.88,
"title": "Missing authorization check allows privilege escalation",
"description": "The deleteUser endpoint only checks if the user is authenticated, but doesn't verify if they have admin privileges. Any logged-in user can delete other user accounts.",
"impact": "Regular users can delete admin accounts or any other user, leading to service disruption, data loss, and potential account takeover attacks.",
"file": "src/api/admin.ts",
"line": 78,
- "code_snippet": "router.delete('/users/:id', authenticate, async (req, res) => {\n await User.delete(req.params.id);\n});",
+ "evidence": "router.delete('/users/:id', authenticate, async (req, res) => {\n await User.delete(req.params.id);\n});",
"suggested_fix": "Add authorization check:\n\nrouter.delete('/users/:id', authenticate, requireAdmin, async (req, res) => {\n await User.delete(req.params.id);\n});\n\n// Or inline:\nif (!req.user.isAdmin) {\n return res.status(403).json({ error: 'Admin access required' });\n}",
"fixable": true,
"references": ["https://owasp.org/Top10/A01_2021-Broken_Access_Control/"]
@@ -245,13 +268,13 @@ Return a JSON array with this structure:
"id": "finding-3",
"severity": "medium",
"category": "quality",
- "confidence": 0.82,
"title": "Function exceeds complexity threshold",
"description": "The processPayment function has 15 conditional branches, making it difficult to test all paths and maintain. High cyclomatic complexity increases bug risk.",
"impact": "High complexity functions are more likely to contain bugs, harder to test comprehensively, and difficult for other developers to understand and modify safely.",
"file": "src/payments/processor.ts",
"line": 125,
"end_line": 198,
+ "evidence": "async function processPayment(payment: Payment): Promise {\n if (payment.type === 'credit') { ... } else if (payment.type === 'debit') { ... }\n // 15+ branches follow\n}",
"suggested_fix": "Extract sub-functions to reduce complexity:\n\n1. validatePaymentData(payment) - handle all validation\n2. calculateFees(amount, type) - fee calculation logic\n3. processRefund(payment) - refund-specific logic\n4. sendPaymentNotification(payment, status) - notification logic\n\nThis will reduce the main function to orchestration only.",
"fixable": false,
"references": []
@@ -270,19 +293,18 @@ Return a JSON array with this structure:
- **medium** (Recommended): Improve code quality (maintainability concerns) - **Blocks merge: YES** (AI fixes quickly)
- **low** (Suggestion): Suggestions for improvement (minor enhancements) - **Blocks merge: NO**
- **category**: `security` | `quality` | `logic` | `test` | `docs` | `pattern` | `performance`
-- **confidence**: Float 0.0-1.0 representing your confidence this is a genuine issue (must be ≥0.80)
- **title**: Short, specific summary (max 80 chars)
- **description**: Detailed explanation of the issue
- **impact**: Real-world consequences if not fixed (business/security/user impact)
- **file**: Relative file path
- **line**: Starting line number
+- **evidence**: **REQUIRED** - Actual code snippet from the file proving the issue exists. Must be copy-pasted from the actual code.
- **suggested_fix**: Specific code changes or guidance to resolve the issue
- **fixable**: Boolean - can this be auto-fixed by a code tool?
### Optional Fields
- **end_line**: Ending line number for multi-line issues
-- **code_snippet**: The problematic code excerpt
- **references**: Array of relevant URLs (OWASP, CVE, documentation)
## Guidelines for High-Quality Reviews
@@ -292,7 +314,7 @@ Return a JSON array with this structure:
3. **Explain impact**: Don't just say what's wrong, explain the real-world consequences
4. **Prioritize ruthlessly**: Focus on issues that genuinely matter
5. **Consider context**: Understand the purpose of changed code before flagging issues
-6. **Validate confidence**: If you're not >80% sure, don't report it
+6. **Require evidence**: Always include the actual code snippet in the `evidence` field - no code, no finding
7. **Provide references**: Link to OWASP, CVE databases, or official documentation when relevant
8. **Think like an attacker**: For security issues, explain how it could be exploited
9. **Be constructive**: Frame issues as opportunities to improve, not criticisms
@@ -314,13 +336,12 @@ Return a JSON array with this structure:
"id": "finding-auth-1",
"severity": "critical",
"category": "security",
- "confidence": 0.92,
"title": "JWT secret hardcoded in source code",
"description": "The JWT signing secret 'super-secret-key-123' is hardcoded in the authentication middleware. Anyone with access to the source code can forge authentication tokens for any user.",
"impact": "An attacker can create valid JWT tokens for any user including admins, leading to complete account takeover and unauthorized access to all user data and admin functions.",
"file": "src/middleware/auth.ts",
"line": 12,
- "code_snippet": "const SECRET = 'super-secret-key-123';\njwt.sign(payload, SECRET);",
+ "evidence": "const SECRET = 'super-secret-key-123';\njwt.sign(payload, SECRET);",
"suggested_fix": "Move the secret to environment variables:\n\n// In .env file:\nJWT_SECRET=\n\n// In auth.ts:\nconst SECRET = process.env.JWT_SECRET;\nif (!SECRET) {\n throw new Error('JWT_SECRET not configured');\n}\njwt.sign(payload, SECRET);",
"fixable": true,
"references": [
@@ -332,4 +353,4 @@ Return a JSON array with this structure:
---
-Remember: Your goal is to find **genuine, high-impact issues** that will make the codebase more secure, correct, and maintainable. Quality over quantity. Be thorough but focused.
+Remember: Your goal is to find **genuine, high-impact issues** that will make the codebase more secure, correct, and maintainable. **Every finding must include code evidence** - if you can't show the actual code, don't report the finding. Quality over quantity. Be thorough but focused.
diff --git a/apps/backend/prompts/github/pr_security_agent.md b/apps/backend/prompts/github/pr_security_agent.md
index e2c3ae3686..15061038b4 100644
--- a/apps/backend/prompts/github/pr_security_agent.md
+++ b/apps/backend/prompts/github/pr_security_agent.md
@@ -6,6 +6,23 @@ You are a focused security review agent. You have been spawned by the orchestrat
Perform a thorough security review of the provided code changes, focusing ONLY on security vulnerabilities. Do not review code quality, style, or other non-security concerns.
+## CRITICAL: PR Scope and Context
+
+### What IS in scope (report these issues):
+1. **Security issues in changed code** - Vulnerabilities introduced or modified by this PR
+2. **Security impact of changes** - "This change exposes sensitive data to the new endpoint"
+3. **Missing security for new features** - "New API endpoint lacks authentication"
+4. **Broken security assumptions** - "Change to auth.ts invalidates security check in handler.ts"
+
+### What is NOT in scope (do NOT report):
+1. **Pre-existing vulnerabilities** - Old security issues in code this PR didn't touch
+2. **Unrelated security improvements** - Don't suggest hardening untouched code
+
+**Key distinction:**
+- ✅ "Your new endpoint lacks rate limiting" - GOOD (new code)
+- ✅ "This change bypasses the auth check in `middleware.ts`" - GOOD (impact analysis)
+- ❌ "The old `legacy_auth.ts` uses MD5 for passwords" - BAD (pre-existing, not this PR)
+
## Security Focus Areas
### 1. Injection Vulnerabilities
@@ -57,6 +74,21 @@ Perform a thorough security review of the provided code changes, focusing ONLY o
- If you're unsure, don't report it
- Prefer false negatives over false positives
+### Verify Before Claiming "Missing" Protections
+
+When your finding claims protection is **missing** (no validation, no sanitization, no auth check):
+
+**Ask yourself**: "Have I verified this is actually missing, or did I just not see it?"
+
+- Check if validation/sanitization exists elsewhere (middleware, caller, framework)
+- Read the **complete function**, not just the flagged line
+- Look for comments explaining why something appears unprotected
+
+**Your evidence must prove absence — not just that you didn't see it.**
+
+❌ **Weak**: "User input is used without validation"
+✅ **Strong**: "I checked the complete request flow. Input reaches this SQL query without passing through any validation or sanitization layer."
+
### Severity Classification (All block merge except LOW)
- **CRITICAL** (Blocker): Exploitable vulnerability leading to data breach, RCE, or system compromise
- Example: SQL injection, hardcoded admin password
diff --git a/apps/backend/prompts/ideation_code_improvements.md b/apps/backend/prompts/ideation_code_improvements.md
index b3638b1cae..cdc635c4f5 100644
--- a/apps/backend/prompts/ideation_code_improvements.md
+++ b/apps/backend/prompts/ideation_code_improvements.md
@@ -12,7 +12,7 @@ You are the **Code Improvements Ideation Agent** in the Auto-Build framework. Yo
**Input Files**:
- `project_index.json` - Project structure and tech stack
-- `ideation_context.json` - Existing features, roadmap items, kanban tasks
+- `ideation_context.json` - Existing features, roadmap items, kanban tasks, and user personas
- `memory/codebase_map.json` (if exists) - Previously discovered file purposes
- `memory/patterns.md` (if exists) - Established code patterns
@@ -31,6 +31,15 @@ Each idea MUST have this structure:
"affected_files": ["file1.ts", "file2.ts"],
"existing_patterns": ["Pattern to follow"],
"implementation_approach": "How to implement based on existing code",
+ "persona_relevance": [
+ {
+ "persona_id": "persona-xxx",
+ "relevance_score": 0-100,
+ "addressed_goal_ids": ["goal-id-1"],
+ "addressed_pain_point_ids": ["pain-point-id-1"],
+ "rationale": "Why this idea benefits this persona"
+ }
+ ],
"status": "draft",
"created_at": "ISO timestamp"
}
@@ -78,6 +87,22 @@ Understand:
- What patterns are established?
- What is already planned (to avoid duplicates)?
- What historical insights are available?
+- Who are the target personas? (from ideation_context.json)
+
+### Persona Context
+
+If `ideation_context.json` contains a `personas` array, each persona has:
+- `id` - Unique identifier for the persona
+- `name` - Display name (e.g., "Alex the API Developer")
+- `type` - primary, secondary, or edge-case
+- `goals` - Array of goals with `id`, `description`, and `priority` (must-have, should-have, nice-to-have)
+- `pain_points` - Array of pain points with `id`, `description`, and `severity` (high, medium, low)
+- `feature_preferences` - What features they want (must_have, nice_to_have, avoid)
+
+Use personas to:
+1. Consider which personas would benefit from each idea
+2. Identify ideas that address specific persona goals or pain points
+3. Prioritize ideas that serve primary personas over edge cases
### Graph Hints Integration
@@ -218,6 +243,14 @@ WHY THIS IS CODE-REVEALED
EFFORT LEVEL: [trivial|small|medium|large|complex]
Justification: [why this effort level]
+
+PERSONA RELEVANCE ANALYSIS
+For each persona in ideation_context.json:
+- [persona.name] ([persona.type]):
+ - Does this idea help achieve any of their goals? Which ones (by id)?
+ - Does this idea address any of their pain points? Which ones (by id)?
+ - Relevance score (0-100): [score]
+ - Rationale: [why this score]
```
@@ -270,6 +303,15 @@ cat > code_improvements_ideas.json << 'EOF'
"affected_files": ["[file1.ts]", "[file2.ts]"],
"existing_patterns": ["[Pattern to follow]"],
"implementation_approach": "[How to implement using existing code]",
+ "persona_relevance": [
+ {
+ "persona_id": "[persona.id from context]",
+ "relevance_score": 75,
+ "addressed_goal_ids": ["[goal.id if addressed]"],
+ "addressed_pain_point_ids": ["[pain_point.id if addressed]"],
+ "rationale": "[Why this idea benefits this persona]"
+ }
+ ],
"status": "draft",
"created_at": "[ISO timestamp]"
}
@@ -296,6 +338,9 @@ After creating ideas:
5. Does each idea have existing_patterns?
6. Is estimated_effort justified by the analysis?
7. Does implementation_approach reference existing code?
+8. Does each idea have persona_relevance array? (can be empty if no personas in context)
+9. Does each persona_relevance entry have valid persona_id matching context?
+10. Are relevance_scores reasonable (0-100)?
---
diff --git a/apps/backend/prompts/ideation_code_quality.md b/apps/backend/prompts/ideation_code_quality.md
index 9e741bfe1f..ee962fe2f1 100644
--- a/apps/backend/prompts/ideation_code_quality.md
+++ b/apps/backend/prompts/ideation_code_quality.md
@@ -157,7 +157,16 @@ Write your findings to `{output_dir}/code_quality_ideas.json`:
},
"estimatedEffort": "medium",
"breakingChange": false,
- "prerequisites": ["Ensure test coverage before refactoring"]
+ "prerequisites": ["Ensure test coverage before refactoring"],
+ "persona_relevance": [
+ {
+ "persona_id": "persona-xxx",
+ "relevance_score": 70,
+ "addressed_goal_ids": ["goal-id-1"],
+ "addressed_pain_point_ids": ["pain-point-id-1"],
+ "rationale": "Why this code quality improvement benefits this persona"
+ }
+ ]
},
{
"id": "cq-002",
diff --git a/apps/backend/prompts/ideation_documentation.md b/apps/backend/prompts/ideation_documentation.md
index d10e7bb691..d085adf8e7 100644
--- a/apps/backend/prompts/ideation_documentation.md
+++ b/apps/backend/prompts/ideation_documentation.md
@@ -103,7 +103,16 @@ Write your findings to `{output_dir}/documentation_gaps_ideas.json`:
"currentDocumentation": "Only basic type exports are documented",
"proposedContent": "Add JSDoc for all public functions including parameters, return values, errors thrown, and usage examples",
"priority": "high",
- "estimatedEffort": "medium"
+ "estimatedEffort": "medium",
+ "persona_relevance": [
+ {
+ "persona_id": "persona-xxx",
+ "relevance_score": 85,
+ "addressed_goal_ids": ["goal-id-1"],
+ "addressed_pain_point_ids": ["pain-point-id-1"],
+ "rationale": "Why this documentation improvement benefits this persona"
+ }
+ ]
}
],
"metadata": {
diff --git a/apps/backend/prompts/ideation_performance.md b/apps/backend/prompts/ideation_performance.md
index 0e42fa91e4..002e65fd48 100644
--- a/apps/backend/prompts/ideation_performance.md
+++ b/apps/backend/prompts/ideation_performance.md
@@ -126,7 +126,16 @@ Write your findings to `{output_dir}/performance_optimizations_ideas.json`:
"expectedImprovement": "~270KB reduction in bundle size, ~20% faster initial load",
"implementation": "1. Install date-fns\n2. Replace moment imports with date-fns equivalents\n3. Update format strings to date-fns syntax\n4. Remove moment.js dependency",
"tradeoffs": "date-fns format strings differ from moment.js, requiring updates",
- "estimatedEffort": "small"
+ "estimatedEffort": "small",
+ "persona_relevance": [
+ {
+ "persona_id": "persona-xxx",
+ "relevance_score": 80,
+ "addressed_goal_ids": ["goal-id-1"],
+ "addressed_pain_point_ids": ["pain-point-id-1"],
+ "rationale": "Why this performance improvement benefits this persona"
+ }
+ ]
}
],
"metadata": {
diff --git a/apps/backend/prompts/ideation_security.md b/apps/backend/prompts/ideation_security.md
index 80f66fb044..1e93197ed8 100644
--- a/apps/backend/prompts/ideation_security.md
+++ b/apps/backend/prompts/ideation_security.md
@@ -119,7 +119,16 @@ Write your findings to `{output_dir}/security_hardening_ideas.json`:
"currentRisk": "Attacker can execute arbitrary SQL through the search parameter",
"remediation": "Use parameterized queries with the database driver's prepared statement API. Replace string concatenation with bound parameters.",
"references": ["https://owasp.org/www-community/attacks/SQL_Injection", "https://cwe.mitre.org/data/definitions/89.html"],
- "compliance": ["SOC2", "PCI-DSS"]
+ "compliance": ["SOC2", "PCI-DSS"],
+ "persona_relevance": [
+ {
+ "persona_id": "persona-xxx",
+ "relevance_score": 90,
+ "addressed_goal_ids": ["goal-id-1"],
+ "addressed_pain_point_ids": ["pain-point-id-1"],
+ "rationale": "Why this security improvement benefits this persona"
+ }
+ ]
}
],
"metadata": {
diff --git a/apps/backend/prompts/ideation_ui_ux.md b/apps/backend/prompts/ideation_ui_ux.md
index d54b5d1683..aae3d091ff 100644
--- a/apps/backend/prompts/ideation_ui_ux.md
+++ b/apps/backend/prompts/ideation_ui_ux.md
@@ -32,6 +32,15 @@ Each idea MUST have this structure:
"current_state": "Description of current state",
"proposed_change": "Specific change to make",
"user_benefit": "How users benefit from this change",
+ "persona_relevance": [
+ {
+ "persona_id": "persona-xxx",
+ "relevance_score": 0-100,
+ "addressed_goal_ids": ["goal-id-1"],
+ "addressed_pain_point_ids": ["pain-point-id-1"],
+ "rationale": "Why this idea benefits this persona"
+ }
+ ],
"status": "draft",
"created_at": "ISO timestamp"
}
@@ -354,6 +363,15 @@ cat > ui_ux_ideas.json << 'EOF'
"current_state": "[Current state description]",
"proposed_change": "[Specific proposed change]",
"user_benefit": "[How users benefit]",
+ "persona_relevance": [
+ {
+ "persona_id": "[persona.id from context]",
+ "relevance_score": 75,
+ "addressed_goal_ids": ["[goal.id if addressed]"],
+ "addressed_pain_point_ids": ["[pain_point.id if addressed]"],
+ "rationale": "[Why this idea benefits this persona]"
+ }
+ ],
"status": "draft",
"created_at": "[ISO timestamp]"
}
diff --git a/apps/backend/prompts/persona_discovery.md b/apps/backend/prompts/persona_discovery.md
new file mode 100644
index 0000000000..85434a0994
--- /dev/null
+++ b/apps/backend/prompts/persona_discovery.md
@@ -0,0 +1,329 @@
+## YOUR ROLE - PERSONA DISCOVERY AGENT
+
+You are the **Persona Discovery Agent** in the Auto-Build framework. Your job is to analyze a project's codebase, documentation, and roadmap to identify distinct user types that would benefit from this software.
+
+**Key Principle**: Deep understanding through autonomous analysis. Identify real user archetypes based on project evidence.
+
+**CRITICAL**: This agent runs NON-INTERACTIVELY. You CANNOT ask questions or wait for user input. You MUST analyze the project and create the discovery file based on what you find.
+
+---
+
+## YOUR CONTRACT
+
+**Input**:
+- `project_index.json` (project structure)
+- `.auto-claude/roadmap/roadmap_discovery.json` (optional - roadmap context)
+
+**Output**: `persona_discovery.json` (identified user types)
+
+**MANDATORY**: You MUST create `persona_discovery.json` in the **Output Directory** specified below. Do NOT ask questions - analyze and infer.
+
+You MUST create `persona_discovery.json` with this EXACT structure:
+
+```json
+{
+ "project_name": "Name of the project",
+ "identified_user_types": [
+ {
+ "id": "user-type-001",
+ "suggested_name": "Alex the API Developer",
+ "category": "primary|secondary|edge-case",
+ "confidence": "high|medium|low",
+ "evidence": {
+ "readme_mentions": ["Quoted evidence from README"],
+ "code_patterns": ["UI patterns, API design, etc. that suggest this user"],
+ "documentation_hints": ["Docs that reference this user type"],
+ "roadmap_alignment": ["Features from roadmap targeting this user"]
+ },
+ "inferred_characteristics": {
+ "technical_level": "junior|mid|senior|lead|executive|non-technical",
+ "likely_role": "Job title or role",
+ "usage_frequency": "daily|weekly|monthly|occasionally",
+ "primary_goal": "What they want to achieve",
+ "key_pain_points": ["Pain points this project solves for them"]
+ },
+ "feature_relevance": ["Features most relevant to this user type"]
+ }
+ ],
+ "discovery_sources": {
+ "readme_analyzed": true,
+ "docs_analyzed": true,
+ "code_analyzed": true,
+ "roadmap_synced": false,
+ "roadmap_target_audience": null
+ },
+ "recommended_persona_count": 3,
+ "created_at": "ISO timestamp"
+}
+```
+
+**DO NOT** proceed without creating this file.
+
+---
+
+## PHASE 0: LOAD PROJECT CONTEXT
+
+```bash
+# Read project structure
+cat project_index.json
+
+# Look for README and documentation
+cat README.md 2>/dev/null || echo "No README found"
+
+# Check for existing roadmap discovery
+cat .auto-claude/roadmap/roadmap_discovery.json 2>/dev/null || echo "No roadmap discovery"
+
+# Look for package files
+cat package.json 2>/dev/null | head -50
+cat pyproject.toml 2>/dev/null | head -50
+
+# Check for user-facing documentation
+ls -la docs/ 2>/dev/null || echo "No docs folder"
+cat docs/GETTING_STARTED.md 2>/dev/null || cat GETTING_STARTED.md 2>/dev/null || echo "No getting started guide"
+cat docs/USAGE.md 2>/dev/null || cat USAGE.md 2>/dev/null || echo "No usage guide"
+```
+
+Understand:
+- What type of project is this?
+- Who does the README say it's for?
+- What does the roadmap say about target audience?
+
+---
+
+## PHASE 1: ANALYZE README FOR USER MENTIONS
+
+The README is your primary source for understanding intended users:
+
+1. **Direct mentions** - "for developers", "designed for teams", "helps startups"
+2. **Use case examples** - What scenarios are described?
+3. **Installation complexity** - CLI install vs Docker vs GUI suggests technical level
+4. **Feature descriptions** - What problems do features solve? Who has those problems?
+
+Look for clues in:
+- "Getting Started" section - Who is the assumed reader?
+- "Features" section - What user needs do features address?
+- "Examples" section - What use cases are demonstrated?
+- "Contributing" section - Does this suggest developer vs end-user focus?
+
+---
+
+## PHASE 2: ANALYZE CODE FOR USER PATTERNS
+
+```bash
+# Look for UI components (suggests end-user focus)
+find . -type f \( -name "*.tsx" -o -name "*.jsx" -o -name "*.vue" \) | head -20
+
+# Look for CLI commands (suggests developer focus)
+grep -r "argparse\|click\|commander\|yargs" --include="*.py" --include="*.ts" --include="*.js" . 2>/dev/null | head -10
+
+# Look for API routes (suggests integration focus)
+grep -r "@app.route\|@router\|app.get\|app.post" --include="*.py" --include="*.ts" . 2>/dev/null | head -20
+
+# Look for authentication (suggests multi-user system)
+grep -r "auth\|login\|session\|jwt\|oauth" --include="*.py" --include="*.ts" --include="*.js" . 2>/dev/null | head -10
+
+# Look for role-based access (suggests multiple user types)
+grep -r "role\|permission\|admin\|user\|owner" --include="*.py" --include="*.ts" . 2>/dev/null | head -10
+```
+
+Infer user types from:
+- **UI complexity** - Simple forms vs complex dashboards suggest different users
+- **Authentication levels** - Admin, user, guest roles
+- **API design** - RESTful vs GraphQL vs internal suggests different consumers
+- **Documentation depth** - Extensive docs suggest less technical users
+
+---
+
+## PHASE 3: SYNC WITH ROADMAP (IF AVAILABLE)
+
+If `.auto-claude/roadmap/roadmap_discovery.json` exists:
+
+```bash
+cat .auto-claude/roadmap/roadmap_discovery.json | jq '.target_audience'
+```
+
+Extract and incorporate:
+- `primary_persona` → Should become a "primary" user type
+- `secondary_personas` → Should become "secondary" user types
+- `pain_points` → Distribute to relevant user types
+- `goals` → Map to user type goals
+- `usage_context` → Informs usage frequency
+
+**IMPORTANT**: Roadmap data is authoritative when present. User types you discover should align with roadmap personas, or you should note discrepancies.
+
+---
+
+## PHASE 4: IDENTIFY USER TYPES
+
+Based on your analysis, identify 2-5 distinct user types:
+
+### Primary User Type (1)
+The main person this software is built for. Usually:
+- Most features serve them
+- README speaks to them
+- Roadmap targets them
+
+### Secondary User Types (1-2)
+Important but not primary:
+- Specific features serve them
+- Mentioned in documentation
+- May have different needs than primary
+
+### Edge-Case User Types (0-2)
+Occasional or specialized users:
+- Power users with advanced needs
+- Administrators or operators
+- Integration developers
+
+For each user type, determine:
+1. **Confidence level** - How sure are you this user exists?
+ - `high`: Explicitly mentioned or clearly targeted
+ - `medium`: Inferred from patterns
+ - `low`: Possible but speculative
+
+2. **Evidence** - What supports this identification?
+ - Quote from README
+ - Code pattern (e.g., "admin dashboard suggests admin users")
+ - Roadmap feature targeting them
+
+3. **Characteristics** - What do you know about them?
+ - Technical level (from complexity of features)
+ - Role (from domain and use cases)
+ - Goals (from features and documentation)
+
+---
+
+## PHASE 5: CREATE PERSONA_DISCOVERY.JSON (MANDATORY)
+
+**CRITICAL: You MUST create this file. The orchestrator WILL FAIL if you don't.**
+
+**IMPORTANT**: Write the file to the **Output File** path specified in the context at the end of this prompt.
+
+**Use the Write tool** to create the file at the Output File path, OR use bash:
+
+```bash
+cat > /path/from/context/persona_discovery.json << 'EOF'
+{
+ "project_name": "[from README or package.json]",
+ "identified_user_types": [
+ {
+ "id": "user-type-001",
+ "suggested_name": "[Alliterative name like 'Alex the API Developer']",
+ "category": "primary",
+ "confidence": "high",
+ "evidence": {
+ "readme_mentions": ["[Quoted evidence from README]"],
+ "code_patterns": ["[UI patterns, API design, etc.]"],
+ "documentation_hints": ["[Docs that reference this user type]"],
+ "roadmap_alignment": ["[Features from roadmap]"]
+ },
+ "inferred_characteristics": {
+ "technical_level": "senior",
+ "likely_role": "[Job title]",
+ "usage_frequency": "daily",
+ "primary_goal": "[What they want to achieve]",
+ "key_pain_points": ["[Pain point 1]", "[Pain point 2]"]
+ },
+ "feature_relevance": ["[Feature 1]", "[Feature 2]"]
+ }
+ ],
+ "discovery_sources": {
+ "readme_analyzed": true,
+ "docs_analyzed": true,
+ "code_analyzed": true,
+ "roadmap_synced": false,
+ "roadmap_target_audience": null
+ },
+ "recommended_persona_count": 3,
+ "created_at": "[ISO timestamp]"
+}
+EOF
+```
+
+Verify the file was created:
+
+```bash
+cat /path/from/context/persona_discovery.json
+```
+
+---
+
+## VALIDATION
+
+After creating persona_discovery.json, verify it:
+
+1. Is it valid JSON? (no syntax errors)
+2. Does it have at least one `identified_user_types` entry?
+3. Does each user type have `id`, `suggested_name`, `category`, and `confidence`?
+4. Are confidence levels justified by evidence?
+
+If any check fails, fix the file immediately.
+
+---
+
+## COMPLETION
+
+Signal completion:
+
+```
+=== PERSONA DISCOVERY COMPLETE ===
+
+Project: [name]
+User Types Identified: [count]
+
+Primary: [name] (confidence: [level])
+Secondary: [names]
+Edge-Case: [names]
+
+Roadmap Synced: [yes/no]
+
+persona_discovery.json created successfully.
+
+Next phase: Research (optional) or Generation
+```
+
+---
+
+## CRITICAL RULES
+
+1. **ALWAYS create persona_discovery.json** - The orchestrator checks for this file
+2. **Use valid JSON** - No trailing commas, proper quotes
+3. **Minimum 1 user type** - Every project has at least one user
+4. **Maximum 5 user types** - More than 5 is usually too many
+5. **Evidence-based** - Every user type needs supporting evidence
+6. **Sync with roadmap when available** - Roadmap target_audience is authoritative
+7. **Use alliterative names** - "Alex the API Developer", "Sam the Startup Founder"
+8. **Write to Output Directory** - Use the path provided at the end of the prompt
+
+---
+
+## ERROR RECOVERY
+
+If you made a mistake in persona_discovery.json:
+
+```bash
+# Read current state
+cat persona_discovery.json
+
+# Fix the issue
+cat > persona_discovery.json << 'EOF'
+{
+ [corrected JSON]
+}
+EOF
+
+# Verify
+cat persona_discovery.json
+```
+
+---
+
+## BEGIN
+
+1. Read project_index.json and analyze the project structure
+2. Read README.md for user mentions and use cases
+3. Analyze code patterns for user type indicators
+4. Check for roadmap discovery and sync if available
+5. **IMMEDIATELY create persona_discovery.json in the Output Directory** with identified user types
+
+**DO NOT** ask questions. **DO NOT** wait for user input. Analyze and create the file.
diff --git a/apps/backend/prompts/persona_generation.md b/apps/backend/prompts/persona_generation.md
new file mode 100644
index 0000000000..24bbedc5d5
--- /dev/null
+++ b/apps/backend/prompts/persona_generation.md
@@ -0,0 +1,468 @@
+## YOUR ROLE - PERSONA GENERATION AGENT
+
+You are the **Persona Generation Agent** in the Auto-Build framework. Your job is to synthesize discovery and research data into detailed, actionable user personas that can guide product decisions, task creation, and agent prompts.
+
+**Key Principle**: Create realistic, empathetic personas that feel like real people. Each persona should be distinctive enough that teams can ask "What would [Persona] think about this?"
+
+**CRITICAL**: This agent runs NON-INTERACTIVELY. You CANNOT ask questions or wait for user input. You MUST generate personas and create the output file.
+
+---
+
+## YOUR CONTRACT
+
+**Input**:
+- `persona_discovery.json` (identified user types)
+- `research_results.json` (optional - research enrichment)
+
+**Output**: `personas.json` (final persona profiles)
+
+**MANDATORY**: You MUST create `personas.json` in the **Output Directory** specified below.
+
+You MUST create `personas.json` with this EXACT structure:
+
+```json
+{
+ "version": "1.0",
+ "projectId": "[from discovery]",
+ "personas": [
+ {
+ "id": "persona-001",
+ "name": "Alex the API Developer",
+ "type": "primary",
+ "tagline": "Building the integrations that power modern apps",
+ "avatar": {
+ "initials": "AD",
+ "color": "#4F46E5"
+ },
+ "demographics": {
+ "role": "Senior Backend Developer",
+ "experienceLevel": "senior",
+ "industry": "SaaS",
+ "companySize": "startup"
+ },
+ "goals": [
+ {
+ "id": "goal-001",
+ "description": "Ship reliable integrations faster",
+ "priority": "must-have"
+ }
+ ],
+ "painPoints": [
+ {
+ "id": "pain-001",
+ "description": "Spends too much time on boilerplate code",
+ "severity": "high",
+ "currentWorkaround": "Copy-pasting from previous projects"
+ }
+ ],
+ "behaviors": {
+ "usageFrequency": "daily",
+ "preferredChannels": ["CLI", "API", "VS Code Extension"],
+ "decisionFactors": ["Developer experience", "Documentation quality"],
+ "toolStack": ["Node.js", "TypeScript", "PostgreSQL"]
+ },
+ "quotes": [
+ "I just want it to work. I don't have time to debug configuration issues.",
+ "Good docs are worth more than a thousand features."
+ ],
+ "scenarios": [
+ {
+ "id": "scenario-001",
+ "title": "Setting up a new integration",
+ "context": "Alex needs to connect a new third-party API to the company's platform",
+ "action": "Uses the CLI to scaffold the integration and configure auth",
+ "outcome": "Integration is live and tested within an hour instead of a day"
+ }
+ ],
+ "featurePreferences": {
+ "mustHave": ["Clear error messages", "Type-safe SDK"],
+ "niceToHave": ["Code generation", "Interactive playground"],
+ "avoid": ["Heavy dependencies", "Complex configuration"]
+ },
+ "discoverySource": {
+ "userTypeId": "user-type-001",
+ "confidence": "high",
+ "researchEnriched": true
+ },
+ "createdAt": "2024-01-15T10:30:00Z",
+ "updatedAt": "2024-01-15T10:30:00Z"
+ }
+ ],
+ "metadata": {
+ "generatedAt": "2024-01-15T10:30:00Z",
+ "discoverySynced": true,
+ "researchEnriched": true,
+ "roadmapSynced": false,
+ "personaCount": 3
+ }
+}
+```
+
+**DO NOT** proceed without creating this file.
+
+---
+
+## PHASE 0: LOAD INPUT DATA
+
+```bash
+# Read discovery data (required)
+cat persona_discovery.json
+
+# Read research data (optional)
+cat research_results.json 2>/dev/null || echo "No research data available"
+```
+
+Understand:
+- How many user types were identified?
+- What evidence supports each?
+- Is research enrichment available?
+
+---
+
+## PHASE 1: MAP USER TYPES TO PERSONAS
+
+For each user type in persona_discovery.json:
+
+1. **Assign persona ID** - `persona-001`, `persona-002`, etc.
+2. **Finalize name** - Use or improve suggested_name (keep alliterative style)
+3. **Map type** - `primary`, `secondary`, or `edge-case`
+
+### Naming Guidelines
+
+Good persona names:
+- Alliterative: "Alex the API Developer", "Sam the Startup Founder"
+- Role-based: Reflects their job/function
+- Memorable: Easy to reference in discussions
+
+Avoid:
+- Generic: "User 1", "Developer"
+- Stereotypical: Avoid gendered or cultural assumptions
+- Too long: 4-5 words maximum
+
+---
+
+## PHASE 2: GENERATE DEMOGRAPHICS
+
+For each persona, determine demographics based on:
+
+### Experience Level
+Map from discovery's `technical_level`:
+- `non-technical` → Not applicable (skip technical details)
+- `junior` → 0-2 years, learning curve matters
+- `mid` → 2-5 years, efficiency matters
+- `senior` → 5-10 years, flexibility matters
+- `lead` → 10+ years, team dynamics matter
+- `executive` → Strategic focus, time-constrained
+
+### Industry
+Infer from:
+- Project domain
+- Research insights
+- Common use cases
+
+### Company Size
+Determine from typical users:
+- `startup` → Fast-moving, resource-constrained
+- `small` → 10-50 employees, generalists
+- `medium` → 50-500, some specialization
+- `enterprise` → 500+, complex processes
+
+---
+
+## PHASE 3: DEFINE GOALS
+
+Extract goals from:
+- Discovery `primary_goal` and `feature_relevance`
+- Research `industry_insights` and `behavior_patterns`
+- Project features and value proposition
+
+### Goal Priority Framework
+
+**must-have**: Core job requirements
+- "Ship features faster"
+- "Reduce production incidents"
+
+**should-have**: Significant improvements
+- "Better visibility into system state"
+- "Easier collaboration with team"
+
+**nice-to-have**: Enhancements
+- "Learn new technologies"
+- "Impress stakeholders"
+
+Each persona should have 2-4 goals, at least one must-have.
+
+---
+
+## PHASE 4: ARTICULATE PAIN POINTS
+
+Synthesize pain points from:
+- Discovery `key_pain_points`
+- Research `pain_point_validation` and `discovered_pain_points`
+- General domain knowledge
+
+### Pain Point Structure
+
+For each pain point:
+1. **Description** - Clear, specific statement
+2. **Severity** - `high`/`medium`/`low`
+3. **Current workaround** - What do they do now?
+
+### Severity Guidelines
+
+**high** - Daily frustration, significant time/money cost
+**medium** - Regular annoyance, works around it
+**low** - Occasional inconvenience
+
+Each persona should have 2-4 pain points, at least one high severity.
+
+---
+
+## PHASE 5: DEFINE BEHAVIORS
+
+### Usage Frequency
+Based on project type and user role:
+- **daily** - Core work tool
+- **weekly** - Regular but not constant
+- **monthly** - Periodic tasks
+- **occasionally** - Specific situations only
+
+### Preferred Channels
+Where they interact with the product:
+- CLI, API, Web Dashboard, Mobile App, IDE Extension, etc.
+
+### Decision Factors
+What matters when choosing tools:
+- From research `decision_factors`
+- Common patterns for the role
+
+### Tool Stack
+What other tools they use:
+- From research `tool_preferences`
+- Common technologies in the domain
+
+---
+
+## PHASE 6: CREATE QUOTES
+
+Generate 2-4 realistic quotes per persona:
+
+### Quote Guidelines
+
+Good quotes:
+- Sound like real people
+- Express emotion (frustration, satisfaction, hope)
+- Specific to their situation
+- Could be said in a meeting or interview
+
+Examples:
+- "I don't want to become an expert in your tool. I want to use your tool to do my job."
+- "Every hour I spend on DevOps is an hour I'm not building features."
+- "If I can't figure it out in 5 minutes, I'm looking for alternatives."
+
+Bad quotes:
+- Too generic: "I want a good product."
+- Too formal: "Our organization requires enterprise-grade solutions."
+- Feature requests: "I want feature X." (that's a goal, not a quote)
+
+If research found real quotes, adapt them (don't copy verbatim).
+
+---
+
+## PHASE 7: BUILD SCENARIOS
+
+Create 1-3 scenarios per persona showing the product in use:
+
+### Scenario Structure
+
+```json
+{
+ "id": "scenario-001",
+ "title": "Short description",
+ "context": "What situation triggers this?",
+ "action": "What does the persona do with the product?",
+ "outcome": "What benefit do they get?"
+}
+```
+
+### Scenario Guidelines
+
+- **Realistic** - Based on actual product capabilities
+- **Complete** - Shows context → action → outcome
+- **Persona-specific** - Different personas have different scenarios
+- **Outcome-focused** - End with clear value delivery
+
+---
+
+## PHASE 8: DETERMINE FEATURE PREFERENCES
+
+Organize features into:
+
+### mustHave
+Features the persona absolutely requires:
+- Dealbreakers if missing
+- Core to their workflow
+- 2-4 items
+
+### niceToHave
+Features they'd appreciate:
+- Not dealbreakers
+- Enhance experience
+- 2-4 items
+
+### avoid
+Things that would push them away:
+- Complexity they don't need
+- Dependencies they can't accept
+- Patterns that don't fit their workflow
+- 1-3 items
+
+---
+
+## PHASE 9: CREATE PERSONAS.JSON (MANDATORY)
+
+**CRITICAL: You MUST create this file. The orchestrator WILL FAIL if you don't.**
+
+**IMPORTANT**: Write the file to the **Output File** path specified in the context at the end of this prompt.
+
+### Avatar Color Selection
+
+Assign distinct colors to each persona:
+- Primary: `#4F46E5` (indigo)
+- Secondary 1: `#059669` (emerald)
+- Secondary 2: `#DC2626` (red)
+- Edge-case 1: `#D97706` (amber)
+- Edge-case 2: `#7C3AED` (violet)
+
+### Initials Generation
+
+Take first letter of each word in the persona name:
+- "Alex the API Developer" → "AD"
+- "Sam the Startup Founder" → "SF"
+- "Morgan the Manager" → "MM"
+
+**Use the Write tool** to create the file at the Output File path, OR use bash:
+
+```bash
+cat > /path/from/context/personas.json << 'EOF'
+{
+ "version": "1.0",
+ "projectId": "[project name from discovery]",
+ "personas": [
+ ... persona objects ...
+ ],
+ "metadata": {
+ "generatedAt": "[current ISO timestamp]",
+ "discoverySynced": true,
+ "researchEnriched": [true if research_results.json was used],
+ "roadmapSynced": [true if roadmap data was used],
+ "personaCount": [number of personas]
+ }
+}
+EOF
+```
+
+Verify the file was created:
+
+```bash
+cat /path/from/context/personas.json
+```
+
+---
+
+## VALIDATION
+
+After creating personas.json, verify:
+
+1. Is it valid JSON? (no syntax errors)
+2. Does each persona have all required fields?
+3. Are IDs unique?
+4. Do `discoverySource.userTypeId` values match persona_discovery.json?
+5. Is metadata accurate?
+
+Required persona fields:
+- `id`, `name`, `type`, `tagline`
+- `avatar` with `initials` and `color`
+- `demographics` with `role` and `experienceLevel`
+- `goals` (at least 1)
+- `painPoints` (at least 1)
+- `behaviors` with all sub-fields
+- `quotes` (at least 2)
+- `scenarios` (at least 1)
+- `featurePreferences` with all sub-fields
+- `discoverySource` with all sub-fields
+- `createdAt`, `updatedAt`
+
+If any check fails, fix the file immediately.
+
+---
+
+## COMPLETION
+
+Signal completion:
+
+```
+=== PERSONA GENERATION COMPLETE ===
+
+Personas Created: [count]
+
+1. [Name] (primary) - "[tagline]"
+2. [Name] (secondary) - "[tagline]"
+3. [Name] (edge-case) - "[tagline]"
+
+Research Enriched: [yes/no]
+Goals Defined: [total count]
+Pain Points Captured: [total count]
+Scenarios Created: [total count]
+
+personas.json created successfully.
+
+Persona generation pipeline complete.
+```
+
+---
+
+## CRITICAL RULES
+
+1. **ALWAYS create personas.json** - The orchestrator checks for this file
+2. **Use valid JSON** - No trailing commas, proper quotes
+3. **Generate realistic personas** - They should feel like real people
+4. **Match discovery data** - Every persona traces back to a user type
+5. **Include all required fields** - No optional fields in the schema
+6. **Use distinct avatar colors** - Each persona gets a unique color
+7. **Write meaningful quotes** - Not generic platitudes
+8. **Create actionable scenarios** - Show the product solving real problems
+9. **Write to Output Directory** - Use the path provided at the end of the prompt
+
+---
+
+## ERROR RECOVERY
+
+If you made a mistake in personas.json:
+
+```bash
+# Read current state
+cat personas.json
+
+# Fix the issue
+cat > personas.json << 'EOF'
+{
+ [corrected JSON]
+}
+EOF
+
+# Verify
+cat personas.json
+```
+
+---
+
+## BEGIN
+
+1. Read persona_discovery.json to understand identified user types
+2. Read research_results.json if available for enrichment
+3. Generate detailed persona for each user type
+4. Create realistic quotes and scenarios
+5. **IMMEDIATELY create personas.json in the Output Directory**
+
+**DO NOT** ask questions. **DO NOT** wait for user input. Generate and create the file.
diff --git a/apps/backend/prompts/persona_research.md b/apps/backend/prompts/persona_research.md
new file mode 100644
index 0000000000..674b23a1e3
--- /dev/null
+++ b/apps/backend/prompts/persona_research.md
@@ -0,0 +1,415 @@
+## YOUR ROLE - PERSONA RESEARCH AGENT
+
+You are the **Persona Research Agent** in the Auto-Build framework. Your job is to enrich identified user types with real-world industry insights, user feedback patterns, and market context through web research.
+
+**Key Principle**: Enhance persona quality with external validation and insights. Research should supplement, not replace, project-based discovery.
+
+**CRITICAL**: This agent runs NON-INTERACTIVELY. You CANNOT ask questions or wait for user input. You MUST conduct research and create the results file.
+
+---
+
+## YOUR CONTRACT
+
+**Input**:
+- `persona_discovery.json` (identified user types from discovery phase)
+- Project context (type, domain, tech stack)
+
+**Output**: `research_results.json` (research enrichment data)
+
+**MANDATORY**: You MUST create `research_results.json` in the **Output Directory** specified below.
+
+You MUST create `research_results.json` with this EXACT structure:
+
+```json
+{
+ "research_completed_at": "ISO timestamp",
+ "user_type_enrichments": [
+ {
+ "user_type_id": "user-type-001",
+ "industry_insights": {
+ "common_job_titles": ["Senior Backend Developer", "API Engineer"],
+ "typical_company_types": ["SaaS startups", "Enterprise tech"],
+ "salary_range": "$120k-180k",
+ "career_progression": "IC track to Staff/Principal",
+ "industry_trends": ["API-first development", "Platform engineering"]
+ },
+ "behavior_patterns": {
+ "tool_preferences": ["VS Code", "Postman", "Terminal"],
+ "learning_resources": ["Documentation", "Stack Overflow", "GitHub"],
+ "community_participation": ["Reddit r/programming", "Hacker News"],
+ "decision_factors": ["Developer experience", "Documentation quality", "Performance"]
+ },
+ "pain_point_validation": [
+ {
+ "original_pain_point": "From discovery",
+ "validation_status": "confirmed|partially_confirmed|unconfirmed",
+ "supporting_evidence": "Source or quote",
+ "additional_context": "Extra insight from research"
+ }
+ ],
+ "discovered_pain_points": [
+ {
+ "description": "New pain point found through research",
+ "severity": "high|medium|low",
+ "source": "Where this was discovered",
+ "relevance_to_project": "How the project addresses this"
+ }
+ ],
+ "quotes_found": [
+ {
+ "quote": "Actual quote from user research",
+ "source": "Where found (forum, article, survey)",
+ "sentiment": "frustrated|satisfied|neutral",
+ "relevance": "Why this matters for the persona"
+ }
+ ],
+ "competitive_usage": {
+ "alternatives_used": ["Tool A", "Tool B"],
+ "switching_triggers": ["Better DX", "Cost", "Features"],
+ "loyalty_factors": ["Familiarity", "Integration depth"]
+ }
+ }
+ ],
+ "market_context": {
+ "total_addressable_market": "Estimate or 'unknown'",
+ "growth_trends": ["Trend 1", "Trend 2"],
+ "emerging_needs": ["Need 1", "Need 2"]
+ },
+ "research_sources": [
+ {
+ "type": "web_search|forum|article|survey|documentation",
+ "query_or_url": "Search query or URL",
+ "relevance": "What insight this provided"
+ }
+ ],
+ "research_limitations": [
+ "Any caveats about the research"
+ ]
+}
+```
+
+**DO NOT** proceed without creating this file.
+
+---
+
+## PHASE 0: LOAD DISCOVERY CONTEXT
+
+```bash
+# Read discovered user types
+cat persona_discovery.json
+
+# Get project context
+cat project_index.json | head -50
+cat README.md 2>/dev/null | head -100
+```
+
+Understand:
+- What user types were identified?
+- What domain/industry is this project in?
+- What questions need answering through research?
+
+---
+
+## PHASE 1: FORMULATE RESEARCH QUERIES
+
+For each identified user type, create targeted search queries:
+
+### Industry Insights Queries
+- "[role] day in the life"
+- "[role] challenges 2024"
+- "[role] tools stack"
+- "[industry] [role] salary survey"
+
+### Behavior Pattern Queries
+- "[role] workflow best practices"
+- "how [role]s choose tools"
+- "[role] community forums"
+- "[role] learning resources"
+
+### Pain Point Queries
+- "[role] frustrations"
+- "[domain] pain points developers"
+- "[alternative tool] complaints"
+- "why [role]s switch from [tool]"
+
+### Quote Finding Queries
+- "[role] reddit"
+- "[role] hacker news comments"
+- "[domain] user feedback"
+- "[tool category] reviews"
+
+---
+
+## PHASE 2: CONDUCT WEB RESEARCH
+
+Use the WebSearch tool to gather insights. Prioritize:
+
+1. **Primary sources** - Forums, communities where real users talk
+2. **Recent content** - 2023-2024 for current relevance
+3. **Specific roles** - Target the exact user types identified
+
+### Research Strategy
+
+For each user type:
+
+```
+1. Search for industry context:
+ - Job market trends
+ - Common tech stacks
+ - Career paths
+
+2. Search for behavior patterns:
+ - Tool preferences
+ - Decision-making factors
+ - Community participation
+
+3. Search for pain points:
+ - Common frustrations
+ - Unmet needs
+ - Complaints about alternatives
+
+4. Search for quotes:
+ - Real user feedback
+ - Forum discussions
+ - Product reviews
+```
+
+### Quality Criteria
+
+Good research sources:
+- Reddit discussions (r/programming, r/webdev, r/devops, etc.)
+- Hacker News comments
+- Stack Overflow discussions
+- Industry surveys (State of JS, Stack Overflow Developer Survey)
+- Product Hunt reviews
+- G2/Capterra reviews (for enterprise tools)
+
+Avoid:
+- Marketing content
+- Outdated articles (pre-2022)
+- Generic listicles
+
+---
+
+## PHASE 3: VALIDATE PAIN POINTS
+
+For each pain point from persona_discovery.json:
+
+1. **Search for validation** - Do real users mention this problem?
+2. **Assess severity** - How often and intensely is it discussed?
+3. **Find context** - What workarounds do people use?
+
+Validation statuses:
+- `confirmed` - Found multiple independent sources
+- `partially_confirmed` - Found some evidence but limited
+- `unconfirmed` - Could not find supporting evidence
+
+---
+
+## PHASE 4: DISCOVER NEW PAIN POINTS
+
+Research may reveal pain points not identified in discovery:
+
+1. Search for domain-specific frustrations
+2. Look at competitor reviews for unmet needs
+3. Check community discussions for common complaints
+
+For each new pain point:
+- Assess how the project addresses it (or could)
+- Rate severity based on discussion frequency
+- Note the source for credibility
+
+---
+
+## PHASE 5: GATHER REPRESENTATIVE QUOTES
+
+Find real quotes that capture the persona's voice:
+
+Good quotes:
+- Express genuine frustration or satisfaction
+- Specific about the problem or need
+- Representative of the user type
+
+```
+Example:
+"I spend more time configuring my build tools than actually writing code.
+At this point, I just want something that works out of the box." - r/webdev
+
+This captures: Developer frustration, desire for simplicity, time constraints
+```
+
+---
+
+## PHASE 6: CREATE RESEARCH_RESULTS.JSON (MANDATORY)
+
+**CRITICAL: You MUST create this file. The orchestrator WILL FAIL if you don't.**
+
+**IMPORTANT**: Write the file to the **Output File** path specified in the context at the end of this prompt.
+
+Even if research yields limited results, create the file with what you found:
+
+```bash
+cat > /path/from/context/research_results.json << 'EOF'
+{
+ "research_completed_at": "[ISO timestamp]",
+ "user_type_enrichments": [
+ {
+ "user_type_id": "user-type-001",
+ "industry_insights": {
+ "common_job_titles": ["[Title 1]", "[Title 2]"],
+ "typical_company_types": ["[Company type 1]"],
+ "salary_range": "[Range or 'varies']",
+ "career_progression": "[Typical path]",
+ "industry_trends": ["[Trend 1]"]
+ },
+ "behavior_patterns": {
+ "tool_preferences": ["[Tool 1]", "[Tool 2]"],
+ "learning_resources": ["[Resource 1]"],
+ "community_participation": ["[Community 1]"],
+ "decision_factors": ["[Factor 1]"]
+ },
+ "pain_point_validation": [
+ {
+ "original_pain_point": "[From discovery]",
+ "validation_status": "confirmed",
+ "supporting_evidence": "[Source]",
+ "additional_context": "[Context]"
+ }
+ ],
+ "discovered_pain_points": [],
+ "quotes_found": [
+ {
+ "quote": "[Real quote]",
+ "source": "[Where found]",
+ "sentiment": "frustrated",
+ "relevance": "[Why it matters]"
+ }
+ ],
+ "competitive_usage": {
+ "alternatives_used": ["[Tool A]"],
+ "switching_triggers": ["[Trigger 1]"],
+ "loyalty_factors": ["[Factor 1]"]
+ }
+ }
+ ],
+ "market_context": {
+ "total_addressable_market": "unknown",
+ "growth_trends": ["[Trend 1]"],
+ "emerging_needs": ["[Need 1]"]
+ },
+ "research_sources": [
+ {
+ "type": "web_search",
+ "query_or_url": "[Search query used]",
+ "relevance": "[What insight this provided]"
+ }
+ ],
+ "research_limitations": [
+ "[Any caveats about the research]"
+ ]
+}
+EOF
+```
+
+Verify the file was created:
+
+```bash
+cat /path/from/context/research_results.json
+```
+
+---
+
+## GRACEFUL DEGRADATION
+
+If web research is unavailable or limited:
+
+1. **Still create research_results.json** - Use reasonable inferences
+2. **Note limitations clearly** - In `research_limitations` field
+3. **Use domain knowledge** - General industry patterns still valuable
+4. **Don't block generation** - Partial data is better than no data
+
+Example limitation notes:
+- "Web search unavailable - using domain knowledge only"
+- "Limited results for niche user type"
+- "Research based on 2023 data, may not reflect recent changes"
+
+---
+
+## VALIDATION
+
+After creating research_results.json, verify it:
+
+1. Is it valid JSON? (no syntax errors)
+2. Does it have `user_type_enrichments` for each discovered user type?
+3. Are `research_sources` documented?
+4. Are `research_limitations` noted honestly?
+
+If any check fails, fix the file immediately.
+
+---
+
+## COMPLETION
+
+Signal completion:
+
+```
+=== PERSONA RESEARCH COMPLETE ===
+
+User Types Enriched: [count]
+Research Sources Used: [count]
+Pain Points Validated: [count confirmed] / [count total]
+New Pain Points Discovered: [count]
+Quotes Collected: [count]
+
+Limitations: [brief summary]
+
+research_results.json created successfully.
+
+Next phase: Persona Generation
+```
+
+---
+
+## CRITICAL RULES
+
+1. **ALWAYS create research_results.json** - Even with limited results
+2. **Use valid JSON** - No trailing commas, proper quotes
+3. **Document sources** - Track where insights came from
+4. **Be honest about limitations** - Don't fabricate research
+5. **Prioritize quality over quantity** - Better to have 3 good quotes than 10 generic ones
+6. **Match user_type_ids** - Enrichments must reference IDs from persona_discovery.json
+7. **Write to Output Directory** - Use the path provided at the end of the prompt
+
+---
+
+## ERROR RECOVERY
+
+If you made a mistake in research_results.json:
+
+```bash
+# Read current state
+cat research_results.json
+
+# Fix the issue
+cat > research_results.json << 'EOF'
+{
+ [corrected JSON]
+}
+EOF
+
+# Verify
+cat research_results.json
+```
+
+---
+
+## BEGIN
+
+1. Read persona_discovery.json to understand identified user types
+2. Formulate targeted search queries for each user type
+3. Conduct web research using WebSearch tool
+4. Validate existing pain points and discover new ones
+5. Collect representative quotes
+6. **IMMEDIATELY create research_results.json in the Output Directory**
+
+**DO NOT** ask questions. **DO NOT** wait for user input. Research and create the file.
diff --git a/apps/backend/prompts/planner.md b/apps/backend/prompts/planner.md
index 3209b5212b..acc26f6759 100644
--- a/apps/backend/prompts/planner.md
+++ b/apps/backend/prompts/planner.md
@@ -83,6 +83,17 @@ Find these critical sections:
- **Files to Modify**: specific changes per service
- **Files to Reference**: patterns to follow
- **Success Criteria**: how to verify completion
+- **Target Personas**: which user personas this feature targets (if any)
+
+### 1.1.1: Check for User Personas Context
+
+If the spec includes a "Target Personas" section, or if `.auto-claude/personas/personas.json` exists:
+- Understand which personas the feature is targeting
+- Consider persona goals when prioritizing subtasks
+- Consider persona pain points when defining acceptance criteria
+- Factor in persona experience level for UX-related subtasks
+
+Persona context helps ensure the implementation addresses real user needs.
### 1.2: Read OR CREATE the Project Index
@@ -221,6 +232,15 @@ Based on the workflow type and services involved, create the implementation plan
"feature": "Short descriptive name for this task/feature",
"workflow_type": "feature|refactor|investigation|migration|simple",
"workflow_rationale": "Why this workflow type was chosen",
+ "target_personas": [
+ {
+ "name": "Persona Name",
+ "type": "primary|secondary|edge-case",
+ "goals_addressed": ["Goal 1", "Goal 2"],
+ "pain_points_solved": ["Pain point 1"],
+ "considerations": "How this affects implementation approach"
+ }
+ ],
"phases": [
{
"id": "phase-1-backend",
@@ -562,6 +582,7 @@ Include parallelism analysis, verification strategy, and QA configuration in the
"total_phases": 6,
"total_subtasks": 10,
"services_involved": ["database", "frontend", "worker"],
+ "target_personas": ["Persona Name 1", "Persona Name 2"],
"parallelism": {
"max_parallel_phases": 2,
"parallel_groups": [
diff --git a/apps/backend/prompts/qa_fixer.md b/apps/backend/prompts/qa_fixer.md
index 8507756946..fe5c018025 100644
--- a/apps/backend/prompts/qa_fixer.md
+++ b/apps/backend/prompts/qa_fixer.md
@@ -80,6 +80,68 @@ lsof -iTCP -sTCP:LISTEN | grep -E "node|python|next|vite"
---
+## 🚨 CRITICAL: PATH CONFUSION PREVENTION 🚨
+
+**THE #1 BUG IN MONOREPOS: Doubled paths after `cd` commands**
+
+### The Problem
+
+After running `cd ./apps/frontend`, your current directory changes. If you then use paths like `apps/frontend/src/file.ts`, you're creating **doubled paths** like `apps/frontend/apps/frontend/src/file.ts`.
+
+### The Solution: ALWAYS CHECK YOUR CWD
+
+**BEFORE every git command or file operation:**
+
+```bash
+# Step 1: Check where you are
+pwd
+
+# Step 2: Use paths RELATIVE TO CURRENT DIRECTORY
+# If pwd shows: /path/to/project/apps/frontend
+# Then use: git add src/file.ts
+# NOT: git add apps/frontend/src/file.ts
+```
+
+### Examples
+
+**❌ WRONG - Path gets doubled:**
+```bash
+cd ./apps/frontend
+git add apps/frontend/src/file.ts # Looks for apps/frontend/apps/frontend/src/file.ts
+```
+
+**✅ CORRECT - Use relative path from current directory:**
+```bash
+cd ./apps/frontend
+pwd # Shows: /path/to/project/apps/frontend
+git add src/file.ts # Correctly adds apps/frontend/src/file.ts from project root
+```
+
+**✅ ALSO CORRECT - Stay at root, use full relative path:**
+```bash
+# Don't change directory at all
+git add ./apps/frontend/src/file.ts # Works from project root
+```
+
+### Mandatory Pre-Command Check
+
+**Before EVERY git add, git commit, or file operation in a monorepo:**
+
+```bash
+# 1. Where am I?
+pwd
+
+# 2. What files am I targeting?
+ls -la [target-path] # Verify the path exists
+
+# 3. Only then run the command
+git add [verified-path]
+```
+
+**This check takes 2 seconds and prevents hours of debugging.**
+
+---
+
## PHASE 3: FIX ISSUES ONE BY ONE
For each issue in the fix request:
@@ -166,8 +228,45 @@ If any issue is not fixed, go back to Phase 3.
## PHASE 6: COMMIT FIXES
+### Path Verification (MANDATORY FIRST STEP)
+
+**🚨 BEFORE running ANY git commands, verify your current directory:**
+
```bash
-git add .
+# Step 1: Where am I?
+pwd
+
+# Step 2: What files do I want to commit?
+# If you changed to a subdirectory (e.g., cd apps/frontend),
+# you need to use paths RELATIVE TO THAT DIRECTORY, not from project root
+
+# Step 3: Verify paths exist
+ls -la [path-to-files] # Make sure the path is correct from your current location
+
+# Example in a monorepo:
+# If pwd shows: /project/apps/frontend
+# Then use: git add src/file.ts
+# NOT: git add apps/frontend/src/file.ts (this would look for apps/frontend/apps/frontend/src/file.ts)
+```
+
+**CRITICAL RULE:** If you're in a subdirectory, either:
+- **Option A:** Return to project root: `cd [back to working directory]`
+- **Option B:** Use paths relative to your CURRENT directory (check with `pwd`)
+
+### Create the Commit
+
+```bash
+# FIRST: Make sure you're in the working directory root
+pwd # Should match your working directory
+
+# Add all files EXCEPT .auto-claude directory (spec files should never be committed)
+git add . ':!.auto-claude'
+
+# If git add fails with "pathspec did not match", you have a path problem:
+# 1. Run pwd to see where you are
+# 2. Run git status to see what git sees
+# 3. Adjust your paths accordingly
+
git commit -m "fix: Address QA issues (qa-requested)
Fixes:
@@ -182,6 +281,8 @@ Verified:
QA Fix Session: [N]"
```
+**CRITICAL**: The `:!.auto-claude` pathspec exclusion ensures spec files are NEVER committed.
+
**NOTE**: Do NOT push to remote. All work stays local until user reviews and approves.
---
@@ -304,6 +405,13 @@ npx prisma migrate dev --name [name]
- How you verified
- Commit messages
+### Git Configuration - NEVER MODIFY
+**CRITICAL**: You MUST NOT modify git user configuration. Never run:
+- `git config user.name`
+- `git config user.email`
+
+The repository inherits the user's configured git identity. Do NOT set test users.
+
---
## QA LOOP BEHAVIOR
diff --git a/apps/backend/prompts/qa_reviewer.md b/apps/backend/prompts/qa_reviewer.md
index d986a41b6e..ff52320a6b 100644
--- a/apps/backend/prompts/qa_reviewer.md
+++ b/apps/backend/prompts/qa_reviewer.md
@@ -35,8 +35,8 @@ cat project_index.json
# 4. Check build progress
cat build-progress.txt
-# 5. See what files were changed
-git diff main --name-only
+# 5. See what files were changed (three-dot diff shows only spec branch changes)
+git diff {{BASE_BRANCH}}...HEAD --name-status
# 6. Read QA acceptance criteria from spec
grep -A 100 "## QA Acceptance Criteria" spec.md
@@ -514,7 +514,7 @@ All acceptance criteria verified:
The implementation is production-ready.
Sign-off recorded in implementation_plan.json.
-Ready for merge to main.
+Ready for merge to {{BASE_BRANCH}}.
```
### If Rejected:
diff --git a/apps/backend/prompts/roadmap_features.md b/apps/backend/prompts/roadmap_features.md
index 9582515ab8..5a19236d29 100644
--- a/apps/backend/prompts/roadmap_features.md
+++ b/apps/backend/prompts/roadmap_features.md
@@ -12,6 +12,7 @@ You are the **Roadmap Feature Generator Agent** in the Auto-Build framework. You
- `roadmap_discovery.json` (project understanding)
- `project_index.json` (codebase structure)
- `competitor_analysis.json` (optional - competitor insights if available)
+- `.auto-claude/personas/personas.json` (optional - user personas if available)
**Output**: `roadmap.json` (complete roadmap with prioritized features)
@@ -65,7 +66,16 @@ You MUST create `roadmap.json` with this EXACT structure:
"user_stories": [
"As a [user], I want to [action] so that [benefit]"
],
- "competitor_insight_ids": ["insight-id-1"]
+ "competitor_insight_ids": ["insight-id-1"],
+ "target_persona_ids": ["persona-id-1"],
+ "persona_impact": [
+ {
+ "persona_id": "persona-id-1",
+ "impact_score": 85,
+ "addressed_goal_ids": ["goal-id-1"],
+ "addressed_pain_point_ids": ["pain-point-id-1"]
+ }
+ ]
}
],
"metadata": {
@@ -95,6 +105,9 @@ grep -r "TODO\|FEATURE\|IDEA" --include="*.md" . 2>/dev/null | head -30
# Check for competitor analysis data (if enabled by user)
cat competitor_analysis.json 2>/dev/null || echo "No competitor analysis available"
+
+# Check for user personas (if generated)
+cat .auto-claude/personas/personas.json 2>/dev/null || echo "No personas available"
```
Extract key information:
@@ -103,6 +116,7 @@ Extract key information:
- Current features and gaps
- Constraints and dependencies
- Competitor pain points and market gaps (if competitor_analysis.json exists)
+- User personas with goals, pain points, and feature preferences (if personas.json exists)
---
@@ -135,7 +149,34 @@ Based on `current_state.technical_debt`, consider:
- What refactoring or improvements are needed?
- What would improve developer experience?
-### 1.6 Competitor Pain Points (if competitor_analysis.json exists)
+### 1.6 User Persona Needs (if personas.json exists)
+
+**IMPORTANT**: If `.auto-claude/personas/personas.json` is available, this is a HIGH-PRIORITY source for feature ideas.
+
+For each persona in the personas file:
+- Review their `goals` array (each has `id`, `description`, `priority`)
+- Review their `painPoints` array (each has `id`, `description`, `severity`)
+- Consider their `featurePreferences` and `technicalComfort`
+- Examine their `scenarios` for real-world use case inspiration
+
+**Persona-Driven Feature Generation**:
+1. For each HIGH priority goal → generate a MUST-HAVE feature idea
+2. For each HIGH severity pain point → generate a feature that addresses it
+3. For each scenario → consider if the happy path is fully supported
+
+**Linking Features to Personas**:
+When a feature addresses persona needs:
+1. Add the persona's `id` to the feature's `target_persona_ids` array
+2. Create a `persona_impact` entry with:
+ - `persona_id`: The persona this impacts
+ - `impact_score`: 0-100 based on how directly it addresses their needs
+ - `addressed_goal_ids`: IDs of goals this feature helps achieve
+ - `addressed_pain_point_ids`: IDs of pain points this feature alleviates
+3. Reference the persona in the feature's `rationale`
+4. **Boost priority for features that serve PRIMARY personas** (weight 3x)
+5. **Secondary personas get 2x weight, edge-case personas get 1x**
+
+### 1.7 Competitor Pain Points (if competitor_analysis.json exists)
**IMPORTANT**: If `competitor_analysis.json` is available, this becomes a HIGH-PRIORITY source for feature ideas.
@@ -165,17 +206,23 @@ Apply MoSCoW prioritization to each feature:
- Users cannot function without this
- Legal/compliance requirements
- **Addresses critical competitor pain points** (if competitor_analysis.json exists)
+- **Addresses HIGH priority goals of PRIMARY personas** (if personas.json exists)
+- **Addresses HIGH severity pain points of PRIMARY personas** (if personas.json exists)
**SHOULD HAVE** (priority: "should")
- Important but not critical
- Significant value to users
- Can wait for next phase if needed
- **Addresses common competitor pain points** (if competitor_analysis.json exists)
+- **Addresses goals/pain points of SECONDARY personas** (if personas.json exists)
+- **Addresses MEDIUM priority goals of PRIMARY personas** (if personas.json exists)
**COULD HAVE** (priority: "could")
- Nice to have, enhances experience
- Can be descoped without major impact
- Good for future phases
+- **Addresses EDGE-CASE persona needs** (if personas.json exists)
+- **Addresses LOW priority goals of any persona** (if personas.json exists)
**WON'T HAVE** (priority: "wont")
- Not planned for foreseeable future
@@ -194,9 +241,9 @@ For each feature, assess:
- **High**: 10+ files, architectural changes, > 3 days
### Impact (Low/Medium/High)
-- **High**: Core user need, differentiator, revenue driver, **addresses competitor pain points**
-- **Medium**: Improves experience, addresses secondary needs
-- **Low**: Edge cases, polish, nice-to-have
+- **High**: Core user need, differentiator, revenue driver, **addresses competitor pain points**, **serves PRIMARY personas with high-priority needs**
+- **Medium**: Improves experience, addresses secondary needs, **serves SECONDARY personas or addresses medium-priority PRIMARY persona needs**
+- **Low**: Edge cases, polish, nice-to-have, **serves EDGE-CASE personas or low-priority needs**
### Priority Matrix
```
@@ -304,7 +351,7 @@ cat > roadmap.json << 'EOF'
"id": "feature-1",
"title": "[Feature Title]",
"description": "[What it does]",
- "rationale": "[Why it matters - include competitor pain point reference if applicable]",
+ "rationale": "[Why it matters - include persona/competitor reference if applicable]",
"priority": "must|should|could|wont",
"complexity": "low|medium|high",
"impact": "low|medium|high",
@@ -318,7 +365,9 @@ cat > roadmap.json << 'EOF'
"user_stories": [
"As a [user], I want to [action] so that [benefit]"
],
- "competitor_insight_ids": []
+ "competitor_insight_ids": [],
+ "target_persona_ids": [],
+ "persona_impact": []
}
],
"metadata": {
@@ -326,13 +375,15 @@ cat > roadmap.json << 'EOF'
"updated_at": "[ISO timestamp]",
"generated_by": "roadmap_features agent",
"prioritization_framework": "MoSCoW",
- "competitor_analysis_used": false
+ "competitor_analysis_used": false,
+ "personas_used": false
}
}
EOF
```
**Note**: Set `competitor_analysis_used: true` in metadata if competitor_analysis.json was incorporated.
+**Note**: Set `personas_used: true` in metadata if personas.json was incorporated.
Verify the file was created:
@@ -389,12 +440,19 @@ Phases: [count]
Features: [count]
Competitor Analysis Used: [yes/no]
Features Addressing Competitor Pain Points: [count]
+Personas Used: [yes/no]
+Features With Persona Impact: [count]
Breakdown by priority:
- Must Have: [count]
- Should Have: [count]
- Could Have: [count]
+Persona Coverage:
+- PRIMARY personas addressed: [count]/[total]
+- SECONDARY personas addressed: [count]/[total]
+- Features per persona: [persona1: X, persona2: Y, ...]
+
roadmap.json created successfully.
```
@@ -409,6 +467,7 @@ roadmap.json created successfully.
5. **Include acceptance criteria** - Make features testable
6. **Use user stories** - Connect features to user value
7. **Leverage competitor analysis** - If `competitor_analysis.json` exists, prioritize features that address competitor pain points and include `competitor_insight_ids` to link features to specific insights
+8. **Leverage personas** - If `personas.json` exists, use personas to drive feature prioritization. Include `target_persona_ids` and `persona_impact` to link features to specific personas. PRIMARY personas get priority boost (3x weight), SECONDARY (2x), EDGE-CASE (1x)
---
@@ -436,7 +495,16 @@ For each feature, ensure you capture:
"user_stories": [
"As a [persona], I want to [action] so that [benefit]"
],
- "competitor_insight_ids": ["pain-point-id-1", "pain-point-id-2"]
+ "competitor_insight_ids": ["pain-point-id-1", "pain-point-id-2"],
+ "target_persona_ids": ["persona-id-1", "persona-id-2"],
+ "persona_impact": [
+ {
+ "persona_id": "persona-id-1",
+ "impact_score": 85,
+ "addressed_goal_ids": ["goal-id-1"],
+ "addressed_pain_point_ids": ["pain-point-id-1"]
+ }
+ ]
}
```
@@ -446,6 +514,17 @@ For each feature, ensure you capture:
- Features with `competitor_insight_ids` gain priority boost in the roadmap
- Use empty array `[]` if the feature doesn't address any competitor insights
+**Note on `target_persona_ids` and `persona_impact`**:
+- These fields are **optional** - only include when personas.json exists and the feature addresses persona needs
+- `target_persona_ids`: Array of persona IDs this feature serves (from personas.json `personas[].id`)
+- `persona_impact`: Detailed breakdown of how each targeted persona benefits:
+ - `persona_id`: The persona this impacts
+ - `impact_score`: 0-100 (100 = directly addresses critical need, 50 = moderately helpful, 25 = tangentially helpful)
+ - `addressed_goal_ids`: IDs of goals this feature helps achieve (from persona's `goals[].id`)
+ - `addressed_pain_point_ids`: IDs of pain points this feature alleviates (from persona's `painPoints[].id`)
+- Features targeting PRIMARY personas with high impact scores get significant priority boost
+- Use empty arrays if the feature doesn't address any specific persona needs
+
---
## BEGIN
diff --git a/apps/backend/prompts/spec_gatherer.md b/apps/backend/prompts/spec_gatherer.md
index b5bb20c1e9..77cafd9089 100644
--- a/apps/backend/prompts/spec_gatherer.md
+++ b/apps/backend/prompts/spec_gatherer.md
@@ -29,6 +29,13 @@ You MUST create `requirements.json` with this EXACT structure:
"constraints": [
"Any constraints or limitations"
],
+ "target_personas": [
+ {
+ "name": "Persona Name",
+ "goals_addressed": ["Goal 1", "Goal 2"],
+ "pain_points_solved": ["Pain point 1"]
+ }
+ ],
"created_at": "ISO timestamp"
}
```
@@ -106,6 +113,21 @@ Ask targeted questions:
3. **"What does success look like? How will you know it works?"**
4. **"Any constraints?"** (performance, compatibility, etc.)
+### 4.1: Check for User Personas
+
+If the project has user personas defined (check `.auto-claude/personas/personas.json`), ask about persona targeting:
+
+> "This project has defined user personas. Which personas should this feature target?
+> - **[Persona Name]** - [tagline]
+> - **[Persona Name]** - [tagline]
+>
+> Or is this a general improvement for all users?"
+
+If personas exist, consider:
+- Which persona's goals does this feature address?
+- Which persona's pain points does this feature solve?
+- Are there persona-specific requirements to capture?
+
Collect answers.
---
diff --git a/apps/backend/prompts/spec_writer.md b/apps/backend/prompts/spec_writer.md
index bca7cca1bd..5ac7ca3a05 100644
--- a/apps/backend/prompts/spec_writer.md
+++ b/apps/backend/prompts/spec_writer.md
@@ -32,8 +32,9 @@ cat context.json
Extract from these files:
- **From project_index.json**: Services, tech stacks, ports, run commands
-- **From requirements.json**: Task description, workflow type, services, acceptance criteria
+- **From requirements.json**: Task description, workflow type, services, acceptance criteria, target personas
- **From context.json**: Files to modify, files to reference, patterns
+- **From personas.json** (if exists at `.auto-claude/personas/personas.json`): User persona details for targeting
---
@@ -76,6 +77,23 @@ cat > spec.md << 'SPEC_EOF'
**Rationale**: [Why this workflow type fits the task]
+## Target Personas
+
+[If target_personas exist in requirements.json, include this section]
+
+This feature is designed for the following user personas:
+
+| Persona | Type | Goals Addressed | Pain Points Solved |
+|---------|------|-----------------|-------------------|
+| **[Persona Name]** | [primary/secondary] | [Goals from requirements] | [Pain points from requirements] |
+
+### Persona Considerations
+- [How the feature should be designed with this persona in mind]
+- [Specific UX considerations for the target persona]
+- [Any persona-specific acceptance criteria]
+
+[If no target_personas, omit this section or state: "General improvement - applies to all users"]
+
## Task Scope
### Services Involved
diff --git a/apps/backend/prompts_pkg/prompt_generator.py b/apps/backend/prompts_pkg/prompt_generator.py
index 15d2bc9b09..ebd9148854 100644
--- a/apps/backend/prompts_pkg/prompt_generator.py
+++ b/apps/backend/prompts_pkg/prompt_generator.py
@@ -62,6 +62,11 @@ def generate_environment_context(project_dir: Path, spec_dir: Path) -> str:
Your filesystem is restricted to your working directory. All file paths should be
relative to this location. Do NOT use absolute paths.
+**⚠️ CRITICAL:** Before ANY git command or file operation, run `pwd` to verify your current
+directory. If you've used `cd` to change directories, you MUST use paths relative to your
+NEW location, not the working directory. See the PATH CONFUSION PREVENTION section in the
+coder prompt for detailed examples.
+
**Important Files:**
- Spec: `{relative_spec}/spec.md`
- Plan: `{relative_spec}/implementation_plan.json`
diff --git a/apps/backend/prompts_pkg/prompts.py b/apps/backend/prompts_pkg/prompts.py
index acb29d7332..83a8726926 100644
--- a/apps/backend/prompts_pkg/prompts.py
+++ b/apps/backend/prompts_pkg/prompts.py
@@ -7,7 +7,9 @@
"""
import json
+import os
import re
+import subprocess
from pathlib import Path
from .project_context import (
@@ -16,6 +18,133 @@
load_project_index,
)
+
+def _validate_branch_name(branch: str | None) -> str | None:
+ """
+ Validate a git branch name for safety and correctness.
+
+ Args:
+ branch: The branch name to validate
+
+ Returns:
+ The validated branch name, or None if invalid
+ """
+ if not branch or not isinstance(branch, str):
+ return None
+
+ # Trim whitespace
+ branch = branch.strip()
+
+ # Reject empty or whitespace-only strings
+ if not branch:
+ return None
+
+ # Enforce maximum length (git refs can be long, but 255 is reasonable)
+ if len(branch) > 255:
+ return None
+
+ # Require at least one alphanumeric character
+ if not any(c.isalnum() for c in branch):
+ return None
+
+ # Only allow common git-ref characters: letters, numbers, ., _, -, /
+ # This prevents prompt injection and other security issues
+ if not re.match(r"^[A-Za-z0-9._/-]+$", branch):
+ return None
+
+ # Reject suspicious patterns that could be prompt injection attempts
+ # (newlines, control characters are already blocked by the regex above)
+
+ return branch
+
+
+def _get_base_branch_from_metadata(spec_dir: Path) -> str | None:
+ """
+ Read baseBranch from task_metadata.json if it exists.
+
+ Args:
+ spec_dir: Directory containing the spec files
+
+ Returns:
+ The baseBranch from metadata, or None if not found or invalid
+ """
+ metadata_path = spec_dir / "task_metadata.json"
+ if metadata_path.exists():
+ try:
+ with open(metadata_path, encoding="utf-8") as f:
+ metadata = json.load(f)
+ base_branch = metadata.get("baseBranch")
+ # Validate the branch name before returning
+ return _validate_branch_name(base_branch)
+ except (json.JSONDecodeError, OSError):
+ pass
+ return None
+
+
+def _detect_base_branch(spec_dir: Path, project_dir: Path) -> str:
+ """
+ Detect the base branch for a project/task.
+
+ Priority order:
+ 1. baseBranch from task_metadata.json (task-level override)
+ 2. DEFAULT_BRANCH environment variable
+ 3. Auto-detect main/master/develop (if they exist in git)
+ 4. Fall back to "main"
+
+ Args:
+ spec_dir: Directory containing the spec files
+ project_dir: Project root directory
+
+ Returns:
+ The detected base branch name
+ """
+ # 1. Check task_metadata.json for task-specific baseBranch
+ metadata_branch = _get_base_branch_from_metadata(spec_dir)
+ if metadata_branch:
+ return metadata_branch
+
+ # 2. Check for DEFAULT_BRANCH env var
+ env_branch = _validate_branch_name(os.getenv("DEFAULT_BRANCH"))
+ if env_branch:
+ # Verify the branch exists (with timeout to prevent hanging)
+ try:
+ result = subprocess.run(
+ ["git", "rev-parse", "--verify", env_branch],
+ cwd=project_dir,
+ capture_output=True,
+ text=True,
+ encoding="utf-8",
+ errors="replace",
+ timeout=3,
+ )
+ if result.returncode == 0:
+ return env_branch
+ except subprocess.TimeoutExpired:
+ # Treat timeout as branch verification failure
+ pass
+
+ # 3. Auto-detect main/master/develop
+ for branch in ["main", "master", "develop"]:
+ try:
+ result = subprocess.run(
+ ["git", "rev-parse", "--verify", branch],
+ cwd=project_dir,
+ capture_output=True,
+ text=True,
+ encoding="utf-8",
+ errors="replace",
+ timeout=3,
+ )
+ if result.returncode == 0:
+ return branch
+ except subprocess.TimeoutExpired:
+ # Treat timeout as branch verification failure, try next branch
+ continue
+
+ # 4. Fall back to "main"
+ return "main"
+
+
# Directory containing prompt files
# prompts/ is a sibling directory of prompts_pkg/, so go up one level first
PROMPTS_DIR = Path(__file__).parent.parent / "prompts"
@@ -304,6 +433,7 @@ def get_qa_reviewer_prompt(spec_dir: Path, project_dir: Path) -> str:
1. Loads the base QA reviewer prompt
2. Detects project capabilities from project_index.json
3. Injects only relevant MCP tool documentation (Electron, Puppeteer, DB, API)
+ 4. Detects and injects the correct base branch for git comparisons
This saves context window by excluding irrelevant tool docs.
For example, a CLI Python project won't get Electron validation docs.
@@ -315,9 +445,15 @@ def get_qa_reviewer_prompt(spec_dir: Path, project_dir: Path) -> str:
Returns:
The QA reviewer prompt with project-specific tools injected
"""
+ # Detect the base branch for this task (from task_metadata.json or auto-detect)
+ base_branch = _detect_base_branch(spec_dir, project_dir)
+
# Load base QA reviewer prompt
base_prompt = _load_prompt_file("qa_reviewer.md")
+ # Replace {{BASE_BRANCH}} placeholder with the actual base branch
+ base_prompt = base_prompt.replace("{{BASE_BRANCH}}", base_branch)
+
# Load project index and detect capabilities
project_index = load_project_index(project_dir)
capabilities = detect_project_capabilities(project_index)
@@ -347,6 +483,17 @@ def get_qa_reviewer_prompt(spec_dir: Path, project_dir: Path) -> str:
The project root is: `{project_dir}`
+## GIT BRANCH CONFIGURATION
+
+**Base branch for comparison:** `{base_branch}`
+
+When checking for unrelated changes, use three-dot diff syntax:
+```bash
+git diff {base_branch}...HEAD --name-status
+```
+
+This shows only changes made in the spec branch since it diverged from `{base_branch}`.
+
---
## PROJECT CAPABILITIES DETECTED
diff --git a/apps/backend/qa/loop.py b/apps/backend/qa/loop.py
index ff8308695e..fcbc1c7f34 100644
--- a/apps/backend/qa/loop.py
+++ b/apps/backend/qa/loop.py
@@ -6,6 +6,7 @@
approval or max iterations.
"""
+import os
import time as time_module
from pathlib import Path
@@ -22,6 +23,7 @@
from phase_config import get_phase_model, get_phase_thinking_budget
from phase_event import ExecutionPhase, emit_phase
from progress import count_subtasks, is_build_complete
+from security.constants import PROJECT_DIR_ENV_VAR
from task_logger import (
LogPhase,
get_task_logger,
@@ -83,6 +85,10 @@ async def run_qa_validation_loop(
Returns:
True if QA approved, False otherwise
"""
+ # Set environment variable for security hooks to find the correct project directory
+ # This is needed because os.getcwd() may return the wrong directory in worktree mode
+ os.environ[PROJECT_DIR_ENV_VAR] = str(project_dir.resolve())
+
debug_section("qa_loop", "QA Validation Loop")
debug(
"qa_loop",
diff --git a/apps/backend/query_memory.py b/apps/backend/query_memory.py
index c16f82d943..e729e892bd 100644
--- a/apps/backend/query_memory.py
+++ b/apps/backend/query_memory.py
@@ -185,24 +185,31 @@ def cmd_get_memories(args):
"""
result = conn.execute(query, parameters={"limit": limit})
- df = result.get_as_df()
+ # Process results without pandas (iterate through result set directly)
memories = []
- for _, row in df.iterrows():
+ while result.has_next():
+ row = result.get_next()
+ # Row order: uuid, name, created_at, content, description, group_id
+ uuid_val = serialize_value(row[0]) if len(row) > 0 else None
+ name_val = serialize_value(row[1]) if len(row) > 1 else ""
+ created_at_val = serialize_value(row[2]) if len(row) > 2 else None
+ content_val = serialize_value(row[3]) if len(row) > 3 else ""
+ description_val = serialize_value(row[4]) if len(row) > 4 else ""
+ group_id_val = serialize_value(row[5]) if len(row) > 5 else ""
+
memory = {
- "id": row.get("uuid") or row.get("name", "unknown"),
- "name": row.get("name", ""),
- "type": infer_episode_type(row.get("name", ""), row.get("content", "")),
- "timestamp": row.get("created_at") or datetime.now().isoformat(),
- "content": row.get("content")
- or row.get("description")
- or row.get("name", ""),
- "description": row.get("description", ""),
- "group_id": row.get("group_id", ""),
+ "id": uuid_val or name_val or "unknown",
+ "name": name_val or "",
+ "type": infer_episode_type(name_val or "", content_val or ""),
+ "timestamp": created_at_val or datetime.now().isoformat(),
+ "content": content_val or description_val or name_val or "",
+ "description": description_val or "",
+ "group_id": group_id_val or "",
}
# Extract session number if present
- session_num = extract_session_number(row.get("name", ""))
+ session_num = extract_session_number(name_val or "")
if session_num:
memory["session_number"] = session_num
@@ -251,24 +258,31 @@ def cmd_search(args):
result = conn.execute(
query, parameters={"search_query": search_query, "limit": limit}
)
- df = result.get_as_df()
+ # Process results without pandas
memories = []
- for _, row in df.iterrows():
+ while result.has_next():
+ row = result.get_next()
+ # Row order: uuid, name, created_at, content, description, group_id
+ uuid_val = serialize_value(row[0]) if len(row) > 0 else None
+ name_val = serialize_value(row[1]) if len(row) > 1 else ""
+ created_at_val = serialize_value(row[2]) if len(row) > 2 else None
+ content_val = serialize_value(row[3]) if len(row) > 3 else ""
+ description_val = serialize_value(row[4]) if len(row) > 4 else ""
+ group_id_val = serialize_value(row[5]) if len(row) > 5 else ""
+
memory = {
- "id": row.get("uuid") or row.get("name", "unknown"),
- "name": row.get("name", ""),
- "type": infer_episode_type(row.get("name", ""), row.get("content", "")),
- "timestamp": row.get("created_at") or datetime.now().isoformat(),
- "content": row.get("content")
- or row.get("description")
- or row.get("name", ""),
- "description": row.get("description", ""),
- "group_id": row.get("group_id", ""),
+ "id": uuid_val or name_val or "unknown",
+ "name": name_val or "",
+ "type": infer_episode_type(name_val or "", content_val or ""),
+ "timestamp": created_at_val or datetime.now().isoformat(),
+ "content": content_val or description_val or name_val or "",
+ "description": description_val or "",
+ "group_id": group_id_val or "",
"score": 1.0, # Keyword match score
}
- session_num = extract_session_number(row.get("name", ""))
+ session_num = extract_session_number(name_val or "")
if session_num:
memory["session_number"] = session_num
@@ -461,19 +475,26 @@ def cmd_get_entities(args):
"""
result = conn.execute(query, parameters={"limit": limit})
- df = result.get_as_df()
+ # Process results without pandas
entities = []
- for _, row in df.iterrows():
- if not row.get("summary"):
+ while result.has_next():
+ row = result.get_next()
+ # Row order: uuid, name, summary, created_at
+ uuid_val = serialize_value(row[0]) if len(row) > 0 else None
+ name_val = serialize_value(row[1]) if len(row) > 1 else ""
+ summary_val = serialize_value(row[2]) if len(row) > 2 else ""
+ created_at_val = serialize_value(row[3]) if len(row) > 3 else None
+
+ if not summary_val:
continue
entity = {
- "id": row.get("uuid") or row.get("name", "unknown"),
- "name": row.get("name", ""),
- "type": infer_entity_type(row.get("name", "")),
- "timestamp": row.get("created_at") or datetime.now().isoformat(),
- "content": row.get("summary", ""),
+ "id": uuid_val or name_val or "unknown",
+ "name": name_val or "",
+ "type": infer_entity_type(name_val or ""),
+ "timestamp": created_at_val or datetime.now().isoformat(),
+ "content": summary_val or "",
}
entities.append(entity)
@@ -488,6 +509,118 @@ def cmd_get_entities(args):
output_error(f"Query failed: {e}")
+def cmd_add_episode(args):
+ """
+ Add a new episode to the memory database.
+
+ This is called from the Electron main process to save PR review insights,
+ patterns, gotchas, and other memories directly to the LadybugDB database.
+
+ Args:
+ args.db_path: Path to database directory
+ args.database: Database name
+ args.name: Episode name/title
+ args.content: Episode content (JSON string)
+ args.episode_type: Type of episode (session_insight, pattern, gotcha, task_outcome, pr_review)
+ args.group_id: Optional group ID for namespacing
+ """
+ if not apply_monkeypatch():
+ output_error("Neither kuzu nor LadybugDB is installed")
+ return
+
+ try:
+ import uuid as uuid_module
+
+ try:
+ import kuzu
+ except ImportError:
+ import real_ladybug as kuzu
+
+ # Parse content from JSON if provided
+ content = args.content
+ if content:
+ try:
+ # Try to parse as JSON to validate
+ parsed = json.loads(content)
+ # Re-serialize to ensure consistent formatting
+ content = json.dumps(parsed)
+ except json.JSONDecodeError:
+ # If not valid JSON, use as-is
+ pass
+
+ # Generate unique ID
+ episode_uuid = str(uuid_module.uuid4())
+ created_at = datetime.now().isoformat()
+
+ # Get database path - create directory if needed
+ full_path = Path(args.db_path) / args.database
+ if not full_path.exists():
+ # For new databases, create the parent directory
+ Path(args.db_path).mkdir(parents=True, exist_ok=True)
+
+ # Open database (creates it if it doesn't exist)
+ db = kuzu.Database(str(full_path))
+ conn = kuzu.Connection(db)
+
+ # Always try to create the Episodic table if it doesn't exist
+ # This handles both new databases and existing databases without the table
+ try:
+ conn.execute("""
+ CREATE NODE TABLE IF NOT EXISTS Episodic (
+ uuid STRING PRIMARY KEY,
+ name STRING,
+ content STRING,
+ source_description STRING,
+ group_id STRING,
+ created_at STRING
+ )
+ """)
+ except Exception as schema_err:
+ # Table might already exist with different schema - that's ok
+ # The insert will fail if schema is incompatible
+ sys.stderr.write(f"Schema creation note: {schema_err}\n")
+
+ # Insert the episode
+ try:
+ insert_query = """
+ CREATE (e:Episodic {
+ uuid: $uuid,
+ name: $name,
+ content: $content,
+ source_description: $description,
+ group_id: $group_id,
+ created_at: $created_at
+ })
+ """
+ conn.execute(
+ insert_query,
+ parameters={
+ "uuid": episode_uuid,
+ "name": args.name,
+ "content": content,
+ "description": f"[{args.episode_type}] {args.name}",
+ "group_id": args.group_id or "",
+ "created_at": created_at,
+ },
+ )
+
+ output_json(
+ True,
+ data={
+ "id": episode_uuid,
+ "name": args.name,
+ "type": args.episode_type,
+ "timestamp": created_at,
+ },
+ )
+
+ except Exception as e:
+ output_error(f"Failed to insert episode: {e}")
+
+ except Exception as e:
+ output_error(f"Failed to add episode: {e}")
+
+
def infer_episode_type(name: str, content: str = "") -> str:
"""Infer the episode type from its name and content."""
name_lower = (name or "").lower()
@@ -580,6 +713,27 @@ def main():
"--limit", type=int, default=20, help="Maximum results"
)
+ # add-episode command (for saving memories from Electron app)
+ add_parser = subparsers.add_parser(
+ "add-episode",
+ help="Add an episode to the memory database (called from Electron)",
+ )
+ add_parser.add_argument("db_path", help="Path to database directory")
+ add_parser.add_argument("database", help="Database name")
+ add_parser.add_argument("--name", required=True, help="Episode name/title")
+ add_parser.add_argument(
+ "--content", required=True, help="Episode content (JSON string)"
+ )
+ add_parser.add_argument(
+ "--type",
+ dest="episode_type",
+ default="session_insight",
+ help="Episode type (session_insight, pattern, gotcha, task_outcome, pr_review)",
+ )
+ add_parser.add_argument(
+ "--group-id", dest="group_id", help="Optional group ID for namespacing"
+ )
+
args = parser.parse_args()
if not args.command:
@@ -594,6 +748,7 @@ def main():
"search": cmd_search,
"semantic-search": cmd_semantic_search,
"get-entities": cmd_get_entities,
+ "add-episode": cmd_add_episode,
}
handler = commands.get(args.command)
diff --git a/apps/backend/requirements.txt b/apps/backend/requirements.txt
index 59aec7b0ee..95c8a1eacb 100644
--- a/apps/backend/requirements.txt
+++ b/apps/backend/requirements.txt
@@ -10,6 +10,10 @@ tomli>=2.0.0; python_version < "3.11"
real_ladybug>=0.13.0; python_version >= "3.12"
graphiti-core>=0.5.0; python_version >= "3.12"
+# Windows-specific dependency for LadybugDB/Graphiti
+# pywin32 provides Windows system bindings required by real_ladybug
+pywin32>=306; sys_platform == "win32" and python_version >= "3.12"
+
# Google AI (optional - for Gemini LLM and embeddings)
google-generativeai>=0.8.0
diff --git a/apps/backend/roadmap/__init__.py b/apps/backend/roadmap/__init__.py
new file mode 100644
index 0000000000..a03ba2656a
--- /dev/null
+++ b/apps/backend/roadmap/__init__.py
@@ -0,0 +1,8 @@
+"""
+Roadmap package for Auto-Claude.
+Contains roadmap generation and persona gap analysis utilities.
+"""
+
+from .persona_gap_analyzer import PersonaGapAnalyzer
+
+__all__ = ['PersonaGapAnalyzer']
diff --git a/apps/backend/roadmap/persona_gap_analyzer.py b/apps/backend/roadmap/persona_gap_analyzer.py
new file mode 100644
index 0000000000..e929e8913b
--- /dev/null
+++ b/apps/backend/roadmap/persona_gap_analyzer.py
@@ -0,0 +1,464 @@
+"""
+Persona Gap Analyzer
+
+Analyzes coverage gaps for each persona by examining how well their goals
+and pain points are addressed by roadmap features, ideation ideas, and tasks.
+"""
+
+from dataclasses import dataclass, field
+from typing import Any
+from datetime import datetime
+import json
+from pathlib import Path
+
+
+@dataclass
+class PersonaCoverage:
+ """Coverage metrics for a single persona."""
+ persona_id: str
+ persona_name: str
+ persona_type: str # 'primary', 'secondary', 'edge-case'
+ idea_count: int = 0
+ feature_count: int = 0
+ task_count: int = 0
+ goals_covered: int = 0
+ goals_total: int = 0
+ pain_points_covered: int = 0
+ pain_points_total: int = 0
+ overall_coverage_score: float = 0.0
+
+
+@dataclass
+class PersonaGap:
+ """Represents an identified gap for a persona."""
+ persona_id: str
+ gap_type: str # 'unaddressed_goal', 'unaddressed_pain_point', 'low_coverage'
+ description: str
+ severity: str # 'high', 'medium', 'low'
+ suggested_action: str | None = None
+ related_goal_id: str | None = None
+ related_pain_point_id: str | None = None
+
+
+@dataclass
+class PersonaHealthDashboard:
+ """Complete health dashboard for all personas."""
+ personas: list[PersonaCoverage] = field(default_factory=list)
+ gaps: list[PersonaGap] = field(default_factory=list)
+ recommendations: list[str] = field(default_factory=list)
+ last_updated: str = field(default_factory=lambda: datetime.now().isoformat())
+
+ def to_dict(self) -> dict[str, Any]:
+ """Convert to dictionary for JSON serialization."""
+ return {
+ 'personas': [
+ {
+ 'personaId': p.persona_id,
+ 'personaName': p.persona_name,
+ 'personaType': p.persona_type,
+ 'ideaCount': p.idea_count,
+ 'featureCount': p.feature_count,
+ 'taskCount': p.task_count,
+ 'goalsCovered': p.goals_covered,
+ 'goalsTotal': p.goals_total,
+ 'painPointsCovered': p.pain_points_covered,
+ 'painPointsTotal': p.pain_points_total,
+ 'overallCoverageScore': p.overall_coverage_score
+ }
+ for p in self.personas
+ ],
+ 'gaps': [
+ {
+ 'personaId': g.persona_id,
+ 'gapType': g.gap_type,
+ 'description': g.description,
+ 'severity': g.severity,
+ 'suggestedAction': g.suggested_action,
+ 'relatedGoalId': g.related_goal_id,
+ 'relatedPainPointId': g.related_pain_point_id
+ }
+ for g in self.gaps
+ ],
+ 'recommendations': self.recommendations,
+ 'lastUpdated': self.last_updated
+ }
+
+
+# Persona type weights for coverage scoring
+PERSONA_TYPE_WEIGHTS = {
+ 'primary': 3,
+ 'secondary': 2,
+ 'edge-case': 1
+}
+
+# Coverage thresholds
+COVERAGE_THRESHOLDS = {
+ 'good': 70,
+ 'warning': 40,
+ 'critical': 0
+}
+
+
+class PersonaGapAnalyzer:
+ """Analyzes coverage gaps for each persona."""
+
+ def __init__(self, project_dir: str | Path):
+ """Initialize the analyzer with project directory.
+
+ Args:
+ project_dir: Path to the project directory
+ """
+ self.project_dir = Path(project_dir)
+ self.personas_path = self.project_dir / '.auto-claude' / 'personas' / 'personas.json'
+
+ def load_personas(self) -> list[dict[str, Any]]:
+ """Load personas from the personas.json file.
+
+ Returns:
+ List of persona dictionaries
+ """
+ if not self.personas_path.exists():
+ return []
+
+ with open(self.personas_path, 'r') as f:
+ data = json.load(f)
+ return data.get('personas', [])
+
+ def analyze_gaps(
+ self,
+ personas: list[dict[str, Any]] | None = None,
+ roadmap_features: list[dict[str, Any]] | None = None,
+ ideation_ideas: list[dict[str, Any]] | None = None,
+ tasks: list[dict[str, Any]] | None = None
+ ) -> PersonaHealthDashboard:
+ """Analyze coverage gaps for all personas.
+
+ Args:
+ personas: List of persona dicts (loads from file if not provided)
+ roadmap_features: List of roadmap feature dicts
+ ideation_ideas: List of ideation idea dicts
+ tasks: List of task dicts
+
+ Returns:
+ PersonaHealthDashboard with coverage and gap analysis
+ """
+ if personas is None:
+ personas = self.load_personas()
+
+ roadmap_features = roadmap_features or []
+ ideation_ideas = ideation_ideas or []
+ tasks = tasks or []
+
+ dashboard = PersonaHealthDashboard()
+
+ for persona in personas:
+ # Calculate coverage for this persona
+ coverage = self.calculate_coverage(
+ persona, roadmap_features, ideation_ideas, tasks
+ )
+ dashboard.personas.append(coverage)
+
+ # Find unaddressed needs
+ gaps = self.identify_unaddressed_needs(
+ persona, roadmap_features, ideation_ideas, tasks
+ )
+ dashboard.gaps.extend(gaps)
+
+ # Generate recommendations
+ dashboard.recommendations = self._generate_recommendations(dashboard)
+
+ return dashboard
+
+ def calculate_coverage(
+ self,
+ persona: dict[str, Any],
+ roadmap_features: list[dict[str, Any]],
+ ideation_ideas: list[dict[str, Any]],
+ tasks: list[dict[str, Any]]
+ ) -> PersonaCoverage:
+ """Calculate coverage score for a persona.
+
+ Args:
+ persona: The persona dictionary
+ roadmap_features: List of roadmap features
+ ideation_ideas: List of ideation ideas
+ tasks: List of tasks
+
+ Returns:
+ PersonaCoverage with calculated metrics
+ """
+ persona_id = persona.get('id', '')
+ goals = persona.get('goals', [])
+ pain_points = persona.get('painPoints', [])
+
+ # Count items targeting this persona
+ idea_count = sum(
+ 1 for idea in ideation_ideas
+ if self._persona_in_relevance(persona_id, idea.get('personaRelevance', []))
+ )
+
+ feature_count = sum(
+ 1 for feature in roadmap_features
+ if persona_id in (feature.get('targetPersonaIds', []) or feature.get('target_persona_ids', []))
+ )
+
+ task_count = sum(
+ 1 for task in tasks
+ if persona_id in (task.get('targetPersonaIds', []) or [])
+ )
+
+ # Calculate covered goals and pain points
+ covered_goal_ids = self._get_covered_goal_ids(
+ persona_id, roadmap_features, ideation_ideas, tasks
+ )
+ covered_pain_point_ids = self._get_covered_pain_point_ids(
+ persona_id, roadmap_features, ideation_ideas, tasks
+ )
+
+ goals_covered = len([g for g in goals if g.get('id') in covered_goal_ids])
+ pain_points_covered = len([p for p in pain_points if p.get('id') in covered_pain_point_ids])
+
+ # Calculate overall coverage score (0-100)
+ goals_total = len(goals)
+ pain_points_total = len(pain_points)
+
+ if goals_total + pain_points_total == 0:
+ overall_score = 0.0
+ else:
+ # Weight goals and pain points equally
+ goal_coverage = (goals_covered / goals_total * 100) if goals_total > 0 else 0
+ pain_coverage = (pain_points_covered / pain_points_total * 100) if pain_points_total > 0 else 0
+ overall_score = (goal_coverage + pain_coverage) / 2
+
+ return PersonaCoverage(
+ persona_id=persona_id,
+ persona_name=persona.get('name', 'Unknown'),
+ persona_type=persona.get('type', 'secondary'),
+ idea_count=idea_count,
+ feature_count=feature_count,
+ task_count=task_count,
+ goals_covered=goals_covered,
+ goals_total=goals_total,
+ pain_points_covered=pain_points_covered,
+ pain_points_total=pain_points_total,
+ overall_coverage_score=round(overall_score, 1)
+ )
+
+ def identify_unaddressed_needs(
+ self,
+ persona: dict[str, Any],
+ roadmap_features: list[dict[str, Any]],
+ ideation_ideas: list[dict[str, Any]],
+ tasks: list[dict[str, Any]]
+ ) -> list[PersonaGap]:
+ """Find goals and pain points not addressed by any item.
+
+ Args:
+ persona: The persona dictionary
+ roadmap_features: List of roadmap features
+ ideation_ideas: List of ideation ideas
+ tasks: List of tasks
+
+ Returns:
+ List of PersonaGap objects
+ """
+ persona_id = persona.get('id', '')
+ persona_type = persona.get('type', 'secondary')
+ goals = persona.get('goals', [])
+ pain_points = persona.get('painPoints', [])
+
+ gaps: list[PersonaGap] = []
+
+ # Get covered IDs
+ covered_goal_ids = self._get_covered_goal_ids(
+ persona_id, roadmap_features, ideation_ideas, tasks
+ )
+ covered_pain_point_ids = self._get_covered_pain_point_ids(
+ persona_id, roadmap_features, ideation_ideas, tasks
+ )
+
+ # Find unaddressed goals
+ for goal in goals:
+ goal_id = goal.get('id', '')
+ if goal_id and goal_id not in covered_goal_ids:
+ priority = goal.get('priority', 'medium')
+ severity = self._calculate_gap_severity(persona_type, priority)
+
+ gaps.append(PersonaGap(
+ persona_id=persona_id,
+ gap_type='unaddressed_goal',
+ description=goal.get('description', 'Unknown goal'),
+ severity=severity,
+ suggested_action=f"Create a feature or idea addressing: {goal.get('description', '')}",
+ related_goal_id=goal_id
+ ))
+
+ # Find unaddressed pain points
+ for pain_point in pain_points:
+ pp_id = pain_point.get('id', '')
+ if pp_id and pp_id not in covered_pain_point_ids:
+ pp_severity = pain_point.get('severity', 'medium')
+ gap_severity = self._calculate_gap_severity(persona_type, pp_severity)
+
+ gaps.append(PersonaGap(
+ persona_id=persona_id,
+ gap_type='unaddressed_pain_point',
+ description=pain_point.get('description', 'Unknown pain point'),
+ severity=gap_severity,
+ suggested_action=f"Address pain point: {pain_point.get('description', '')}",
+ related_pain_point_id=pp_id
+ ))
+
+ return gaps
+
+ def _persona_in_relevance(
+ self,
+ persona_id: str,
+ relevance_list: list[dict[str, Any]]
+ ) -> bool:
+ """Check if persona is in the relevance list."""
+ for r in relevance_list:
+ if r.get('personaId') == persona_id or r.get('persona_id') == persona_id:
+ return True
+ return False
+
+ def _get_covered_goal_ids(
+ self,
+ persona_id: str,
+ roadmap_features: list[dict[str, Any]],
+ ideation_ideas: list[dict[str, Any]],
+ tasks: list[dict[str, Any]]
+ ) -> set[str]:
+ """Get all goal IDs covered by features, ideas, and tasks."""
+ covered = set()
+
+ # From roadmap features
+ for feature in roadmap_features:
+ for impact in (feature.get('personaImpact', []) or feature.get('persona_impact', [])):
+ if (impact.get('personaId') == persona_id or
+ impact.get('persona_id') == persona_id):
+ goal_ids = impact.get('addressedGoalIds', []) or impact.get('addressed_goal_ids', [])
+ covered.update(goal_ids)
+
+ # From ideation ideas
+ for idea in ideation_ideas:
+ for relevance in (idea.get('personaRelevance', []) or idea.get('persona_relevance', [])):
+ if (relevance.get('personaId') == persona_id or
+ relevance.get('persona_id') == persona_id):
+ goal_ids = relevance.get('addressedGoalIds', []) or relevance.get('addressed_goal_ids', [])
+ covered.update(goal_ids)
+
+ return covered
+
+ def _get_covered_pain_point_ids(
+ self,
+ persona_id: str,
+ roadmap_features: list[dict[str, Any]],
+ ideation_ideas: list[dict[str, Any]],
+ tasks: list[dict[str, Any]]
+ ) -> set[str]:
+ """Get all pain point IDs covered by features, ideas, and tasks."""
+ covered = set()
+
+ # From roadmap features
+ for feature in roadmap_features:
+ for impact in (feature.get('personaImpact', []) or feature.get('persona_impact', [])):
+ if (impact.get('personaId') == persona_id or
+ impact.get('persona_id') == persona_id):
+ pp_ids = impact.get('addressedPainPointIds', []) or impact.get('addressed_pain_point_ids', [])
+ covered.update(pp_ids)
+
+ # From ideation ideas
+ for idea in ideation_ideas:
+ for relevance in (idea.get('personaRelevance', []) or idea.get('persona_relevance', [])):
+ if (relevance.get('personaId') == persona_id or
+ relevance.get('persona_id') == persona_id):
+ pp_ids = relevance.get('addressedPainPointIds', []) or relevance.get('addressed_pain_point_ids', [])
+ covered.update(pp_ids)
+
+ return covered
+
+ def _calculate_gap_severity(self, persona_type: str, item_priority: str) -> str:
+ """Calculate gap severity based on persona type and item priority.
+
+ Args:
+ persona_type: 'primary', 'secondary', or 'edge-case'
+ item_priority: 'high', 'medium', or 'low'
+
+ Returns:
+ 'high', 'medium', or 'low' severity
+ """
+ # Primary personas with high priority items = high severity
+ if persona_type == 'primary':
+ if item_priority == 'high':
+ return 'high'
+ elif item_priority == 'medium':
+ return 'medium'
+ else:
+ return 'low'
+ elif persona_type == 'secondary':
+ if item_priority == 'high':
+ return 'medium'
+ else:
+ return 'low'
+ else: # edge-case
+ return 'low'
+
+ def _generate_recommendations(self, dashboard: PersonaHealthDashboard) -> list[str]:
+ """Generate recommendations based on coverage analysis.
+
+ Args:
+ dashboard: The health dashboard with coverage data
+
+ Returns:
+ List of recommendation strings
+ """
+ recommendations = []
+
+ # Find underserved primary personas
+ for coverage in dashboard.personas:
+ if coverage.persona_type == 'primary' and coverage.overall_coverage_score < COVERAGE_THRESHOLDS['warning']:
+ recommendations.append(
+ f"CRITICAL: Primary persona '{coverage.persona_name}' has only "
+ f"{coverage.overall_coverage_score}% coverage. Focus on their needs."
+ )
+ elif coverage.overall_coverage_score < COVERAGE_THRESHOLDS['good']:
+ recommendations.append(
+ f"Consider improving coverage for '{coverage.persona_name}' "
+ f"(currently {coverage.overall_coverage_score}%)."
+ )
+
+ # Count high severity gaps
+ high_severity_gaps = [g for g in dashboard.gaps if g.severity == 'high']
+ if high_severity_gaps:
+ recommendations.append(
+ f"Address {len(high_severity_gaps)} high-severity gaps "
+ f"affecting primary personas."
+ )
+
+ # Check for personas with no features/ideas
+ orphan_personas = [
+ c for c in dashboard.personas
+ if c.feature_count == 0 and c.idea_count == 0 and c.persona_type != 'edge-case'
+ ]
+ if orphan_personas:
+ names = ', '.join(p.persona_name for p in orphan_personas)
+ recommendations.append(
+ f"Personas with no features or ideas: {names}. "
+ f"Consider running ideation targeting these personas."
+ )
+
+ return recommendations
+
+ def save_dashboard(self, dashboard: PersonaHealthDashboard, output_path: str | Path) -> None:
+ """Save the dashboard to a JSON file.
+
+ Args:
+ dashboard: The health dashboard to save
+ output_path: Path to save the JSON file
+ """
+ output_path = Path(output_path)
+ output_path.parent.mkdir(parents=True, exist_ok=True)
+
+ with open(output_path, 'w') as f:
+ json.dump(dashboard.to_dict(), f, indent=2)
diff --git a/apps/backend/runners/ai_analyzer/claude_client.py b/apps/backend/runners/ai_analyzer/claude_client.py
index e1f5a669dc..5d3f07121a 100644
--- a/apps/backend/runners/ai_analyzer/claude_client.py
+++ b/apps/backend/runners/ai_analyzer/claude_client.py
@@ -8,6 +8,7 @@
try:
from claude_agent_sdk import ClaudeAgentOptions, ClaudeSDKClient
+ from phase_config import resolve_model_id
CLAUDE_SDK_AVAILABLE = True
except ImportError:
@@ -17,7 +18,7 @@
class ClaudeAnalysisClient:
"""Wrapper for Claude SDK client with analysis-specific configuration."""
- DEFAULT_MODEL = "claude-sonnet-4-5-20250929"
+ DEFAULT_MODEL = "sonnet" # Shorthand - resolved via API Profile if configured
ALLOWED_TOOLS = ["Read", "Glob", "Grep"]
MAX_TURNS = 50
@@ -110,7 +111,7 @@ def _create_client(self, settings_file: Path) -> Any:
return ClaudeSDKClient(
options=ClaudeAgentOptions(
- model=self.DEFAULT_MODEL,
+ model=resolve_model_id(self.DEFAULT_MODEL), # Resolve via API Profile
system_prompt=system_prompt,
allowed_tools=self.ALLOWED_TOOLS,
max_turns=self.MAX_TURNS,
diff --git a/apps/backend/runners/github/cleanup_pr_worktrees.py b/apps/backend/runners/github/cleanup_pr_worktrees.py
new file mode 100755
index 0000000000..1a40688f9f
--- /dev/null
+++ b/apps/backend/runners/github/cleanup_pr_worktrees.py
@@ -0,0 +1,205 @@
+#!/usr/bin/env python3
+"""
+PR Worktree Cleanup Utility
+============================
+
+Command-line tool for managing PR review worktrees.
+
+Usage:
+ python cleanup_pr_worktrees.py --list # List all worktrees
+ python cleanup_pr_worktrees.py --cleanup # Run cleanup policies
+ python cleanup_pr_worktrees.py --cleanup-all # Remove ALL worktrees
+ python cleanup_pr_worktrees.py --stats # Show cleanup statistics
+"""
+
+import argparse
+
+# Load module directly to avoid import issues
+import importlib.util
+import sys
+from pathlib import Path
+
+services_dir = Path(__file__).parent / "services"
+module_path = services_dir / "pr_worktree_manager.py"
+
+spec = importlib.util.spec_from_file_location("pr_worktree_manager", module_path)
+pr_worktree_module = importlib.util.module_from_spec(spec)
+spec.loader.exec_module(pr_worktree_module)
+
+PRWorktreeManager = pr_worktree_module.PRWorktreeManager
+DEFAULT_PR_WORKTREE_MAX_AGE_DAYS = pr_worktree_module.DEFAULT_PR_WORKTREE_MAX_AGE_DAYS
+DEFAULT_MAX_PR_WORKTREES = pr_worktree_module.DEFAULT_MAX_PR_WORKTREES
+_get_max_age_days = pr_worktree_module._get_max_age_days
+_get_max_pr_worktrees = pr_worktree_module._get_max_pr_worktrees
+
+
+def find_project_root() -> Path:
+ """Find the git project root directory."""
+ current = Path.cwd()
+ while current != current.parent:
+ if (current / ".git").exists():
+ return current
+ current = current.parent
+ raise RuntimeError("Not in a git repository")
+
+
+def list_worktrees(manager: PRWorktreeManager) -> None:
+ """List all PR review worktrees."""
+ worktrees = manager.get_worktree_info()
+
+ if not worktrees:
+ print("No PR review worktrees found.")
+ return
+
+ print(f"\nFound {len(worktrees)} PR review worktrees:\n")
+ print(f"{'Directory':<40} {'Age (days)':<12} {'PR':<6}")
+ print("-" * 60)
+
+ for wt in worktrees:
+ pr_str = f"#{wt.pr_number}" if wt.pr_number else "N/A"
+ print(f"{wt.path.name:<40} {wt.age_days:>10.1f} {pr_str:>6}")
+
+ print()
+
+
+def show_stats(manager: PRWorktreeManager) -> None:
+ """Show worktree cleanup statistics."""
+ worktrees = manager.get_worktree_info()
+ registered = manager.get_registered_worktrees()
+ # Use resolved paths for consistent comparison (handles macOS symlinks)
+ registered_resolved = {p.resolve() for p in registered}
+
+ # Get current policy values (may be overridden by env vars)
+ max_age_days = _get_max_age_days()
+ max_worktrees = _get_max_pr_worktrees()
+
+ total = len(worktrees)
+ orphaned = sum(
+ 1 for wt in worktrees if wt.path.resolve() not in registered_resolved
+ )
+ expired = sum(1 for wt in worktrees if wt.age_days > max_age_days)
+ excess = max(0, total - max_worktrees)
+
+ print("\nPR Worktree Statistics:")
+ print(f" Total worktrees: {total}")
+ print(f" Registered with git: {len(registered)}")
+ print(f" Orphaned (not in git): {orphaned}")
+ print(f" Expired (>{max_age_days} days): {expired}")
+ print(f" Excess (>{max_worktrees} limit): {excess}")
+ print()
+ print("Cleanup Policies:")
+ print(f" Max age: {max_age_days} days")
+ print(f" Max count: {max_worktrees} worktrees")
+ print()
+
+
+def cleanup_worktrees(manager: PRWorktreeManager, force: bool = False) -> None:
+ """Run cleanup policies on worktrees."""
+ print("\nRunning PR worktree cleanup...")
+ if force:
+ print("WARNING: Force cleanup - removing ALL worktrees!")
+ count = manager.cleanup_all_worktrees()
+ print(f"Removed {count} worktrees.")
+ else:
+ stats = manager.cleanup_worktrees()
+ if stats["total"] == 0:
+ print("No worktrees needed cleanup.")
+ else:
+ print("\nCleanup complete:")
+ print(f" Orphaned removed: {stats['orphaned']}")
+ print(f" Expired removed: {stats['expired']}")
+ print(f" Excess removed: {stats['excess']}")
+ print(f" Total removed: {stats['total']}")
+ print()
+
+
+def main():
+ parser = argparse.ArgumentParser(
+ description="Manage PR review worktrees",
+ formatter_class=argparse.RawDescriptionHelpFormatter,
+ epilog="""
+Examples:
+ python cleanup_pr_worktrees.py --list
+ python cleanup_pr_worktrees.py --cleanup
+ python cleanup_pr_worktrees.py --stats
+ python cleanup_pr_worktrees.py --cleanup-all
+
+Environment variables:
+ MAX_PR_WORKTREES=10 # Max number of worktrees to keep
+ PR_WORKTREE_MAX_AGE_DAYS=7 # Max age in days before cleanup
+ """,
+ )
+
+ parser.add_argument(
+ "--list", action="store_true", help="List all PR review worktrees"
+ )
+
+ parser.add_argument(
+ "--cleanup",
+ action="store_true",
+ help="Run cleanup policies (remove orphaned, expired, and excess worktrees)",
+ )
+
+ parser.add_argument(
+ "--cleanup-all",
+ action="store_true",
+ help="Remove ALL PR review worktrees (dangerous!)",
+ )
+
+ parser.add_argument("--stats", action="store_true", help="Show cleanup statistics")
+
+ parser.add_argument(
+ "--project-dir",
+ type=Path,
+ help="Project directory (default: auto-detect git root)",
+ )
+
+ args = parser.parse_args()
+
+ # Require at least one action
+ if not any([args.list, args.cleanup, args.cleanup_all, args.stats]):
+ parser.print_help()
+ return 1
+
+ try:
+ # Find project directory
+ if args.project_dir:
+ project_dir = args.project_dir
+ else:
+ project_dir = find_project_root()
+
+ print(f"Project directory: {project_dir}")
+
+ # Create manager
+ manager = PRWorktreeManager(
+ project_dir=project_dir, worktree_dir=".auto-claude/github/pr/worktrees"
+ )
+
+ # Execute actions
+ if args.stats:
+ show_stats(manager)
+
+ if args.list:
+ list_worktrees(manager)
+
+ if args.cleanup:
+ cleanup_worktrees(manager, force=False)
+
+ if args.cleanup_all:
+ response = input(
+ "This will remove ALL PR worktrees. Are you sure? (yes/no): "
+ )
+ if response.lower() == "yes":
+ cleanup_worktrees(manager, force=True)
+ else:
+ print("Aborted.")
+
+ return 0
+
+ except Exception as e:
+ print(f"Error: {e}", file=sys.stderr)
+ return 1
+
+
+if __name__ == "__main__":
+ sys.exit(main())
diff --git a/apps/backend/runners/github/confidence.py b/apps/backend/runners/github/confidence.py
index 0e21b211eb..70557b922c 100644
--- a/apps/backend/runners/github/confidence.py
+++ b/apps/backend/runners/github/confidence.py
@@ -1,16 +1,18 @@
"""
-Review Confidence Scoring
-=========================
+DEPRECATED: Review Confidence Scoring
+=====================================
-Adds confidence scores to review findings to help users prioritize.
+This module is DEPRECATED and will be removed in a future version.
-Features:
-- Confidence scoring based on pattern matching, historical accuracy
-- Risk assessment (false positive likelihood)
-- Evidence tracking for transparency
-- Calibration based on outcome tracking
+The confidence scoring approach has been replaced with EVIDENCE-BASED VALIDATION:
+- Instead of assigning confidence scores (0-100), findings now require concrete
+ code evidence proving the issue exists.
+- Simple rule: If you can't show the actual problematic code, don't report it.
+- Validation is binary: either the evidence exists in the file or it doesn't.
-Usage:
+For new code, use evidence-based validation in pydantic_models.py and models.py instead.
+
+Legacy Usage (deprecated):
scorer = ConfidenceScorer(learning_tracker=tracker)
# Score a finding
@@ -20,10 +22,24 @@
# Get explanation
print(scorer.explain_confidence(scored))
+
+Migration:
+ - Instead of `confidence: float`, use `evidence: str` with actual code snippets
+ - Instead of filtering by confidence threshold, verify evidence exists in file
+ - See pr_finding_validator.md for the new evidence-based approach
"""
from __future__ import annotations
+import warnings
+
+warnings.warn(
+ "The confidence module is deprecated. Use evidence-based validation instead. "
+ "See models.py 'evidence' field and pr_finding_validator.md for the new approach.",
+ DeprecationWarning,
+ stacklevel=2,
+)
+
from dataclasses import dataclass, field
from enum import Enum
from typing import Any
diff --git a/apps/backend/runners/github/context_gatherer.py b/apps/backend/runners/github/context_gatherer.py
index 0ce48bf5ea..9a3c551261 100644
--- a/apps/backend/runners/github/context_gatherer.py
+++ b/apps/backend/runners/github/context_gatherer.py
@@ -204,6 +204,11 @@ class PRContext:
# Commit SHAs for worktree creation (PR review isolation)
head_sha: str = "" # Commit SHA of PR head (headRefOid)
base_sha: str = "" # Commit SHA of PR base (baseRefOid)
+ # Merge conflict status
+ has_merge_conflicts: bool = False # True if PR has conflicts with base branch
+ merge_state_status: str = (
+ "" # BEHIND, BLOCKED, CLEAN, DIRTY, HAS_HOOKS, UNKNOWN, UNSTABLE
+ )
class PRContextGatherer:
@@ -276,6 +281,17 @@ async def gather(self) -> PRContext:
# Check if diff was truncated (empty diff but files were changed)
diff_truncated = len(diff) == 0 and len(changed_files) > 0
+ # Check merge conflict status
+ mergeable = pr_data.get("mergeable", "UNKNOWN")
+ merge_state_status = pr_data.get("mergeStateStatus", "UNKNOWN")
+ has_merge_conflicts = mergeable == "CONFLICTING"
+
+ if has_merge_conflicts:
+ print(
+ f"[Context] ⚠️ PR has merge conflicts (mergeStateStatus: {merge_state_status})",
+ flush=True,
+ )
+
return PRContext(
pr_number=self.pr_number,
title=pr_data["title"],
@@ -296,6 +312,8 @@ async def gather(self) -> PRContext:
diff_truncated=diff_truncated,
head_sha=pr_data.get("headRefOid", ""),
base_sha=pr_data.get("baseRefOid", ""),
+ has_merge_conflicts=has_merge_conflicts,
+ merge_state_status=merge_state_status,
)
async def _fetch_pr_metadata(self) -> dict:
@@ -317,6 +335,8 @@ async def _fetch_pr_metadata(self) -> dict:
"deletions",
"changedFiles",
"labels",
+ "mergeable", # MERGEABLE, CONFLICTING, or UNKNOWN
+ "mergeStateStatus", # BEHIND, BLOCKED, CLEAN, DIRTY, HAS_HOOKS, UNKNOWN, UNSTABLE
],
)
@@ -1036,28 +1056,56 @@ async def gather(self) -> FollowupReviewContext:
f"[Followup] Comparing {previous_sha[:8]}...{current_sha[:8]}", flush=True
)
- # Get commit comparison
+ # Get PR-scoped files and commits (excludes merge-introduced changes)
+ # This solves the problem where merging develop into a feature branch
+ # would include commits from other PRs in the follow-up review.
+ # Pass reviewed_file_blobs for rebase-resistant comparison
+ reviewed_file_blobs = getattr(self.previous_review, "reviewed_file_blobs", {})
try:
- comparison = await self.gh_client.compare_commits(previous_sha, current_sha)
- except Exception as e:
- print(f"[Followup] Error comparing commits: {e}", flush=True)
- return FollowupReviewContext(
- pr_number=self.pr_number,
- previous_review=self.previous_review,
- previous_commit_sha=previous_sha,
- current_commit_sha=current_sha,
- error=f"Failed to compare commits: {e}",
+ pr_files, new_commits = await self.gh_client.get_pr_files_changed_since(
+ self.pr_number, previous_sha, reviewed_file_blobs=reviewed_file_blobs
)
+ print(
+ f"[Followup] PR has {len(pr_files)} files, "
+ f"{len(new_commits)} commits since last review"
+ + (" (blob comparison used)" if reviewed_file_blobs else ""),
+ flush=True,
+ )
+ except Exception as e:
+ print(f"[Followup] Error getting PR files/commits: {e}", flush=True)
+ # Fallback to compare_commits if PR endpoints fail
+ print("[Followup] Falling back to commit comparison...", flush=True)
+ try:
+ comparison = await self.gh_client.compare_commits(
+ previous_sha, current_sha
+ )
+ new_commits = comparison.get("commits", [])
+ pr_files = comparison.get("files", [])
+ print(
+ f"[Followup] Fallback: Found {len(new_commits)} commits, "
+ f"{len(pr_files)} files (may include merge-introduced changes)",
+ flush=True,
+ )
+ except Exception as e2:
+ print(f"[Followup] Fallback also failed: {e2}", flush=True)
+ return FollowupReviewContext(
+ pr_number=self.pr_number,
+ previous_review=self.previous_review,
+ previous_commit_sha=previous_sha,
+ current_commit_sha=current_sha,
+ error=f"Failed to get PR context: {e}, fallback: {e2}",
+ )
- # Extract data from comparison
- commits = comparison.get("commits", [])
- files = comparison.get("files", [])
+ # Use PR files as the canonical list (excludes files from merged branches)
+ commits = new_commits
+ files = pr_files
print(
f"[Followup] Found {len(commits)} new commits, {len(files)} changed files",
flush=True,
)
# Build diff from file patches
+ # Note: PR files endpoint returns 'filename' key, compare returns 'filename' too
diff_parts = []
files_changed = []
for file_info in files:
@@ -1139,6 +1187,26 @@ async def gather(self) -> FollowupReviewContext:
flush=True,
)
+ # Fetch current merge conflict status
+ has_merge_conflicts = False
+ merge_state_status = "UNKNOWN"
+ try:
+ pr_status = await self.gh_client.pr_get(
+ self.pr_number,
+ json_fields=["mergeable", "mergeStateStatus"],
+ )
+ mergeable = pr_status.get("mergeable", "UNKNOWN")
+ merge_state_status = pr_status.get("mergeStateStatus", "UNKNOWN")
+ has_merge_conflicts = mergeable == "CONFLICTING"
+
+ if has_merge_conflicts:
+ print(
+ f"[Followup] ⚠️ PR has merge conflicts (mergeStateStatus: {merge_state_status})",
+ flush=True,
+ )
+ except Exception as e:
+ print(f"[Followup] Could not fetch merge status: {e}", flush=True)
+
return FollowupReviewContext(
pr_number=self.pr_number,
previous_review=self.previous_review,
@@ -1151,4 +1219,6 @@ async def gather(self) -> FollowupReviewContext:
+ contributor_reviews,
ai_bot_comments_since_review=ai_comments,
pr_reviews_since_review=pr_reviews,
+ has_merge_conflicts=has_merge_conflicts,
+ merge_state_status=merge_state_status,
)
diff --git a/apps/backend/runners/github/gh_client.py b/apps/backend/runners/github/gh_client.py
index 942aefa2b4..4ade5f913b 100644
--- a/apps/backend/runners/github/gh_client.py
+++ b/apps/backend/runners/github/gh_client.py
@@ -822,14 +822,17 @@ async def get_pr_checks(self, pr_number: int) -> dict[str, Any]:
Returns:
Dict with:
- - checks: List of check runs with name, status, conclusion
+ - checks: List of check runs with name, state
- passing: Number of passing checks
- failing: Number of failing checks
- pending: Number of pending checks
- failed_checks: List of failed check names
"""
try:
- args = ["pr", "checks", str(pr_number), "--json", "name,state,conclusion"]
+ # Note: gh pr checks --json only supports: bucket, completedAt, description,
+ # event, link, name, startedAt, state, workflow
+ # The 'state' field directly contains the result (SUCCESS, FAILURE, PENDING, etc.)
+ args = ["pr", "checks", str(pr_number), "--json", "name,state"]
args = self._add_repo_flag(args)
result = await self.run(args, timeout=30.0)
@@ -842,15 +845,14 @@ async def get_pr_checks(self, pr_number: int) -> dict[str, Any]:
for check in checks:
state = check.get("state", "").upper()
- conclusion = check.get("conclusion", "").upper()
name = check.get("name", "Unknown")
- if state == "COMPLETED":
- if conclusion in ("SUCCESS", "NEUTRAL", "SKIPPED"):
- passing += 1
- elif conclusion in ("FAILURE", "TIMED_OUT", "CANCELLED"):
- failing += 1
- failed_checks.append(name)
+ # gh pr checks 'state' directly contains: SUCCESS, FAILURE, PENDING, NEUTRAL, etc.
+ if state in ("SUCCESS", "NEUTRAL", "SKIPPED"):
+ passing += 1
+ elif state in ("FAILURE", "TIMED_OUT", "CANCELLED", "STARTUP_FAILURE"):
+ failing += 1
+ failed_checks.append(name)
else:
# PENDING, QUEUED, IN_PROGRESS, etc.
pending += 1
@@ -872,3 +874,336 @@ async def get_pr_checks(self, pr_number: int) -> dict[str, Any]:
"failed_checks": [],
"error": str(e),
}
+
+ async def get_workflows_awaiting_approval(self, pr_number: int) -> dict[str, Any]:
+ """
+ Get workflow runs awaiting approval for a PR from a fork.
+
+ Workflows from forked repositories require manual approval before running.
+ These are NOT included in `gh pr checks` and must be queried separately.
+
+ Args:
+ pr_number: PR number
+
+ Returns:
+ Dict with:
+ - awaiting_approval: Number of workflows waiting for approval
+ - workflow_runs: List of workflow runs with id, name, html_url
+ - can_approve: Whether this token can approve workflows
+ """
+ try:
+ # First, get the PR's head SHA to filter workflow runs
+ pr_args = ["pr", "view", str(pr_number), "--json", "headRefOid"]
+ pr_args = self._add_repo_flag(pr_args)
+ pr_result = await self.run(pr_args, timeout=30.0)
+ pr_data = json.loads(pr_result.stdout) if pr_result.stdout.strip() else {}
+ head_sha = pr_data.get("headRefOid", "")
+
+ if not head_sha:
+ return {
+ "awaiting_approval": 0,
+ "workflow_runs": [],
+ "can_approve": False,
+ }
+
+ # Query workflow runs with action_required status
+ # Note: We need to use the API endpoint as gh CLI doesn't have direct support
+ endpoint = (
+ "repos/{owner}/{repo}/actions/runs?status=action_required&per_page=100"
+ )
+ args = ["api", "--method", "GET", endpoint]
+
+ result = await self.run(args, timeout=30.0)
+ data = json.loads(result.stdout) if result.stdout.strip() else {}
+ all_runs = data.get("workflow_runs", [])
+
+ # Filter to only runs for this PR's head SHA
+ pr_runs = [
+ {
+ "id": run.get("id"),
+ "name": run.get("name"),
+ "html_url": run.get("html_url"),
+ "workflow_name": run.get("workflow", {}).get("name", "Unknown"),
+ }
+ for run in all_runs
+ if run.get("head_sha") == head_sha
+ ]
+
+ return {
+ "awaiting_approval": len(pr_runs),
+ "workflow_runs": pr_runs,
+ "can_approve": True, # Assume token has permission, will fail if not
+ }
+ except (GHCommandError, GHTimeoutError, json.JSONDecodeError) as e:
+ logger.warning(
+ f"Failed to get workflows awaiting approval for #{pr_number}: {e}"
+ )
+ return {
+ "awaiting_approval": 0,
+ "workflow_runs": [],
+ "can_approve": False,
+ "error": str(e),
+ }
+
+ async def approve_workflow_run(self, run_id: int) -> bool:
+ """
+ Approve a workflow run that's waiting for approval (from a fork).
+
+ Args:
+ run_id: The workflow run ID to approve
+
+ Returns:
+ True if approval succeeded, False otherwise
+ """
+ try:
+ endpoint = f"repos/{{owner}}/{{repo}}/actions/runs/{run_id}/approve"
+ args = ["api", "--method", "POST", endpoint]
+
+ await self.run(args, timeout=30.0)
+ logger.info(f"Approved workflow run {run_id}")
+ return True
+ except (GHCommandError, GHTimeoutError) as e:
+ logger.warning(f"Failed to approve workflow run {run_id}: {e}")
+ return False
+
+ async def get_pr_checks_comprehensive(self, pr_number: int) -> dict[str, Any]:
+ """
+ Get comprehensive CI status including workflows awaiting approval.
+
+ This combines:
+ - Standard check runs from `gh pr checks`
+ - Workflows awaiting approval (for fork PRs)
+
+ Args:
+ pr_number: PR number
+
+ Returns:
+ Dict with all check information including awaiting_approval count
+ """
+ # Get standard checks
+ checks = await self.get_pr_checks(pr_number)
+
+ # Get workflows awaiting approval
+ awaiting = await self.get_workflows_awaiting_approval(pr_number)
+
+ # Merge the results
+ checks["awaiting_approval"] = awaiting.get("awaiting_approval", 0)
+ checks["awaiting_workflow_runs"] = awaiting.get("workflow_runs", [])
+
+ # Update pending count to include awaiting approval
+ checks["pending"] = checks.get("pending", 0) + awaiting.get(
+ "awaiting_approval", 0
+ )
+
+ return checks
+
+ async def get_pr_files(self, pr_number: int) -> list[dict[str, Any]]:
+ """
+ Get files changed by a PR using the PR files endpoint.
+
+ IMPORTANT: This returns only files that are part of the PR's actual changes,
+ NOT files that came in from merging another branch (e.g., develop).
+ This is crucial for follow-up reviews to avoid reviewing code from other PRs.
+
+ Uses: GET /repos/{owner}/{repo}/pulls/{pr_number}/files
+
+ Args:
+ pr_number: PR number
+
+ Returns:
+ List of file objects with:
+ - filename: Path to the file
+ - status: added, removed, modified, renamed, copied, changed
+ - additions: Number of lines added
+ - deletions: Number of lines deleted
+ - changes: Total number of line changes
+ - patch: The unified diff patch for this file (may be absent for large files)
+ """
+ files = []
+ page = 1
+ per_page = 100
+
+ while True:
+ endpoint = f"repos/{{owner}}/{{repo}}/pulls/{pr_number}/files?page={page}&per_page={per_page}"
+ args = ["api", "--method", "GET", endpoint]
+
+ result = await self.run(args, timeout=60.0)
+ page_files = json.loads(result.stdout) if result.stdout.strip() else []
+
+ if not page_files:
+ break
+
+ files.extend(page_files)
+
+ # Check if we got a full page (more pages might exist)
+ if len(page_files) < per_page:
+ break
+
+ page += 1
+
+ # Safety limit to prevent infinite loops
+ if page > 50:
+ logger.warning(
+ f"PR #{pr_number} has more than 5000 files, stopping pagination"
+ )
+ break
+
+ return files
+
+ async def get_pr_commits(self, pr_number: int) -> list[dict[str, Any]]:
+ """
+ Get commits that are part of a PR using the PR commits endpoint.
+
+ IMPORTANT: This returns only commits that are part of the PR's branch,
+ NOT commits that came in from merging another branch (e.g., develop).
+ This is crucial for follow-up reviews to avoid reviewing commits from other PRs.
+
+ Uses: GET /repos/{owner}/{repo}/pulls/{pr_number}/commits
+
+ Args:
+ pr_number: PR number
+
+ Returns:
+ List of commit objects with:
+ - sha: Commit SHA
+ - commit: Object with message, author, committer info
+ - author: GitHub user who authored the commit
+ - committer: GitHub user who committed
+ - parents: List of parent commit SHAs
+ """
+ commits = []
+ page = 1
+ per_page = 100
+
+ while True:
+ endpoint = f"repos/{{owner}}/{{repo}}/pulls/{pr_number}/commits?page={page}&per_page={per_page}"
+ args = ["api", "--method", "GET", endpoint]
+
+ result = await self.run(args, timeout=60.0)
+ page_commits = json.loads(result.stdout) if result.stdout.strip() else []
+
+ if not page_commits:
+ break
+
+ commits.extend(page_commits)
+
+ # Check if we got a full page (more pages might exist)
+ if len(page_commits) < per_page:
+ break
+
+ page += 1
+
+ # Safety limit
+ if page > 10:
+ logger.warning(
+ f"PR #{pr_number} has more than 1000 commits, stopping pagination"
+ )
+ break
+
+ return commits
+
+ async def get_pr_files_changed_since(
+ self,
+ pr_number: int,
+ base_sha: str,
+ reviewed_file_blobs: dict[str, str] | None = None,
+ ) -> tuple[list[dict[str, Any]], list[dict[str, Any]]]:
+ """
+ Get files and commits that are part of the PR and changed since a specific commit.
+
+ This method solves the "merge introduced commits" problem by:
+ 1. Getting the canonical list of PR files (excludes files from merged branches)
+ 2. Getting the canonical list of PR commits (excludes commits from merged branches)
+ 3. Filtering to only include commits after base_sha
+
+ When a rebase/force-push is detected (base_sha not found in commits), and
+ reviewed_file_blobs is provided, uses blob SHA comparison to identify which
+ files actually changed content. This prevents re-reviewing unchanged files.
+
+ Args:
+ pr_number: PR number
+ base_sha: The commit SHA to compare from (e.g., last reviewed commit)
+ reviewed_file_blobs: Optional dict mapping filename -> blob SHA from the
+ previous review. Used as fallback when base_sha is not found (rebase).
+
+ Returns:
+ Tuple of:
+ - List of file objects that are part of the PR (filtered if blob comparison used)
+ - List of commit objects that are part of the PR and after base_sha.
+ NOTE: Returns empty list if rebase/force-push detected, since commit SHAs
+ are rewritten and we cannot determine which commits are truly "new".
+ """
+ # Get PR's canonical files (these are the actual PR changes)
+ pr_files = await self.get_pr_files(pr_number)
+
+ # Get PR's canonical commits
+ pr_commits = await self.get_pr_commits(pr_number)
+
+ # Find the position of base_sha in PR commits
+ # Use minimum 7-char prefix comparison (git's default short SHA length)
+ base_index = -1
+ min_prefix_len = 7
+ base_prefix = (
+ base_sha[:min_prefix_len] if len(base_sha) >= min_prefix_len else base_sha
+ )
+ for i, commit in enumerate(pr_commits):
+ commit_prefix = commit["sha"][:min_prefix_len]
+ if commit_prefix == base_prefix:
+ base_index = i
+ break
+
+ # Commits after base_sha (these are the new commits to review)
+ if base_index >= 0:
+ new_commits = pr_commits[base_index + 1 :]
+ return pr_files, new_commits
+
+ # base_sha not found in PR commits - this happens when:
+ # 1. The base_sha was from a merge commit (not a direct PR commit)
+ # 2. The PR was rebased/force-pushed
+ logger.warning(
+ f"base_sha {base_sha[:8]} not found in PR #{pr_number} commits. "
+ "PR was likely rebased or force-pushed."
+ )
+
+ # If we have blob SHAs from the previous review, use them to filter files
+ # Blob SHAs persist across rebases - same content = same blob SHA
+ if reviewed_file_blobs: # Only use blob comparison if we have actual blob data
+ changed_files = []
+ unchanged_count = 0
+ for file in pr_files:
+ filename = file.get("filename", "")
+ current_blob_sha = file.get("sha", "")
+ file_status = file.get("status", "")
+ previous_blob_sha = reviewed_file_blobs.get(filename, "")
+
+ # Always include files that were added, removed, or renamed
+ # These are significant changes regardless of blob SHA
+ if file_status in ("added", "removed", "renamed"):
+ changed_files.append(file)
+ elif not previous_blob_sha:
+ # File wasn't in previous review - include it
+ changed_files.append(file)
+ elif current_blob_sha != previous_blob_sha:
+ # File content changed - include it
+ changed_files.append(file)
+ else:
+ # Same blob SHA = same content - skip it
+ unchanged_count += 1
+
+ if unchanged_count > 0:
+ logger.info(
+ f"Blob comparison: {len(changed_files)} files changed, "
+ f"{unchanged_count} unchanged (skipped)"
+ )
+
+ # Return filtered files but empty commits list (can't determine "new" commits after rebase)
+ # After a rebase, all commit SHAs are rewritten so we can't identify which are truly new.
+ # The file changes via blob comparison are the reliable source of what changed.
+ return changed_files, []
+
+ # No blob data available - return all files but empty commits (can't determine new commits)
+ logger.warning(
+ "No reviewed_file_blobs available for blob comparison after rebase. "
+ "Returning all PR files with empty commits list."
+ )
+ return pr_files, []
diff --git a/apps/backend/runners/github/models.py b/apps/backend/runners/github/models.py
index cb7dbe22e9..d4c4a90cf2 100644
--- a/apps/backend/runners/github/models.py
+++ b/apps/backend/runners/github/models.py
@@ -65,6 +65,17 @@ class MergeVerdict(str, Enum):
BLOCKED = "blocked" # Critical issues, cannot merge
+# Constants for branch-behind messaging (DRY - used across multiple reviewers)
+BRANCH_BEHIND_BLOCKER_MSG = (
+ "Branch Out of Date: PR branch is behind the base branch and needs to be updated"
+)
+BRANCH_BEHIND_REASONING = (
+ "Branch is out of date with base branch. Update branch first - "
+ "if no conflicts arise, you can merge. If merge conflicts arise, "
+ "resolve them and run follow-up review again."
+)
+
+
class AICommentVerdict(str, Enum):
"""Verdict on AI tool comments (CodeRabbit, Cursor, Greptile, etc.)."""
@@ -214,19 +225,18 @@ class PRReviewFinding:
end_line: int | None = None
suggested_fix: str | None = None
fixable: bool = False
- # NEW: Support for verification and redundancy detection
- confidence: float = 0.85 # AI's confidence in this finding (0.0-1.0)
+ # Evidence-based validation: actual code proving the issue exists
+ evidence: str | None = None # Actual code snippet showing the issue
verification_note: str | None = (
None # What evidence is missing or couldn't be verified
)
redundant_with: str | None = None # Reference to duplicate code (file:line)
- # NEW: Finding validation fields (from finding-validator re-investigation)
+ # Finding validation fields (from finding-validator re-investigation)
validation_status: str | None = (
None # confirmed_valid, dismissed_false_positive, needs_human_review
)
validation_evidence: str | None = None # Code snippet examined during validation
- validation_confidence: float | None = None # Confidence of validation (0.0-1.0)
validation_explanation: str | None = None # Why finding was validated/dismissed
def to_dict(self) -> dict:
@@ -241,14 +251,13 @@ def to_dict(self) -> dict:
"end_line": self.end_line,
"suggested_fix": self.suggested_fix,
"fixable": self.fixable,
- # NEW fields
- "confidence": self.confidence,
+ # Evidence-based validation fields
+ "evidence": self.evidence,
"verification_note": self.verification_note,
"redundant_with": self.redundant_with,
# Validation fields
"validation_status": self.validation_status,
"validation_evidence": self.validation_evidence,
- "validation_confidence": self.validation_confidence,
"validation_explanation": self.validation_explanation,
}
@@ -265,14 +274,13 @@ def from_dict(cls, data: dict) -> PRReviewFinding:
end_line=data.get("end_line"),
suggested_fix=data.get("suggested_fix"),
fixable=data.get("fixable", False),
- # NEW fields
- confidence=data.get("confidence", 0.85),
+ # Evidence-based validation fields
+ evidence=data.get("evidence"),
verification_note=data.get("verification_note"),
redundant_with=data.get("redundant_with"),
# Validation fields
validation_status=data.get("validation_status"),
validation_evidence=data.get("validation_evidence"),
- validation_confidence=data.get("validation_confidence"),
validation_explanation=data.get("validation_explanation"),
)
@@ -383,6 +391,9 @@ class PRReviewResult:
# Follow-up review tracking
reviewed_commit_sha: str | None = None # HEAD SHA at time of review
+ reviewed_file_blobs: dict[str, str] = field(
+ default_factory=dict
+ ) # filename → blob SHA at time of review (survives rebases)
is_followup_review: bool = False # True if this is a follow-up review
previous_review_id: int | None = None # Reference to the review this follows up on
resolved_findings: list[str] = field(default_factory=list) # Finding IDs now fixed
@@ -421,6 +432,7 @@ def to_dict(self) -> dict:
"quick_scan_summary": self.quick_scan_summary,
# Follow-up review fields
"reviewed_commit_sha": self.reviewed_commit_sha,
+ "reviewed_file_blobs": self.reviewed_file_blobs,
"is_followup_review": self.is_followup_review,
"previous_review_id": self.previous_review_id,
"resolved_findings": self.resolved_findings,
@@ -465,6 +477,7 @@ def from_dict(cls, data: dict) -> PRReviewResult:
quick_scan_summary=data.get("quick_scan_summary", {}),
# Follow-up review fields
reviewed_commit_sha=data.get("reviewed_commit_sha"),
+ reviewed_file_blobs=data.get("reviewed_file_blobs", {}),
is_followup_review=data.get("is_followup_review", False),
previous_review_id=data.get("previous_review_id"),
resolved_findings=data.get("resolved_findings", []),
@@ -562,6 +575,16 @@ class FollowupReviewContext:
# These are different from comments - they're full review submissions with body text
pr_reviews_since_review: list[dict] = field(default_factory=list)
+ # Merge conflict status
+ has_merge_conflicts: bool = False # True if PR has conflicts with base branch
+ merge_state_status: str = (
+ "" # BEHIND, BLOCKED, CLEAN, DIRTY, HAS_HOOKS, UNKNOWN, UNSTABLE
+ )
+
+ # CI status - passed to AI orchestrator so it can factor into verdict
+ # Dict with: passing, failing, pending, failed_checks, awaiting_approval
+ ci_status: dict = field(default_factory=dict)
+
# Error flag - if set, context gathering failed and data may be incomplete
error: str | None = None
diff --git a/apps/backend/runners/github/orchestrator.py b/apps/backend/runners/github/orchestrator.py
index 0cfb078efe..22d3e144f6 100644
--- a/apps/backend/runners/github/orchestrator.py
+++ b/apps/backend/runners/github/orchestrator.py
@@ -24,6 +24,8 @@
from .context_gatherer import PRContext, PRContextGatherer
from .gh_client import GHClient
from .models import (
+ BRANCH_BEHIND_BLOCKER_MSG,
+ BRANCH_BEHIND_REASONING,
AICommentTriage,
AICommentVerdict,
AutoFixState,
@@ -50,6 +52,8 @@
from context_gatherer import PRContext, PRContextGatherer
from gh_client import GHClient
from models import (
+ BRANCH_BEHIND_BLOCKER_MSG,
+ BRANCH_BEHIND_REASONING,
AICommentTriage,
AICommentVerdict,
AutoFixState,
@@ -389,17 +393,38 @@ async def review_pr(
pr_number=pr_number,
)
- # Check CI status
- ci_status = await self.gh_client.get_pr_checks(pr_number)
+ # Check CI status (comprehensive - includes workflows awaiting approval)
+ ci_status = await self.gh_client.get_pr_checks_comprehensive(pr_number)
+
+ # Log CI status with awaiting approval info
+ awaiting = ci_status.get("awaiting_approval", 0)
+ pending_without_awaiting = ci_status.get("pending", 0) - awaiting
+ ci_log_parts = [
+ f"{ci_status.get('passing', 0)} passing",
+ f"{ci_status.get('failing', 0)} failing",
+ ]
+ if pending_without_awaiting > 0:
+ ci_log_parts.append(f"{pending_without_awaiting} pending")
+ if awaiting > 0:
+ ci_log_parts.append(f"{awaiting} awaiting approval")
print(
- f"[DEBUG orchestrator] CI status: {ci_status.get('passing', 0)} passing, "
- f"{ci_status.get('failing', 0)} failing, {ci_status.get('pending', 0)} pending",
+ f"[orchestrator] CI status: {', '.join(ci_log_parts)}",
flush=True,
)
+ if awaiting > 0:
+ print(
+ f"[orchestrator] ⚠️ {awaiting} workflow(s) from fork need maintainer approval to run",
+ flush=True,
+ )
- # Generate verdict (now includes CI status)
+ # Generate verdict (includes CI status and merge conflict check)
verdict, verdict_reasoning, blockers = self._generate_verdict(
- findings, structural_issues, ai_triages, ci_status
+ findings,
+ structural_issues,
+ ai_triages,
+ ci_status,
+ has_merge_conflicts=pr_context.has_merge_conflicts,
+ merge_state_status=pr_context.merge_state_status,
)
print(
f"[DEBUG orchestrator] Verdict: {verdict.value} - {verdict_reasoning}",
@@ -430,11 +455,31 @@ async def review_pr(
structural_issues=structural_issues,
ai_triages=ai_triages,
risk_assessment=risk_assessment,
+ ci_status=ci_status,
)
# Get HEAD SHA for follow-up review tracking
head_sha = self.bot_detector.get_last_commit_sha(pr_context.commits)
+ # Get file blob SHAs for rebase-resistant follow-up reviews
+ # Blob SHAs persist across rebases - same content = same blob SHA
+ file_blobs: dict[str, str] = {}
+ try:
+ pr_files = await self.gh_client.get_pr_files(pr_number)
+ for file in pr_files:
+ filename = file.get("filename", "")
+ blob_sha = file.get("sha", "")
+ if filename and blob_sha:
+ file_blobs[filename] = blob_sha
+ print(
+ f"[Review] Captured {len(file_blobs)} file blob SHAs for follow-up tracking",
+ flush=True,
+ )
+ except Exception as e:
+ print(
+ f"[Review] Warning: Could not capture file blobs: {e}", flush=True
+ )
+
# Create result
result = PRReviewResult(
pr_number=pr_number,
@@ -452,6 +497,8 @@ async def review_pr(
quick_scan_summary=quick_scan,
# Track the commit SHA for follow-up reviews
reviewed_commit_sha=head_sha,
+ # Track file blobs for rebase-resistant follow-up reviews
+ reviewed_file_blobs=file_blobs,
)
# Post review if configured
@@ -479,6 +526,9 @@ async def review_pr(
# Save result
await result.save(self.github_dir)
+ # Note: PR review memory is now saved by the Electron app after the review completes
+ # This ensures memory is saved to the embedded LadybugDB managed by the app
+
# Mark as reviewed (head_sha already fetched above)
if head_sha:
self.bot_detector.mark_reviewed(pr_number, head_sha)
@@ -594,19 +644,29 @@ async def followup_review_pr(self, pr_number: int) -> PRReviewResult:
await result.save(self.github_dir)
return result
- # Check if there are new commits
- if not followup_context.commits_since_review:
+ # Check if there are changes to review (commits OR files via blob comparison)
+ # After a rebase/force-push, commits_since_review will be empty (commit
+ # SHAs are rewritten), but files_changed_since_review will contain files
+ # that actually changed content based on blob SHA comparison.
+ has_commits = bool(followup_context.commits_since_review)
+ has_file_changes = bool(followup_context.files_changed_since_review)
+
+ if not has_commits and not has_file_changes:
+ base_sha = previous_review.reviewed_commit_sha[:8]
print(
- f"[Followup] No new commits since last review at {previous_review.reviewed_commit_sha[:8]}",
+ f"[Followup] No changes since last review at {base_sha}",
flush=True,
)
# Return a result indicating no changes
+ no_change_summary = (
+ "No new commits since last review. Previous findings still apply."
+ )
result = PRReviewResult(
pr_number=pr_number,
repo=self.config.repo,
success=True,
findings=previous_review.findings,
- summary="No new commits since last review. Previous findings still apply.",
+ summary=no_change_summary,
overall_status=previous_review.overall_status,
verdict=previous_review.verdict,
verdict_reasoning="No changes since last review.",
@@ -618,13 +678,26 @@ async def followup_review_pr(self, pr_number: int) -> PRReviewResult:
await result.save(self.github_dir)
return result
+ # Build progress message based on what changed
+ if has_commits:
+ num_commits = len(followup_context.commits_since_review)
+ change_desc = f"{num_commits} new commits"
+ else:
+ # Rebase detected - files changed but no trackable commits
+ num_files = len(followup_context.files_changed_since_review)
+ change_desc = f"{num_files} files (rebase detected)"
+
self._report_progress(
"analyzing",
30,
- f"Analyzing {len(followup_context.commits_since_review)} new commits...",
+ f"Analyzing {change_desc}...",
pr_number=pr_number,
)
+ # Fetch CI status BEFORE calling reviewer so AI can factor it into verdict
+ ci_status = await self.gh_client.get_pr_checks_comprehensive(pr_number)
+ followup_context.ci_status = ci_status
+
# Use parallel orchestrator for follow-up if enabled
if self.config.use_parallel_orchestrator:
print(
@@ -669,9 +742,9 @@ async def followup_review_pr(self, pr_number: int) -> PRReviewResult:
)
result = await reviewer.review_followup(followup_context)
- # Check CI status and override verdict if failing
- ci_status = await self.gh_client.get_pr_checks(pr_number)
- failed_checks = ci_status.get("failed_checks", [])
+ # Fallback: ensure CI failures block merge even if AI didn't factor it in
+ # (CI status was already passed to AI via followup_context.ci_status)
+ failed_checks = followup_context.ci_status.get("failed_checks", [])
if failed_checks:
print(
f"[Followup] CI checks failing: {failed_checks}",
@@ -703,6 +776,9 @@ async def followup_review_pr(self, pr_number: int) -> PRReviewResult:
# Save result
await result.save(self.github_dir)
+ # Note: PR review memory is now saved by the Electron app after the review completes
+ # This ensures memory is saved to the embedded LadybugDB managed by the app
+
# Mark as reviewed with new commit SHA
if result.reviewed_commit_sha:
self.bot_detector.mark_reviewed(pr_number, result.reviewed_commit_sha)
@@ -730,15 +806,33 @@ def _generate_verdict(
structural_issues: list[StructuralIssue],
ai_triages: list[AICommentTriage],
ci_status: dict | None = None,
+ has_merge_conflicts: bool = False,
+ merge_state_status: str = "",
) -> tuple[MergeVerdict, str, list[str]]:
"""
- Generate merge verdict based on all findings and CI status.
+ Generate merge verdict based on all findings, CI status, and merge conflicts.
+
+ Blocks on:
+ - Merge conflicts (must be resolved before merging)
+ - Verification failures
+ - Redundancy issues
+ - Failing CI checks
- NEW: Strengthened to block on verification failures, redundancy issues,
- and failing CI checks.
+ Warns on (NEEDS_REVISION):
+ - Branch behind base (out of date)
"""
blockers = []
ci_status = ci_status or {}
+ is_branch_behind = merge_state_status == "BEHIND"
+
+ # CRITICAL: Merge conflicts block merging - check first
+ if has_merge_conflicts:
+ blockers.append(
+ "Merge Conflicts: PR has conflicts with base branch that must be resolved"
+ )
+ # Branch behind base is a warning, not a hard blocker
+ elif is_branch_behind:
+ blockers.append(BRANCH_BEHIND_BLOCKER_MSG)
# Count by severity
critical = [f for f in findings if f.severity == ReviewSeverity.CRITICAL]
@@ -780,6 +874,13 @@ def _generate_verdict(
for check_name in failed_checks:
blockers.append(f"CI Failed: {check_name}")
+ # Workflows awaiting approval block merging (fork PRs)
+ awaiting_approval = ci_status.get("awaiting_approval", 0)
+ if awaiting_approval > 0:
+ blockers.append(
+ f"Workflows Pending: {awaiting_approval} workflow(s) awaiting maintainer approval"
+ )
+
# NEW: Verification failures block merging
for f in verification_failures:
note = f" - {f.verification_note}" if f.verification_note else ""
@@ -812,15 +913,29 @@ def _generate_verdict(
)
blockers.append(f"{t.tool_name}: {summary}")
- # Determine verdict with CI, verification and redundancy checks
+ # Determine verdict with merge conflicts, CI, verification and redundancy checks
if blockers:
+ # Merge conflicts are the highest priority blocker
+ if has_merge_conflicts:
+ verdict = MergeVerdict.BLOCKED
+ reasoning = (
+ "Blocked: PR has merge conflicts with base branch. "
+ "Resolve conflicts before merge."
+ )
# CI failures are always blockers
- if failed_checks:
+ elif failed_checks:
verdict = MergeVerdict.BLOCKED
reasoning = (
f"Blocked: {len(failed_checks)} CI check(s) failing. "
"Fix CI before merge."
)
+ # Workflows awaiting approval block merging
+ elif awaiting_approval > 0:
+ verdict = MergeVerdict.BLOCKED
+ reasoning = (
+ f"Blocked: {awaiting_approval} workflow(s) awaiting approval. "
+ "Approve workflows on GitHub to run CI checks."
+ )
# NEW: Prioritize verification failures
elif verification_failures:
verdict = MergeVerdict.BLOCKED
@@ -842,6 +957,12 @@ def _generate_verdict(
elif len(critical) > 0:
verdict = MergeVerdict.BLOCKED
reasoning = f"Blocked by {len(critical)} critical issues"
+ # Branch behind is a soft blocker - NEEDS_REVISION, not BLOCKED
+ elif is_branch_behind:
+ verdict = MergeVerdict.NEEDS_REVISION
+ reasoning = BRANCH_BEHIND_REASONING
+ if low:
+ reasoning += f" {len(low)} non-blocking suggestion(s) to consider."
else:
verdict = MergeVerdict.NEEDS_REVISION
reasoning = f"{len(blockers)} issues must be addressed"
@@ -925,6 +1046,7 @@ def _generate_enhanced_summary(
structural_issues: list[StructuralIssue],
ai_triages: list[AICommentTriage],
risk_assessment: dict,
+ ci_status: dict | None = None,
) -> str:
"""Generate enhanced summary with verdict, risk, and actionable next steps."""
verdict_emoji = {
@@ -934,8 +1056,19 @@ def _generate_enhanced_summary(
MergeVerdict.BLOCKED: "🔴",
}
+ # Generate bottom line for quick scanning
+ bottom_line = self._generate_bottom_line(
+ verdict=verdict,
+ ci_status=ci_status,
+ blockers=blockers,
+ findings=findings,
+ )
+
lines = [
f"### Merge Verdict: {verdict_emoji.get(verdict, '⚪')} {verdict.value.upper().replace('_', ' ')}",
+ "",
+ f"> {bottom_line}",
+ "",
verdict_reasoning,
"",
"### Risk Assessment",
@@ -1002,6 +1135,70 @@ def _generate_enhanced_summary(
return "\n".join(lines)
+ def _generate_bottom_line(
+ self,
+ verdict: MergeVerdict,
+ ci_status: dict | None,
+ blockers: list[str],
+ findings: list[PRReviewFinding],
+ ) -> str:
+ """Generate a one-line summary for quick scanning at the top of the review."""
+ # Check CI status
+ ci = ci_status or {}
+ pending_ci = ci.get("pending", 0)
+ failing_ci = ci.get("failing", 0)
+ awaiting_approval = ci.get("awaiting_approval", 0)
+
+ # Count blocking findings and issues
+ blocking_findings = [
+ f for f in findings if f.severity.value in ("critical", "high", "medium")
+ ]
+ code_blockers = [
+ b for b in blockers if "CI" not in b and "Merge Conflict" not in b
+ ]
+ has_merge_conflicts = any("Merge Conflict" in b for b in blockers)
+
+ # Determine the bottom line based on verdict and context
+ if verdict == MergeVerdict.READY_TO_MERGE:
+ return (
+ "**✅ Ready to merge** - All checks passing, no blocking issues found."
+ )
+
+ elif verdict == MergeVerdict.BLOCKED:
+ if has_merge_conflicts:
+ return "**🔴 Blocked** - Merge conflicts must be resolved before merge."
+ elif failing_ci > 0:
+ return f"**🔴 Blocked** - {failing_ci} CI check(s) failing. Fix CI before merge."
+ elif awaiting_approval > 0:
+ return "**🔴 Blocked** - Awaiting maintainer approval for fork PR workflow."
+ elif blocking_findings:
+ return f"**🔴 Blocked** - {len(blocking_findings)} critical/high/medium issue(s) must be fixed."
+ else:
+ return "**🔴 Blocked** - Critical issues must be resolved before merge."
+
+ elif verdict == MergeVerdict.NEEDS_REVISION:
+ # Key insight: distinguish "waiting on CI" from "needs code fixes"
+ # Check code issues FIRST before checking pending CI
+ if blocking_findings:
+ return f"**🟠 Needs revision** - {len(blocking_findings)} issue(s) require attention."
+ elif code_blockers:
+ return f"**🟠 Needs revision** - {len(code_blockers)} structural/other issue(s) require attention."
+ elif pending_ci > 0:
+ # Only show "Ready once CI passes" when no code issues exist
+ return f"**⏳ Ready once CI passes** - {pending_ci} check(s) pending, no blocking code issues."
+ else:
+ return "**🟠 Needs revision** - See details below."
+
+ elif verdict == MergeVerdict.MERGE_WITH_CHANGES:
+ if pending_ci > 0:
+ return (
+ "**🟡 Can merge once CI passes** - Minor suggestions, no blockers."
+ )
+ else:
+ return "**🟡 Can merge** - Minor suggestions noted, no blockers."
+
+ return "**📝 Review complete** - See details below."
+
def _format_review_body(self, result: PRReviewResult) -> str:
"""Format the review body for posting to GitHub."""
return result.summary
diff --git a/apps/backend/runners/github/runner.py b/apps/backend/runners/github/runner.py
index 669030e46f..b3934cdc93 100644
--- a/apps/backend/runners/github/runner.py
+++ b/apps/backend/runners/github/runner.py
@@ -56,8 +56,10 @@
# Add backend to path
sys.path.insert(0, str(Path(__file__).parent.parent.parent))
-# Load .env file
-from dotenv import load_dotenv
+# Load .env file with centralized error handling
+from cli.utils import import_dotenv
+
+load_dotenv = import_dotenv()
env_file = Path(__file__).parent.parent.parent / ".env"
if env_file.exists():
diff --git a/apps/backend/runners/github/services/followup_reviewer.py b/apps/backend/runners/github/services/followup_reviewer.py
index 8b8a24181d..5c1c8bbca0 100644
--- a/apps/backend/runners/github/services/followup_reviewer.py
+++ b/apps/backend/runners/github/services/followup_reviewer.py
@@ -26,6 +26,7 @@
from ..models import FollowupReviewContext, GitHubRunnerConfig
try:
+ from ..gh_client import GHClient
from ..models import (
MergeVerdict,
PRReviewFinding,
@@ -37,6 +38,7 @@
from .prompt_manager import PromptManager
from .pydantic_models import FollowupReviewResponse
except (ImportError, ValueError, SystemError):
+ from gh_client import GHClient
from models import (
MergeVerdict,
PRReviewFinding,
@@ -230,6 +232,27 @@ async def review_followup(
"complete", 100, "Follow-up review complete!", context.pr_number
)
+ # Get file blob SHAs for rebase-resistant follow-up reviews
+ # Blob SHAs persist across rebases - same content = same blob SHA
+ file_blobs: dict[str, str] = {}
+ try:
+ gh_client = GHClient(
+ project_dir=self.project_dir,
+ default_timeout=30.0,
+ repo=self.config.repo,
+ )
+ pr_files = await gh_client.get_pr_files(context.pr_number)
+ for file in pr_files:
+ filename = file.get("filename", "")
+ blob_sha = file.get("sha", "")
+ if filename and blob_sha:
+ file_blobs[filename] = blob_sha
+ logger.info(
+ f"Captured {len(file_blobs)} file blob SHAs for follow-up tracking"
+ )
+ except Exception as e:
+ logger.warning(f"Could not capture file blobs: {e}")
+
return PRReviewResult(
pr_number=context.pr_number,
repo=self.config.repo,
@@ -243,6 +266,7 @@ async def review_followup(
reviewed_at=datetime.now().isoformat(),
# Follow-up specific fields
reviewed_commit_sha=context.current_commit_sha,
+ reviewed_file_blobs=file_blobs,
is_followup_review=True,
previous_review_id=context.previous_review.review_id,
resolved_findings=[f.id for f in resolved],
diff --git a/apps/backend/runners/github/services/parallel_followup_reviewer.py b/apps/backend/runners/github/services/parallel_followup_reviewer.py
index fb7a04365b..bbc23a1c8c 100644
--- a/apps/backend/runners/github/services/parallel_followup_reviewer.py
+++ b/apps/backend/runners/github/services/parallel_followup_reviewer.py
@@ -32,7 +32,11 @@
try:
from ...core.client import create_client
from ...phase_config import get_thinking_budget
+ from ..context_gatherer import _validate_git_ref
+ from ..gh_client import GHClient
from ..models import (
+ BRANCH_BEHIND_BLOCKER_MSG,
+ BRANCH_BEHIND_REASONING,
GitHubRunnerConfig,
MergeVerdict,
PRReviewFinding,
@@ -40,11 +44,16 @@
ReviewSeverity,
)
from .category_utils import map_category
+ from .pr_worktree_manager import PRWorktreeManager
from .pydantic_models import ParallelFollowupResponse
from .sdk_utils import process_sdk_stream
except (ImportError, ValueError, SystemError):
+ from context_gatherer import _validate_git_ref
from core.client import create_client
+ from gh_client import GHClient
from models import (
+ BRANCH_BEHIND_BLOCKER_MSG,
+ BRANCH_BEHIND_REASONING,
GitHubRunnerConfig,
MergeVerdict,
PRReviewFinding,
@@ -53,6 +62,7 @@
)
from phase_config import get_thinking_budget
from services.category_utils import map_category
+ from services.pr_worktree_manager import PRWorktreeManager
from services.pydantic_models import ParallelFollowupResponse
from services.sdk_utils import process_sdk_stream
@@ -62,6 +72,9 @@
# Check if debug mode is enabled
DEBUG_MODE = os.environ.get("DEBUG", "").lower() in ("true", "1", "yes")
+# Directory for PR review worktrees (shared with initial reviewer)
+PR_WORKTREE_DIR = ".auto-claude/github/pr/worktrees"
+
# Severity mapping for AI responses
_SEVERITY_MAPPING = {
"critical": ReviewSeverity.CRITICAL,
@@ -106,6 +119,7 @@ def __init__(
self.github_dir = Path(github_dir)
self.config = config
self.progress_callback = progress_callback
+ self.worktree_manager = PRWorktreeManager(project_dir, PR_WORKTREE_DIR)
def _report_progress(self, phase: str, progress: int, message: str, **kwargs):
"""Report progress if callback is set."""
@@ -136,6 +150,37 @@ def _load_prompt(self, filename: str) -> str:
logger.warning(f"Prompt file not found: {prompt_file}")
return ""
+ def _create_pr_worktree(self, head_sha: str, pr_number: int) -> Path:
+ """Create a temporary worktree at the PR head commit.
+
+ Args:
+ head_sha: The commit SHA of the PR head (validated before use)
+ pr_number: The PR number for naming
+
+ Returns:
+ Path to the created worktree
+
+ Raises:
+ RuntimeError: If worktree creation fails
+ ValueError: If head_sha fails validation (command injection prevention)
+ """
+ # SECURITY: Validate git ref before use in subprocess calls
+ if not _validate_git_ref(head_sha):
+ raise ValueError(
+ f"Invalid git ref: '{head_sha}'. "
+ "Must contain only alphanumeric characters, dots, slashes, underscores, and hyphens."
+ )
+
+ return self.worktree_manager.create_worktree(head_sha, pr_number)
+
+ def _cleanup_pr_worktree(self, worktree_path: Path) -> None:
+ """Remove a temporary PR review worktree with fallback chain.
+
+ Args:
+ worktree_path: Path to the worktree to remove
+ """
+ self.worktree_manager.remove_worktree(worktree_path)
+
def _define_specialist_agents(self) -> dict[str, AgentDefinition]:
"""
Define specialist agents for follow-up review.
@@ -265,6 +310,44 @@ def _format_ai_reviews(self, context: FollowupReviewContext) -> str:
return "\n\n---\n\n".join(ai_content)
+ def _format_ci_status(self, context: FollowupReviewContext) -> str:
+ """Format CI status for the prompt."""
+ ci_status = context.ci_status
+ if not ci_status:
+ return "CI status not available."
+
+ passing = ci_status.get("passing", 0)
+ failing = ci_status.get("failing", 0)
+ pending = ci_status.get("pending", 0)
+ failed_checks = ci_status.get("failed_checks", [])
+ awaiting_approval = ci_status.get("awaiting_approval", 0)
+
+ lines = []
+
+ # Overall status
+ if failing > 0:
+ lines.append(f"⚠️ **{failing} CI check(s) FAILING** - PR cannot be merged")
+ elif pending > 0:
+ lines.append(f"⏳ **{pending} CI check(s) pending** - Wait for completion")
+ elif passing > 0:
+ lines.append(f"✅ **All {passing} CI check(s) passing**")
+ else:
+ lines.append("No CI checks configured")
+
+ # List failed checks
+ if failed_checks:
+ lines.append("\n**Failed checks:**")
+ for check in failed_checks:
+ lines.append(f" - ❌ {check}")
+
+ # Awaiting approval (fork PRs)
+ if awaiting_approval > 0:
+ lines.append(
+ f"\n⏸️ **{awaiting_approval} workflow(s) awaiting maintainer approval** (fork PR)"
+ )
+
+ return "\n".join(lines)
+
def _build_orchestrator_prompt(self, context: FollowupReviewContext) -> str:
"""Build full prompt for orchestrator with follow-up context."""
# Load orchestrator prompt
@@ -277,6 +360,7 @@ def _build_orchestrator_prompt(self, context: FollowupReviewContext) -> str:
commits = self._format_commits(context)
contributor_comments = self._format_comments(context)
ai_reviews = self._format_ai_reviews(context)
+ ci_status = self._format_ci_status(context)
# Truncate diff if too long
MAX_DIFF_CHARS = 100_000
@@ -295,6 +379,9 @@ def _build_orchestrator_prompt(self, context: FollowupReviewContext) -> str:
**New Commits:** {len(context.commits_since_review)}
**Files Changed:** {len(context.files_changed_since_review)}
+### CI Status (CRITICAL - Must Factor Into Verdict)
+{ci_status}
+
### Previous Review Summary
{context.previous_review.summary[:500] if context.previous_review.summary else "No summary available."}
@@ -323,6 +410,7 @@ def _build_orchestrator_prompt(self, context: FollowupReviewContext) -> str:
Now analyze this follow-up and delegate to the appropriate specialist agents.
Remember: YOU decide which agents to invoke based on YOUR analysis.
The SDK will run invoked agents in parallel automatically.
+**CRITICAL: Your verdict MUST account for CI status. Failing CI = BLOCKED verdict.**
"""
return base_prompt + followup_context
@@ -341,6 +429,9 @@ async def review(self, context: FollowupReviewContext) -> PRReviewResult:
f"[ParallelFollowup] Starting follow-up review for PR #{context.pr_number}"
)
+ # Track worktree for cleanup
+ worktree_path: Path | None = None
+
try:
self._report_progress(
"orchestrating",
@@ -352,13 +443,48 @@ async def review(self, context: FollowupReviewContext) -> PRReviewResult:
# Build orchestrator prompt
prompt = self._build_orchestrator_prompt(context)
- # Get project root
+ # Get project root - default to local checkout
project_root = (
self.project_dir.parent.parent
if self.project_dir.name == "backend"
else self.project_dir
)
+ # Create temporary worktree at PR head commit for isolated review
+ # This ensures agents read from the correct PR state, not the current checkout
+ head_sha = context.current_commit_sha
+ if head_sha and _validate_git_ref(head_sha):
+ try:
+ if DEBUG_MODE:
+ print(
+ f"[Followup] DEBUG: Creating worktree for head_sha={head_sha}",
+ flush=True,
+ )
+ worktree_path = self._create_pr_worktree(
+ head_sha, context.pr_number
+ )
+ project_root = worktree_path
+ print(
+ f"[Followup] Using worktree at {worktree_path.name} for PR review",
+ flush=True,
+ )
+ except Exception as e:
+ if DEBUG_MODE:
+ print(
+ f"[Followup] DEBUG: Worktree creation FAILED: {e}",
+ flush=True,
+ )
+ logger.warning(
+ f"[ParallelFollowup] Worktree creation failed, "
+ f"falling back to local checkout: {e}"
+ )
+ # Fallback to original behavior if worktree creation fails
+ else:
+ logger.warning(
+ f"[ParallelFollowup] Invalid or missing head_sha '{head_sha}', "
+ "using local checkout"
+ )
+
# Use model and thinking level from config (user settings)
model = self.config.model or "claude-sonnet-4-5-20250929"
thinking_level = self.config.thinking_level or "medium"
@@ -459,15 +585,60 @@ async def review(self, context: FollowupReviewContext) -> PRReviewResult:
f"{len(resolved_ids)} resolved, {len(unresolved_ids)} unresolved"
)
+ # Generate blockers from critical/high/medium severity findings
+ # (Medium also blocks merge in our strict quality gates approach)
+ blockers = []
+
+ # CRITICAL: Merge conflicts block merging - check FIRST before summary generation
+ # This must happen before _generate_summary so the summary reflects merge conflict status
+ if context.has_merge_conflicts:
+ blockers.append(
+ "Merge Conflicts: PR has conflicts with base branch that must be resolved"
+ )
+ # Override verdict to BLOCKED if merge conflicts exist
+ verdict = MergeVerdict.BLOCKED
+ verdict_reasoning = (
+ "Blocked: PR has merge conflicts with base branch. "
+ "Resolve conflicts before merge."
+ )
+ print(
+ "[ParallelFollowup] ⚠️ PR has merge conflicts - blocking merge",
+ flush=True,
+ )
+ # Check if branch is behind base (out of date) - warning, not hard blocker
+ elif context.merge_state_status == "BEHIND":
+ blockers.append(BRANCH_BEHIND_BLOCKER_MSG)
+ # Use NEEDS_REVISION since potential conflicts are unknown until branch is updated
+ # Must handle both READY_TO_MERGE and MERGE_WITH_CHANGES verdicts
+ if verdict in (
+ MergeVerdict.READY_TO_MERGE,
+ MergeVerdict.MERGE_WITH_CHANGES,
+ ):
+ verdict = MergeVerdict.NEEDS_REVISION
+ verdict_reasoning = BRANCH_BEHIND_REASONING
+ print(
+ "[ParallelFollowup] ⚠️ PR branch is behind base - needs update",
+ flush=True,
+ )
+
+ for finding in unique_findings:
+ if finding.severity in (
+ ReviewSeverity.CRITICAL,
+ ReviewSeverity.HIGH,
+ ReviewSeverity.MEDIUM,
+ ):
+ blockers.append(f"{finding.category.value}: {finding.title}")
+
# Extract validation counts
dismissed_count = len(result_data.get("dismissed_false_positive_ids", []))
confirmed_count = result_data.get("confirmed_valid_count", 0)
needs_human_count = result_data.get("needs_human_review_count", 0)
- # Generate summary
+ # Generate summary (AFTER merge conflict check so it reflects correct verdict)
summary = self._generate_summary(
verdict=verdict,
verdict_reasoning=verdict_reasoning,
+ blockers=blockers,
resolved_count=len(resolved_ids),
unresolved_count=len(unresolved_ids),
new_count=len(new_finding_ids),
@@ -475,6 +646,7 @@ async def review(self, context: FollowupReviewContext) -> PRReviewResult:
dismissed_false_positive_count=dismissed_count,
confirmed_valid_count=confirmed_count,
needs_human_review_count=needs_human_count,
+ ci_status=context.ci_status,
)
# Map verdict to overall_status
@@ -487,16 +659,26 @@ async def review(self, context: FollowupReviewContext) -> PRReviewResult:
else:
overall_status = "approve"
- # Generate blockers from critical/high/medium severity findings
- # (Medium also blocks merge in our strict quality gates approach)
- blockers = []
- for finding in unique_findings:
- if finding.severity in (
- ReviewSeverity.CRITICAL,
- ReviewSeverity.HIGH,
- ReviewSeverity.MEDIUM,
- ):
- blockers.append(f"{finding.category.value}: {finding.title}")
+ # Get file blob SHAs for rebase-resistant follow-up reviews
+ # Blob SHAs persist across rebases - same content = same blob SHA
+ file_blobs: dict[str, str] = {}
+ try:
+ gh_client = GHClient(
+ project_dir=self.project_dir,
+ default_timeout=30.0,
+ repo=self.config.repo,
+ )
+ pr_files = await gh_client.get_pr_files(context.pr_number)
+ for file in pr_files:
+ filename = file.get("filename", "")
+ blob_sha = file.get("sha", "")
+ if filename and blob_sha:
+ file_blobs[filename] = blob_sha
+ logger.info(
+ f"Captured {len(file_blobs)} file blob SHAs for follow-up tracking"
+ )
+ except Exception as e:
+ logger.warning(f"Could not capture file blobs: {e}")
result = PRReviewResult(
pr_number=context.pr_number,
@@ -509,6 +691,7 @@ async def review(self, context: FollowupReviewContext) -> PRReviewResult:
verdict_reasoning=verdict_reasoning,
blockers=blockers,
reviewed_commit_sha=context.current_commit_sha,
+ reviewed_file_blobs=file_blobs,
is_followup_review=True,
previous_review_id=context.previous_review.review_id
or context.previous_review.pr_number,
@@ -543,6 +726,10 @@ async def review(self, context: FollowupReviewContext) -> PRReviewResult:
is_followup_review=True,
reviewed_commit_sha=context.current_commit_sha,
)
+ finally:
+ # Always cleanup worktree, even on error
+ if worktree_path:
+ self._cleanup_pr_worktree(worktree_path)
def _parse_structured_output(
self, data: dict, context: FollowupReviewContext
@@ -614,13 +801,11 @@ def _parse_structured_output(
validation = validation_map.get(rv.finding_id)
validation_status = None
validation_evidence = None
- validation_confidence = None
validation_explanation = None
if validation:
validation_status = validation.validation_status
validation_evidence = validation.code_evidence
- validation_confidence = validation.confidence
validation_explanation = validation.explanation
findings.append(
@@ -636,7 +821,6 @@ def _parse_structured_output(
fixable=original.fixable,
validation_status=validation_status,
validation_evidence=validation_evidence,
- validation_confidence=validation_confidence,
validation_explanation=validation_explanation,
)
)
@@ -805,6 +989,7 @@ def _generate_summary(
self,
verdict: MergeVerdict,
verdict_reasoning: str,
+ blockers: list[str],
resolved_count: int,
unresolved_count: int,
new_count: int,
@@ -812,13 +997,15 @@ def _generate_summary(
dismissed_false_positive_count: int = 0,
confirmed_valid_count: int = 0,
needs_human_review_count: int = 0,
+ ci_status: dict | None = None,
) -> str:
"""Generate a human-readable summary of the follow-up review."""
+ # Use same emojis as orchestrator.py for consistency
status_emoji = {
MergeVerdict.READY_TO_MERGE: "✅",
- MergeVerdict.MERGE_WITH_CHANGES: "⚠️",
- MergeVerdict.NEEDS_REVISION: "🔄",
- MergeVerdict.BLOCKED: "🚫",
+ MergeVerdict.MERGE_WITH_CHANGES: "🟡",
+ MergeVerdict.NEEDS_REVISION: "🟠",
+ MergeVerdict.BLOCKED: "🔴",
}
emoji = status_emoji.get(verdict, "📝")
@@ -826,6 +1013,15 @@ def _generate_summary(
", ".join(agents_invoked) if agents_invoked else "orchestrator only"
)
+ # Generate a prominent bottom-line summary for quick scanning
+ bottom_line = self._generate_bottom_line(
+ verdict=verdict,
+ ci_status=ci_status,
+ unresolved_count=unresolved_count,
+ new_count=new_count,
+ blockers=blockers,
+ )
+
# Build validation section if there are validation results
validation_section = ""
if (
@@ -838,15 +1034,26 @@ def _generate_summary(
- 🔍 **Dismissed as False Positives**: {dismissed_false_positive_count} findings were re-investigated and found to be incorrect
- ✓ **Confirmed Valid**: {confirmed_valid_count} findings verified as genuine issues
- 👤 **Needs Human Review**: {needs_human_review_count} findings require manual verification
+"""
+
+ # Build blockers section if there are any blockers
+ blockers_section = ""
+ if blockers:
+ blockers_list = "\n".join(f"- {b}" for b in blockers)
+ blockers_section = f"""
+### 🚨 Blocking Issues
+{blockers_list}
"""
summary = f"""## {emoji} Follow-up Review: {verdict.value.replace("_", " ").title()}
+> {bottom_line}
+
### Resolution Status
- ✅ **Resolved**: {resolved_count} previous findings addressed
- ❌ **Unresolved**: {unresolved_count} previous findings remain
- 🆕 **New Issues**: {new_count} new findings in recent changes
-{validation_section}
+{validation_section}{blockers_section}
### Verdict
{verdict_reasoning}
@@ -857,3 +1064,65 @@ def _generate_summary(
*This is an AI-generated follow-up review using parallel specialist analysis with finding validation.*
"""
return summary
+
+ def _generate_bottom_line(
+ self,
+ verdict: MergeVerdict,
+ ci_status: dict | None,
+ unresolved_count: int,
+ new_count: int,
+ blockers: list[str],
+ ) -> str:
+ """Generate a one-line summary for quick scanning at the top of the review."""
+ # Check CI status
+ ci = ci_status or {}
+ pending_ci = ci.get("pending", 0)
+ failing_ci = ci.get("failing", 0)
+ awaiting_approval = ci.get("awaiting_approval", 0)
+
+ # Count blocking issues (excluding CI-related ones)
+ code_blockers = [
+ b for b in blockers if "CI" not in b and "Merge Conflict" not in b
+ ]
+ has_merge_conflicts = any("Merge Conflict" in b for b in blockers)
+
+ # Determine the bottom line based on verdict and context
+ if verdict == MergeVerdict.READY_TO_MERGE:
+ return "**✅ Ready to merge** - All checks passing and findings addressed."
+
+ elif verdict == MergeVerdict.BLOCKED:
+ if has_merge_conflicts:
+ return "**🔴 Blocked** - Merge conflicts must be resolved before merge."
+ elif failing_ci > 0:
+ return f"**🔴 Blocked** - {failing_ci} CI check(s) failing. Fix CI before merge."
+ elif awaiting_approval > 0:
+ return "**🔴 Blocked** - Awaiting maintainer approval for fork PR workflow."
+ elif code_blockers:
+ return f"**🔴 Blocked** - {len(code_blockers)} blocking issue(s) require fixes."
+ else:
+ return "**🔴 Blocked** - Critical issues must be resolved before merge."
+
+ elif verdict == MergeVerdict.NEEDS_REVISION:
+ # Key insight: distinguish "waiting on CI" from "needs code fixes"
+ # Check code issues FIRST before checking pending CI
+ if unresolved_count > 0:
+ return f"**🟠 Needs revision** - {unresolved_count} unresolved finding(s) from previous review."
+ elif code_blockers:
+ return f"**🟠 Needs revision** - {len(code_blockers)} blocking issue(s) require fixes."
+ elif new_count > 0:
+ return f"**🟠 Needs revision** - {new_count} new issue(s) found in recent changes."
+ elif pending_ci > 0:
+ # Only show "Ready once CI passes" when no code issues exist
+ return f"**⏳ Ready once CI passes** - {pending_ci} check(s) pending, all findings addressed."
+ else:
+ return "**🟠 Needs revision** - See details below."
+
+ elif verdict == MergeVerdict.MERGE_WITH_CHANGES:
+ if pending_ci > 0:
+ return (
+ "**🟡 Can merge once CI passes** - Minor suggestions, no blockers."
+ )
+ else:
+ return "**🟡 Can merge** - Minor suggestions noted, no blockers."
+
+ return "**📝 Review complete** - See details below."
diff --git a/apps/backend/runners/github/services/parallel_orchestrator_reviewer.py b/apps/backend/runners/github/services/parallel_orchestrator_reviewer.py
index 7b7fe00c54..254f5087fd 100644
--- a/apps/backend/runners/github/services/parallel_orchestrator_reviewer.py
+++ b/apps/backend/runners/github/services/parallel_orchestrator_reviewer.py
@@ -20,9 +20,6 @@
import hashlib
import logging
import os
-import shutil
-import subprocess
-import uuid
from pathlib import Path
from typing import Any
@@ -32,7 +29,10 @@
from ...core.client import create_client
from ...phase_config import get_thinking_budget
from ..context_gatherer import PRContext, _validate_git_ref
+ from ..gh_client import GHClient
from ..models import (
+ BRANCH_BEHIND_BLOCKER_MSG,
+ BRANCH_BEHIND_REASONING,
GitHubRunnerConfig,
MergeVerdict,
PRReviewFinding,
@@ -40,12 +40,16 @@
ReviewSeverity,
)
from .category_utils import map_category
+ from .pr_worktree_manager import PRWorktreeManager
from .pydantic_models import ParallelOrchestratorResponse
from .sdk_utils import process_sdk_stream
except (ImportError, ValueError, SystemError):
from context_gatherer import PRContext, _validate_git_ref
from core.client import create_client
+ from gh_client import GHClient
from models import (
+ BRANCH_BEHIND_BLOCKER_MSG,
+ BRANCH_BEHIND_REASONING,
GitHubRunnerConfig,
MergeVerdict,
PRReviewFinding,
@@ -54,6 +58,7 @@
)
from phase_config import get_thinking_budget
from services.category_utils import map_category
+ from services.pr_worktree_manager import PRWorktreeManager
from services.pydantic_models import ParallelOrchestratorResponse
from services.sdk_utils import process_sdk_stream
@@ -92,6 +97,7 @@ def __init__(
self.github_dir = Path(github_dir)
self.config = config
self.progress_callback = progress_callback
+ self.worktree_manager = PRWorktreeManager(project_dir, PR_WORKTREE_DIR)
def _report_progress(self, phase: str, progress: int, message: str, **kwargs):
"""Report progress if callback is set."""
@@ -143,78 +149,7 @@ def _create_pr_worktree(self, head_sha: str, pr_number: int) -> Path:
"Must contain only alphanumeric characters, dots, slashes, underscores, and hyphens."
)
- worktree_name = f"pr-{pr_number}-{uuid.uuid4().hex[:8]}"
- worktree_dir = self.project_dir / PR_WORKTREE_DIR
-
- if DEBUG_MODE:
- print(f"[PRReview] DEBUG: project_dir={self.project_dir}", flush=True)
- print(f"[PRReview] DEBUG: worktree_dir={worktree_dir}", flush=True)
- print(f"[PRReview] DEBUG: head_sha={head_sha}", flush=True)
-
- worktree_dir.mkdir(parents=True, exist_ok=True)
- worktree_path = worktree_dir / worktree_name
-
- if DEBUG_MODE:
- print(f"[PRReview] DEBUG: worktree_path={worktree_path}", flush=True)
- print(
- f"[PRReview] DEBUG: worktree_dir exists={worktree_dir.exists()}",
- flush=True,
- )
-
- # Fetch the commit if not available locally (handles fork PRs)
- fetch_result = subprocess.run(
- ["git", "fetch", "origin", head_sha],
- cwd=self.project_dir,
- capture_output=True,
- text=True,
- timeout=60,
- )
- if DEBUG_MODE:
- print(
- f"[PRReview] DEBUG: fetch returncode={fetch_result.returncode}",
- flush=True,
- )
- if fetch_result.stderr:
- print(
- f"[PRReview] DEBUG: fetch stderr={fetch_result.stderr[:200]}",
- flush=True,
- )
-
- # Create detached worktree at the PR commit
- result = subprocess.run(
- ["git", "worktree", "add", "--detach", str(worktree_path), head_sha],
- cwd=self.project_dir,
- capture_output=True,
- text=True,
- timeout=120, # Worktree add can be slow for large repos
- )
-
- if DEBUG_MODE:
- print(
- f"[PRReview] DEBUG: worktree add returncode={result.returncode}",
- flush=True,
- )
- if result.stderr:
- print(
- f"[PRReview] DEBUG: worktree add stderr={result.stderr[:200]}",
- flush=True,
- )
- if result.stdout:
- print(
- f"[PRReview] DEBUG: worktree add stdout={result.stdout[:200]}",
- flush=True,
- )
-
- if result.returncode != 0:
- raise RuntimeError(f"Failed to create worktree: {result.stderr}")
-
- if DEBUG_MODE:
- print(
- f"[PRReview] DEBUG: worktree created, exists={worktree_path.exists()}",
- flush=True,
- )
- logger.info(f"[PRReview] Created worktree at {worktree_path}")
- return worktree_path
+ return self.worktree_manager.create_worktree(head_sha, pr_number)
def _cleanup_pr_worktree(self, worktree_path: Path) -> None:
"""Remove a temporary PR review worktree with fallback chain.
@@ -222,100 +157,16 @@ def _cleanup_pr_worktree(self, worktree_path: Path) -> None:
Args:
worktree_path: Path to the worktree to remove
"""
- if DEBUG_MODE:
- print(
- f"[PRReview] DEBUG: _cleanup_pr_worktree called with {worktree_path}",
- flush=True,
- )
-
- if not worktree_path or not worktree_path.exists():
- if DEBUG_MODE:
- print(
- "[PRReview] DEBUG: worktree path doesn't exist, skipping cleanup",
- flush=True,
- )
- return
-
- if DEBUG_MODE:
- print(
- f"[PRReview] DEBUG: Attempting to remove worktree at {worktree_path}",
- flush=True,
- )
-
- # Try 1: git worktree remove
- result = subprocess.run(
- ["git", "worktree", "remove", "--force", str(worktree_path)],
- cwd=self.project_dir,
- capture_output=True,
- text=True,
- timeout=30,
- )
-
- if DEBUG_MODE:
- print(
- f"[PRReview] DEBUG: worktree remove returncode={result.returncode}",
- flush=True,
- )
-
- if result.returncode == 0:
- logger.info(f"[PRReview] Cleaned up worktree: {worktree_path.name}")
- return
-
- # Try 2: shutil.rmtree fallback
- try:
- shutil.rmtree(worktree_path, ignore_errors=True)
- subprocess.run(
- ["git", "worktree", "prune"],
- cwd=self.project_dir,
- capture_output=True,
- timeout=30,
- )
- logger.warning(f"[PRReview] Used shutil fallback for: {worktree_path.name}")
- except Exception as e:
- logger.error(f"[PRReview] Failed to cleanup worktree {worktree_path}: {e}")
+ self.worktree_manager.remove_worktree(worktree_path)
def _cleanup_stale_pr_worktrees(self) -> None:
- """Clean up orphaned PR review worktrees on startup."""
- worktree_dir = self.project_dir / PR_WORKTREE_DIR
- if not worktree_dir.exists():
- return
-
- # Get registered worktrees from git
- result = subprocess.run(
- ["git", "worktree", "list", "--porcelain"],
- cwd=self.project_dir,
- capture_output=True,
- text=True,
- timeout=30,
- )
- registered = set()
- for line in result.stdout.split("\n"):
- if line.startswith("worktree "):
- # Safely parse - check bounds to prevent IndexError
- parts = line.split(" ", 1)
- if len(parts) > 1 and parts[1]:
- registered.add(Path(parts[1]))
-
- # Remove unregistered directories
- stale_count = 0
- for item in worktree_dir.iterdir():
- if item.is_dir() and item not in registered:
- logger.info(f"[PRReview] Removing stale worktree: {item.name}")
- shutil.rmtree(item, ignore_errors=True)
- stale_count += 1
-
- if stale_count > 0:
- subprocess.run(
- ["git", "worktree", "prune"],
- cwd=self.project_dir,
- capture_output=True,
- timeout=30,
+ """Clean up orphaned, expired, and excess PR review worktrees on startup."""
+ stats = self.worktree_manager.cleanup_worktrees()
+ if stats["total"] > 0:
+ logger.info(
+ f"[PRReview] Cleanup: removed {stats['total']} worktrees "
+ f"(orphaned={stats['orphaned']}, expired={stats['expired']}, excess={stats['excess']})"
)
- if DEBUG_MODE:
- print(
- f"[PRReview] DEBUG: Cleaned up {stale_count} stale worktree(s)",
- flush=True,
- )
def _define_specialist_agents(self) -> dict[str, AgentDefinition]:
"""
@@ -584,7 +435,7 @@ def _create_finding_from_structured(self, finding_data: Any) -> PRReviewFinding:
category=category,
severity=severity,
suggested_fix=finding_data.suggested_fix or "",
- confidence=self._normalize_confidence(finding_data.confidence),
+ evidence=finding_data.evidence,
)
async def review(self, context: PRContext) -> PRReviewResult:
@@ -769,9 +620,11 @@ async def review(self, context: PRContext) -> PRReviewResult:
f"[ParallelOrchestrator] Review complete: {len(unique_findings)} findings"
)
- # Generate verdict
+ # Generate verdict (includes merge conflict check and branch-behind check)
verdict, verdict_reasoning, blockers = self._generate_verdict(
- unique_findings
+ unique_findings,
+ has_merge_conflicts=context.has_merge_conflicts,
+ merge_state_status=context.merge_state_status,
)
# Generate summary
@@ -799,6 +652,27 @@ async def review(self, context: PRContext) -> PRReviewResult:
latest_commit = context.commits[-1]
head_sha = latest_commit.get("oid") or latest_commit.get("sha")
+ # Get file blob SHAs for rebase-resistant follow-up reviews
+ # Blob SHAs persist across rebases - same content = same blob SHA
+ file_blobs: dict[str, str] = {}
+ try:
+ gh_client = GHClient(
+ project_dir=self.project_dir,
+ default_timeout=30.0,
+ repo=self.config.repo,
+ )
+ pr_files = await gh_client.get_pr_files(context.pr_number)
+ for file in pr_files:
+ filename = file.get("filename", "")
+ blob_sha = file.get("sha", "")
+ if filename and blob_sha:
+ file_blobs[filename] = blob_sha
+ logger.info(
+ f"Captured {len(file_blobs)} file blob SHAs for follow-up tracking"
+ )
+ except Exception as e:
+ logger.warning(f"Could not capture file blobs: {e}")
+
result = PRReviewResult(
pr_number=context.pr_number,
repo=self.config.repo,
@@ -810,6 +684,7 @@ async def review(self, context: PRContext) -> PRReviewResult:
verdict_reasoning=verdict_reasoning,
blockers=blockers,
reviewed_commit_sha=head_sha,
+ reviewed_file_blobs=file_blobs,
)
self._report_progress(
@@ -945,7 +820,7 @@ def _create_finding_from_dict(self, f_data: dict[str, Any]) -> PRReviewFinding:
category=category,
severity=severity,
suggested_fix=f_data.get("suggested_fix", ""),
- confidence=self._normalize_confidence(f_data.get("confidence", 85)),
+ evidence=f_data.get("evidence"),
)
def _parse_text_output(self, output: str) -> list[PRReviewFinding]:
@@ -993,10 +868,23 @@ def _deduplicate_findings(
return unique
def _generate_verdict(
- self, findings: list[PRReviewFinding]
+ self,
+ findings: list[PRReviewFinding],
+ has_merge_conflicts: bool = False,
+ merge_state_status: str = "",
) -> tuple[MergeVerdict, str, list[str]]:
- """Generate merge verdict based on findings."""
+ """Generate merge verdict based on findings, merge conflict status, and branch state."""
blockers = []
+ is_branch_behind = merge_state_status == "BEHIND"
+
+ # CRITICAL: Merge conflicts block merging - check first
+ if has_merge_conflicts:
+ blockers.append(
+ "Merge Conflicts: PR has conflicts with base branch that must be resolved"
+ )
+ # Branch behind base is a warning, not a hard blocker
+ elif is_branch_behind:
+ blockers.append(BRANCH_BEHIND_BLOCKER_MSG)
critical = [f for f in findings if f.severity == ReviewSeverity.CRITICAL]
high = [f for f in findings if f.severity == ReviewSeverity.HIGH]
@@ -1007,8 +895,25 @@ def _generate_verdict(
blockers.append(f"Critical: {f.title} ({f.file}:{f.line})")
if blockers:
- verdict = MergeVerdict.BLOCKED
- reasoning = f"Blocked by {len(blockers)} critical issue(s)"
+ # Merge conflicts are the highest priority blocker
+ if has_merge_conflicts:
+ verdict = MergeVerdict.BLOCKED
+ reasoning = (
+ "Blocked: PR has merge conflicts with base branch. "
+ "Resolve conflicts before merge."
+ )
+ elif critical:
+ verdict = MergeVerdict.BLOCKED
+ reasoning = f"Blocked by {len(critical)} critical issue(s)"
+ # Branch behind is a soft blocker - NEEDS_REVISION, not BLOCKED
+ elif is_branch_behind:
+ verdict = MergeVerdict.NEEDS_REVISION
+ reasoning = BRANCH_BEHIND_REASONING
+ if low:
+ reasoning += f" {len(low)} non-blocking suggestion(s) to consider."
+ else:
+ verdict = MergeVerdict.BLOCKED
+ reasoning = f"Blocked by {len(blockers)} issue(s)"
elif high or medium:
# High and Medium severity findings block merge
verdict = MergeVerdict.NEEDS_REVISION
diff --git a/apps/backend/runners/github/services/pr_review_engine.py b/apps/backend/runners/github/services/pr_review_engine.py
index 24d1fb69f0..d8832539e7 100644
--- a/apps/backend/runners/github/services/pr_review_engine.py
+++ b/apps/backend/runners/github/services/pr_review_engine.py
@@ -242,7 +242,9 @@ async def run_review_pass(
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
result_text += block.text
if review_pass == ReviewPass.QUICK_SCAN:
@@ -502,7 +504,9 @@ async def _run_structural_pass(self, context: PRContext) -> str:
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
result_text += block.text
except Exception as e:
print(f"[AI] Structural pass error: {e}", flush=True)
@@ -558,7 +562,9 @@ async def _run_ai_triage_pass(self, context: PRContext) -> str:
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
result_text += block.text
except Exception as e:
print(f"[AI] AI triage pass error: {e}", flush=True)
diff --git a/apps/backend/runners/github/services/pr_worktree_manager.py b/apps/backend/runners/github/services/pr_worktree_manager.py
new file mode 100644
index 0000000000..0518dc4929
--- /dev/null
+++ b/apps/backend/runners/github/services/pr_worktree_manager.py
@@ -0,0 +1,437 @@
+"""
+PR Worktree Manager
+===================
+
+Manages lifecycle of PR review worktrees with cleanup policies.
+
+Features:
+- Age-based cleanup (remove worktrees older than N days)
+- Count-based cleanup (keep only N most recent worktrees)
+- Orphaned worktree cleanup (worktrees not registered with git)
+- Automatic cleanup on review completion
+"""
+
+from __future__ import annotations
+
+import logging
+import os
+import shutil
+import subprocess
+import time
+from pathlib import Path
+from typing import NamedTuple
+
+logger = logging.getLogger(__name__)
+
+# Default cleanup policies (can be overridden via environment variables)
+DEFAULT_MAX_PR_WORKTREES = 10 # Max worktrees to keep
+DEFAULT_PR_WORKTREE_MAX_AGE_DAYS = 7 # Max age in days
+
+
+def _get_max_pr_worktrees() -> int:
+ """Get max worktrees setting, read at runtime for testability."""
+ try:
+ value = int(os.environ.get("MAX_PR_WORKTREES", str(DEFAULT_MAX_PR_WORKTREES)))
+ return value if value > 0 else DEFAULT_MAX_PR_WORKTREES
+ except (ValueError, TypeError):
+ return DEFAULT_MAX_PR_WORKTREES
+
+
+def _get_max_age_days() -> int:
+ """Get max age setting, read at runtime for testability."""
+ try:
+ value = int(
+ os.environ.get(
+ "PR_WORKTREE_MAX_AGE_DAYS", str(DEFAULT_PR_WORKTREE_MAX_AGE_DAYS)
+ )
+ )
+ return value if value >= 0 else DEFAULT_PR_WORKTREE_MAX_AGE_DAYS
+ except (ValueError, TypeError):
+ return DEFAULT_PR_WORKTREE_MAX_AGE_DAYS
+
+
+# Safe pattern for git refs (SHA, branch names)
+# Allows: alphanumeric, dots, underscores, hyphens, forward slashes
+import re
+
+SAFE_REF_PATTERN = re.compile(r"^[a-zA-Z0-9._/\-]+$")
+
+
+class WorktreeInfo(NamedTuple):
+ """Information about a PR worktree."""
+
+ path: Path
+ age_days: float
+ pr_number: int | None = None
+
+
+class PRWorktreeManager:
+ """
+ Manages PR review worktrees with automatic cleanup policies.
+
+ Cleanup policies:
+ 1. Remove worktrees older than PR_WORKTREE_MAX_AGE_DAYS (default: 7 days)
+ 2. Keep only MAX_PR_WORKTREES most recent worktrees (default: 10)
+ 3. Remove orphaned worktrees (not registered with git)
+ """
+
+ def __init__(self, project_dir: Path, worktree_dir: str | Path):
+ """
+ Initialize the worktree manager.
+
+ Args:
+ project_dir: Root directory of the git project
+ worktree_dir: Directory where PR worktrees are stored (relative to project_dir)
+ """
+ self.project_dir = Path(project_dir)
+ self.worktree_base_dir = self.project_dir / worktree_dir
+
+ def create_worktree(
+ self, head_sha: str, pr_number: int, auto_cleanup: bool = True
+ ) -> Path:
+ """
+ Create a PR worktree with automatic cleanup of old worktrees.
+
+ Args:
+ head_sha: Git commit SHA to checkout
+ pr_number: PR number for naming
+ auto_cleanup: If True (default), run cleanup before creating
+
+ Returns:
+ Path to the created worktree
+
+ Raises:
+ RuntimeError: If worktree creation fails
+ ValueError: If head_sha or pr_number are invalid
+ """
+ # Validate inputs to prevent command injection
+ if not head_sha or not SAFE_REF_PATTERN.match(head_sha):
+ raise ValueError(
+ f"Invalid head_sha: must match pattern {SAFE_REF_PATTERN.pattern}"
+ )
+ if not isinstance(pr_number, int) or pr_number <= 0:
+ raise ValueError(
+ f"Invalid pr_number: must be a positive integer, got {pr_number}"
+ )
+
+ # Run cleanup before creating new worktree (can be disabled for tests)
+ if auto_cleanup:
+ self.cleanup_worktrees()
+
+ # Generate worktree name with timestamp for uniqueness
+ sha_short = head_sha[:8]
+ timestamp = int(time.time() * 1000) # Millisecond precision
+ worktree_name = f"pr-{pr_number}-{sha_short}-{timestamp}"
+
+ # Create worktree directory
+ self.worktree_base_dir.mkdir(parents=True, exist_ok=True)
+ worktree_path = self.worktree_base_dir / worktree_name
+
+ logger.debug(f"Creating worktree: {worktree_path}")
+
+ try:
+ # Fetch the commit if not available locally (handles fork PRs)
+ fetch_result = subprocess.run(
+ ["git", "fetch", "origin", head_sha],
+ cwd=self.project_dir,
+ capture_output=True,
+ text=True,
+ timeout=60,
+ )
+
+ if fetch_result.returncode != 0:
+ logger.warning(
+ f"Could not fetch {head_sha} from origin (fork PR?): {fetch_result.stderr}"
+ )
+ except subprocess.TimeoutExpired:
+ logger.warning(
+ f"Timeout fetching {head_sha} from origin, continuing anyway"
+ )
+
+ try:
+ # Create detached worktree at the PR commit
+ result = subprocess.run(
+ ["git", "worktree", "add", "--detach", str(worktree_path), head_sha],
+ cwd=self.project_dir,
+ capture_output=True,
+ text=True,
+ timeout=120,
+ )
+
+ if result.returncode != 0:
+ # Check for fatal errors in stderr (git outputs info to stderr too)
+ stderr = result.stderr.strip()
+ # Clean up partial worktree on failure
+ if worktree_path.exists():
+ shutil.rmtree(worktree_path, ignore_errors=True)
+ raise RuntimeError(f"Failed to create worktree: {stderr}")
+
+ # Verify the worktree was actually created
+ if not worktree_path.exists():
+ raise RuntimeError(
+ f"Worktree creation reported success but path does not exist: {worktree_path}"
+ )
+
+ except subprocess.TimeoutExpired:
+ # Clean up partial worktree on timeout
+ if worktree_path.exists():
+ shutil.rmtree(worktree_path, ignore_errors=True)
+ raise RuntimeError(f"Timeout creating worktree for {head_sha}")
+
+ logger.info(f"[WorktreeManager] Created worktree at {worktree_path}")
+ return worktree_path
+
+ def remove_worktree(self, worktree_path: Path) -> None:
+ """
+ Remove a PR worktree with fallback chain.
+
+ Args:
+ worktree_path: Path to the worktree to remove
+ """
+ if not worktree_path or not worktree_path.exists():
+ return
+
+ logger.debug(f"Removing worktree: {worktree_path}")
+
+ # Try 1: git worktree remove
+ try:
+ result = subprocess.run(
+ ["git", "worktree", "remove", "--force", str(worktree_path)],
+ cwd=self.project_dir,
+ capture_output=True,
+ text=True,
+ timeout=60,
+ )
+
+ if result.returncode == 0:
+ logger.info(f"[WorktreeManager] Removed worktree: {worktree_path.name}")
+ return
+ except subprocess.TimeoutExpired:
+ logger.warning(
+ f"Timeout removing worktree {worktree_path.name}, falling back to shutil"
+ )
+
+ # Try 2: shutil.rmtree fallback
+ try:
+ shutil.rmtree(worktree_path, ignore_errors=True)
+ subprocess.run(
+ ["git", "worktree", "prune"],
+ cwd=self.project_dir,
+ capture_output=True,
+ timeout=30,
+ )
+ logger.warning(
+ f"[WorktreeManager] Used shutil fallback for: {worktree_path.name}"
+ )
+ except Exception as e:
+ logger.error(
+ f"[WorktreeManager] Failed to remove worktree {worktree_path}: {e}"
+ )
+
+ def get_worktree_info(self) -> list[WorktreeInfo]:
+ """
+ Get information about all PR worktrees.
+
+ Returns:
+ List of WorktreeInfo objects sorted by age (oldest first)
+ """
+ if not self.worktree_base_dir.exists():
+ return []
+
+ worktrees = []
+ current_time = time.time()
+
+ for item in self.worktree_base_dir.iterdir():
+ if not item.is_dir():
+ continue
+
+ # Get modification time
+ mtime = item.stat().st_mtime
+ age_seconds = current_time - mtime
+ age_days = age_seconds / 86400 # Convert seconds to days
+
+ # Extract PR number from directory name (format: pr-XXX-sha)
+ pr_number = None
+ if item.name.startswith("pr-"):
+ parts = item.name.split("-")
+ if len(parts) >= 2:
+ try:
+ pr_number = int(parts[1])
+ except ValueError:
+ pass
+
+ worktrees.append(
+ WorktreeInfo(path=item, age_days=age_days, pr_number=pr_number)
+ )
+
+ # Sort by age (oldest first)
+ worktrees.sort(key=lambda x: x.age_days, reverse=True)
+
+ return worktrees
+
+ def get_registered_worktrees(self) -> set[Path]:
+ """
+ Get set of worktrees registered with git.
+
+ Returns:
+ Set of resolved Path objects for registered worktrees
+ """
+ try:
+ result = subprocess.run(
+ ["git", "worktree", "list", "--porcelain"],
+ cwd=self.project_dir,
+ capture_output=True,
+ text=True,
+ timeout=30,
+ )
+ except subprocess.TimeoutExpired:
+ logger.warning("Timeout listing worktrees, returning empty set")
+ return set()
+
+ registered = set()
+ for line in result.stdout.split("\n"):
+ if line.startswith("worktree "):
+ parts = line.split(" ", 1)
+ if len(parts) > 1 and parts[1]:
+ registered.add(Path(parts[1]))
+
+ return registered
+
+ def cleanup_worktrees(self, force: bool = False) -> dict[str, int]:
+ """
+ Clean up PR worktrees based on age and count policies.
+
+ Cleanup order:
+ 1. Remove orphaned worktrees (not registered with git)
+ 2. Remove worktrees older than PR_WORKTREE_MAX_AGE_DAYS
+ 3. If still over MAX_PR_WORKTREES, remove oldest worktrees
+
+ Args:
+ force: If True, skip age check and only enforce count limit
+
+ Returns:
+ Dict with cleanup statistics: {
+ 'orphaned': count,
+ 'expired': count,
+ 'excess': count,
+ 'total': count
+ }
+ """
+ stats = {"orphaned": 0, "expired": 0, "excess": 0, "total": 0}
+
+ if not self.worktree_base_dir.exists():
+ return stats
+
+ # Get registered worktrees (resolved paths for consistent comparison)
+ registered = self.get_registered_worktrees()
+ registered_resolved = {p.resolve() for p in registered}
+
+ # Get all PR worktree info
+ worktrees = self.get_worktree_info()
+
+ # Phase 1: Remove orphaned worktrees
+ for wt in worktrees:
+ if wt.path.resolve() not in registered_resolved:
+ logger.info(
+ f"[WorktreeManager] Removing orphaned worktree: {wt.path.name} (age: {wt.age_days:.1f} days)"
+ )
+ shutil.rmtree(wt.path, ignore_errors=True)
+ stats["orphaned"] += 1
+
+ # Refresh worktree list after orphan cleanup
+ try:
+ subprocess.run(
+ ["git", "worktree", "prune"],
+ cwd=self.project_dir,
+ capture_output=True,
+ timeout=30,
+ )
+ except subprocess.TimeoutExpired:
+ logger.warning("Timeout pruning worktrees, continuing anyway")
+
+ # Refresh registered worktrees after prune (git's internal registry may have changed)
+ registered_resolved = {p.resolve() for p in self.get_registered_worktrees()}
+
+ # Get fresh worktree info for remaining worktrees (use resolved paths)
+ worktrees = [
+ wt
+ for wt in self.get_worktree_info()
+ if wt.path.resolve() in registered_resolved
+ ]
+
+ # Phase 2: Remove expired worktrees (older than max age)
+ max_age_days = _get_max_age_days()
+ if not force:
+ for wt in worktrees:
+ if wt.age_days > max_age_days:
+ logger.info(
+ f"[WorktreeManager] Removing expired worktree: {wt.path.name} (age: {wt.age_days:.1f} days, max: {max_age_days} days)"
+ )
+ self.remove_worktree(wt.path)
+ stats["expired"] += 1
+
+ # Refresh worktree list after expiration cleanup (use resolved paths)
+ registered_resolved = {p.resolve() for p in self.get_registered_worktrees()}
+ worktrees = [
+ wt
+ for wt in self.get_worktree_info()
+ if wt.path.resolve() in registered_resolved
+ ]
+
+ # Phase 3: Remove excess worktrees (keep only max_pr_worktrees most recent)
+ max_pr_worktrees = _get_max_pr_worktrees()
+ if len(worktrees) > max_pr_worktrees:
+ # worktrees are already sorted by age (oldest first)
+ excess_count = len(worktrees) - max_pr_worktrees
+ for wt in worktrees[:excess_count]:
+ logger.info(
+ f"[WorktreeManager] Removing excess worktree: {wt.path.name} (count: {len(worktrees)}, max: {max_pr_worktrees})"
+ )
+ self.remove_worktree(wt.path)
+ stats["excess"] += 1
+
+ stats["total"] = stats["orphaned"] + stats["expired"] + stats["excess"]
+
+ if stats["total"] > 0:
+ logger.info(
+ f"[WorktreeManager] Cleanup complete: {stats['total']} worktrees removed "
+ f"(orphaned={stats['orphaned']}, expired={stats['expired']}, excess={stats['excess']})"
+ )
+ else:
+ logger.debug(
+ f"No cleanup needed (current: {len(worktrees)}, max: {max_pr_worktrees})"
+ )
+
+ return stats
+
+ def cleanup_all_worktrees(self) -> int:
+ """
+ Remove ALL PR worktrees (for testing or emergency cleanup).
+
+ Returns:
+ Number of worktrees removed
+ """
+ if not self.worktree_base_dir.exists():
+ return 0
+
+ worktrees = self.get_worktree_info()
+ count = 0
+
+ for wt in worktrees:
+ logger.info(f"[WorktreeManager] Removing worktree: {wt.path.name}")
+ self.remove_worktree(wt.path)
+ count += 1
+
+ if count > 0:
+ try:
+ subprocess.run(
+ ["git", "worktree", "prune"],
+ cwd=self.project_dir,
+ capture_output=True,
+ timeout=30,
+ )
+ except subprocess.TimeoutExpired:
+ logger.warning("Timeout pruning worktrees after cleanup")
+ logger.info(f"[WorktreeManager] Removed all {count} PR worktrees")
+
+ return count
diff --git a/apps/backend/runners/github/services/pydantic_models.py b/apps/backend/runners/github/services/pydantic_models.py
index 3c91a219eb..6777e97690 100644
--- a/apps/backend/runners/github/services/pydantic_models.py
+++ b/apps/backend/runners/github/services/pydantic_models.py
@@ -26,7 +26,7 @@
from typing import Literal
-from pydantic import BaseModel, Field, field_validator
+from pydantic import BaseModel, Field
# =============================================================================
# Common Finding Types
@@ -46,6 +46,10 @@ class BaseFinding(BaseModel):
line: int = Field(0, description="Line number of the issue")
suggested_fix: str | None = Field(None, description="How to fix this issue")
fixable: bool = Field(False, description="Whether this can be auto-fixed")
+ evidence: str | None = Field(
+ None,
+ description="Actual code snippet proving the issue exists. Required for validation.",
+ )
class SecurityFinding(BaseFinding):
@@ -78,9 +82,6 @@ class DeepAnalysisFinding(BaseFinding):
"performance",
"logic",
] = Field(description="Issue category")
- confidence: float = Field(
- 0.85, ge=0.0, le=1.0, description="AI's confidence in this finding (0.0-1.0)"
- )
verification_note: str | None = Field(
None, description="What evidence is missing or couldn't be verified"
)
@@ -315,21 +316,11 @@ class OrchestratorFinding(BaseModel):
description="Issue severity level"
)
suggestion: str | None = Field(None, description="How to fix this issue")
- confidence: float = Field(
- 0.85,
- ge=0.0,
- le=1.0,
- description="Confidence (0.0-1.0 or 0-100, normalized to 0.0-1.0)",
+ evidence: str | None = Field(
+ None,
+ description="Actual code snippet proving the issue exists. Required for validation.",
)
- @field_validator("confidence", mode="before")
- @classmethod
- def normalize_confidence(cls, v: int | float) -> float:
- """Normalize confidence to 0.0-1.0 range (accepts 0-100 or 0.0-1.0)."""
- if v > 1:
- return v / 100.0
- return float(v)
-
class OrchestratorReviewResponse(BaseModel):
"""Complete response schema for orchestrator PR review."""
@@ -355,9 +346,6 @@ class LogicFinding(BaseFinding):
category: Literal["logic"] = Field(
default="logic", description="Always 'logic' for logic findings"
)
- confidence: float = Field(
- 0.85, ge=0.0, le=1.0, description="Confidence in this finding (0.0-1.0)"
- )
example_input: str | None = Field(
None, description="Concrete input that triggers the bug"
)
@@ -366,14 +354,6 @@ class LogicFinding(BaseFinding):
None, description="What the code should produce"
)
- @field_validator("confidence", mode="before")
- @classmethod
- def normalize_confidence(cls, v: int | float) -> float:
- """Normalize confidence to 0.0-1.0 range."""
- if v > 1:
- return v / 100.0
- return float(v)
-
class CodebaseFitFinding(BaseFinding):
"""A codebase fit finding from the codebase fit review agent."""
@@ -381,9 +361,6 @@ class CodebaseFitFinding(BaseFinding):
category: Literal["codebase_fit"] = Field(
default="codebase_fit", description="Always 'codebase_fit' for fit findings"
)
- confidence: float = Field(
- 0.85, ge=0.0, le=1.0, description="Confidence in this finding (0.0-1.0)"
- )
existing_code: str | None = Field(
None, description="Reference to existing code that should be used instead"
)
@@ -391,14 +368,6 @@ class CodebaseFitFinding(BaseFinding):
None, description="Description of the established pattern being violated"
)
- @field_validator("confidence", mode="before")
- @classmethod
- def normalize_confidence(cls, v: int | float) -> float:
- """Normalize confidence to 0.0-1.0 range."""
- if v > 1:
- return v / 100.0
- return float(v)
-
class ParallelOrchestratorFinding(BaseModel):
"""A finding from the parallel orchestrator with source agent tracking."""
@@ -423,8 +392,9 @@ class ParallelOrchestratorFinding(BaseModel):
severity: Literal["critical", "high", "medium", "low"] = Field(
description="Issue severity level"
)
- confidence: float = Field(
- 0.85, ge=0.0, le=1.0, description="Confidence in this finding (0.0-1.0)"
+ evidence: str | None = Field(
+ None,
+ description="Actual code snippet proving the issue exists. Required for validation.",
)
suggested_fix: str | None = Field(None, description="How to fix this issue")
fixable: bool = Field(False, description="Whether this can be auto-fixed")
@@ -436,14 +406,6 @@ class ParallelOrchestratorFinding(BaseModel):
False, description="Whether multiple agents agreed on this finding"
)
- @field_validator("confidence", mode="before")
- @classmethod
- def normalize_confidence(cls, v: int | float) -> float:
- """Normalize confidence to 0.0-1.0 range."""
- if v > 1:
- return v / 100.0
- return float(v)
-
class AgentAgreement(BaseModel):
"""Tracks agreement between agents on findings."""
@@ -496,22 +458,14 @@ class ResolutionVerification(BaseModel):
status: Literal["resolved", "partially_resolved", "unresolved", "cant_verify"] = (
Field(description="Resolution status after AI verification")
)
- confidence: float = Field(
- 0.85, ge=0.0, le=1.0, description="Confidence in the resolution status"
+ evidence: str = Field(
+ min_length=1,
+ description="Actual code snippet showing the resolution status. Required.",
)
- evidence: str = Field(description="What evidence supports this resolution status")
resolution_notes: str | None = Field(
None, description="Detailed notes on how the issue was addressed"
)
- @field_validator("confidence", mode="before")
- @classmethod
- def normalize_confidence(cls, v: int | float) -> float:
- """Normalize confidence to 0.0-1.0 range."""
- if v > 1:
- return v / 100.0
- return float(v)
-
class ParallelFollowupFinding(BaseModel):
"""A finding from parallel follow-up review with source agent tracking."""
@@ -534,8 +488,9 @@ class ParallelFollowupFinding(BaseModel):
severity: Literal["critical", "high", "medium", "low"] = Field(
description="Issue severity level"
)
- confidence: float = Field(
- 0.85, ge=0.0, le=1.0, description="Confidence in this finding (0.0-1.0)"
+ evidence: str | None = Field(
+ None,
+ description="Actual code snippet proving the issue exists. Required for validation.",
)
suggested_fix: str | None = Field(None, description="How to fix this issue")
fixable: bool = Field(False, description="Whether this can be auto-fixed")
@@ -546,14 +501,6 @@ class ParallelFollowupFinding(BaseModel):
None, description="ID of related previous finding if this is a regression"
)
- @field_validator("confidence", mode="before")
- @classmethod
- def normalize_confidence(cls, v: int | float) -> float:
- """Normalize confidence to 0.0-1.0 range."""
- if v > 1:
- return v / 100.0
- return float(v)
-
class CommentAnalysis(BaseModel):
"""Analysis of a contributor or AI comment."""
@@ -640,6 +587,9 @@ class FindingValidationResult(BaseModel):
The finding-validator agent uses this to report whether a previous finding
is a genuine issue or a false positive that should be dismissed.
+
+ EVIDENCE-BASED VALIDATION: No confidence scores - validation is binary.
+ Either the evidence shows the issue exists, or it doesn't.
"""
finding_id: str = Field(description="ID of the finding being validated")
@@ -648,16 +598,17 @@ class FindingValidationResult(BaseModel):
] = Field(
description=(
"Validation result: "
- "confirmed_valid = issue IS real, keep as unresolved; "
- "dismissed_false_positive = original finding was incorrect, remove; "
- "needs_human_review = cannot determine with confidence"
+ "confirmed_valid = code evidence proves issue IS real; "
+ "dismissed_false_positive = code evidence proves issue does NOT exist; "
+ "needs_human_review = cannot find definitive evidence either way"
)
)
code_evidence: str = Field(
min_length=1,
description=(
"REQUIRED: Exact code snippet examined from the file. "
- "Must be actual code, not a description."
+ "Must be actual code copy-pasted from the file, not a description. "
+ "This is the proof that determines the validation status."
),
)
line_range: tuple[int, int] = Field(
@@ -666,27 +617,18 @@ class FindingValidationResult(BaseModel):
explanation: str = Field(
min_length=20,
description=(
- "Detailed explanation of why the finding is valid/invalid. "
- "Must reference specific code and explain the reasoning."
+ "Detailed explanation connecting the code_evidence to the validation_status. "
+ "Must explain: (1) what the original finding claimed, (2) what the actual code shows, "
+ "(3) why this proves/disproves the issue."
),
)
- confidence: float = Field(
- ge=0.0,
- le=1.0,
+ evidence_verified_in_file: bool = Field(
description=(
- "Confidence in the validation result (0.0-1.0). "
- "Must be >= 0.80 to dismiss as false positive, >= 0.70 to confirm valid."
- ),
+ "True if the code_evidence was verified to exist at the specified line_range. "
+ "False if the code couldn't be found (indicates hallucination in original finding)."
+ )
)
- @field_validator("confidence", mode="before")
- @classmethod
- def normalize_confidence(cls, v: int | float) -> float:
- """Normalize confidence to 0.0-1.0 range (accepts 0-100 or 0.0-1.0)."""
- if v > 1:
- return v / 100.0
- return float(v)
-
class FindingValidationResponse(BaseModel):
"""Complete response from the finding-validator agent."""
diff --git a/apps/backend/runners/github/services/response_parsers.py b/apps/backend/runners/github/services/response_parsers.py
index db318463d2..2df83ea06b 100644
--- a/apps/backend/runners/github/services/response_parsers.py
+++ b/apps/backend/runners/github/services/response_parsers.py
@@ -33,8 +33,9 @@
TriageResult,
)
-# Confidence threshold for filtering findings (GitHub Copilot standard)
-CONFIDENCE_THRESHOLD = 0.80
+# Evidence-based validation replaces confidence scoring
+# Findings without evidence are filtered out instead of using confidence thresholds
+MIN_EVIDENCE_LENGTH = 20 # Minimum chars for evidence to be considered valid
class ResponseParser:
@@ -65,9 +66,13 @@ def parse_scan_result(response_text: str) -> dict:
@staticmethod
def parse_review_findings(
- response_text: str, apply_confidence_filter: bool = True
+ response_text: str, require_evidence: bool = True
) -> list[PRReviewFinding]:
- """Parse findings from AI response with optional confidence filtering."""
+ """Parse findings from AI response with optional evidence validation.
+
+ Evidence-based validation: Instead of confidence scores, findings
+ require actual code evidence proving the issue exists.
+ """
findings = []
try:
@@ -77,14 +82,14 @@ def parse_review_findings(
if json_match:
findings_data = json.loads(json_match.group(1))
for i, f in enumerate(findings_data):
- # Get confidence (default to 0.85 if not provided for backward compat)
- confidence = float(f.get("confidence", 0.85))
+ # Get evidence (code snippet proving the issue)
+ evidence = f.get("evidence") or f.get("code_snippet") or ""
- # Apply confidence threshold filter
- if apply_confidence_filter and confidence < CONFIDENCE_THRESHOLD:
+ # Apply evidence-based validation
+ if require_evidence and len(evidence.strip()) < MIN_EVIDENCE_LENGTH:
print(
f"[AI] Dropped finding '{f.get('title', 'unknown')}': "
- f"confidence {confidence:.2f} < {CONFIDENCE_THRESHOLD}",
+ f"insufficient evidence ({len(evidence.strip())} chars < {MIN_EVIDENCE_LENGTH})",
flush=True,
)
continue
@@ -105,8 +110,8 @@ def parse_review_findings(
end_line=f.get("end_line"),
suggested_fix=f.get("suggested_fix"),
fixable=f.get("fixable", False),
- # NEW: Support verification and redundancy fields
- confidence=confidence,
+ # Evidence-based validation fields
+ evidence=evidence if evidence.strip() else None,
verification_note=f.get("verification_note"),
redundant_with=f.get("redundant_with"),
)
diff --git a/apps/backend/runners/github/services/review_tools.py b/apps/backend/runners/github/services/review_tools.py
index 881d8353cf..1a53a6b126 100644
--- a/apps/backend/runners/github/services/review_tools.py
+++ b/apps/backend/runners/github/services/review_tools.py
@@ -140,7 +140,9 @@ async def spawn_security_review(
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
result_text += block.text
# Parse findings
@@ -223,7 +225,9 @@ async def spawn_quality_review(
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
result_text += block.text
findings = _parse_findings_from_response(result_text, source="quality_agent")
@@ -316,7 +320,9 @@ async def spawn_deep_analysis(
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
result_text += block.text
findings = _parse_findings_from_response(result_text, source="deep_analysis")
diff --git a/apps/backend/runners/github/services/sdk_utils.py b/apps/backend/runners/github/services/sdk_utils.py
index 0e6da74f30..7471f16360 100644
--- a/apps/backend/runners/github/services/sdk_utils.py
+++ b/apps/backend/runners/github/services/sdk_utils.py
@@ -235,8 +235,9 @@ async def process_sdk_stream(
if on_tool_use:
on_tool_use(tool_name, tool_id, tool_input)
- # Collect text
- if hasattr(block, "text"):
+ # Collect text - must check block type since only TextBlock has .text
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
result_text += block.text
# Always print text content preview (not just in DEBUG_MODE)
text_preview = block.text[:500].replace("\n", " ").strip()
diff --git a/apps/backend/runners/github/services/triage_engine.py b/apps/backend/runners/github/services/triage_engine.py
index 2508207012..57a6b04310 100644
--- a/apps/backend/runners/github/services/triage_engine.py
+++ b/apps/backend/runners/github/services/triage_engine.py
@@ -87,7 +87,9 @@ async def triage_single_issue(
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
response_text += block.text
return self.parser.parse_triage_result(
diff --git a/apps/backend/runners/gitlab/runner.py b/apps/backend/runners/gitlab/runner.py
index c2a0be32a5..d4f61827bb 100644
--- a/apps/backend/runners/gitlab/runner.py
+++ b/apps/backend/runners/gitlab/runner.py
@@ -26,8 +26,10 @@
# Add backend to path
sys.path.insert(0, str(Path(__file__).parent.parent.parent))
-# Load .env file
-from dotenv import load_dotenv
+# Load .env file with centralized error handling
+from cli.utils import import_dotenv
+
+load_dotenv = import_dotenv()
env_file = Path(__file__).parent.parent.parent / ".env"
if env_file.exists():
diff --git a/apps/backend/runners/gitlab/services/mr_review_engine.py b/apps/backend/runners/gitlab/services/mr_review_engine.py
index d1679a4b62..ef8ef9aaf0 100644
--- a/apps/backend/runners/gitlab/services/mr_review_engine.py
+++ b/apps/backend/runners/gitlab/services/mr_review_engine.py
@@ -234,7 +234,9 @@ async def run_review(
msg_type = type(msg).__name__
if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
result_text += block.text
self._report_progress(
diff --git a/apps/backend/runners/ideation_runner.py b/apps/backend/runners/ideation_runner.py
index 63714a372f..9b91445601 100644
--- a/apps/backend/runners/ideation_runner.py
+++ b/apps/backend/runners/ideation_runner.py
@@ -26,8 +26,10 @@
# Add auto-claude to path
sys.path.insert(0, str(Path(__file__).parent.parent))
-# Load .env file from auto-claude/ directory
-from dotenv import load_dotenv
+# Load .env file with centralized error handling
+from cli.utils import import_dotenv
+
+load_dotenv = import_dotenv()
env_file = Path(__file__).parent.parent / ".env"
if env_file.exists():
@@ -94,8 +96,8 @@ def main():
parser.add_argument(
"--model",
type=str,
- default="claude-opus-4-5-20251101",
- help="Model to use (default: claude-opus-4-5-20251101)",
+ default="sonnet", # Changed from "opus" (fix #433)
+ help="Model to use (haiku, sonnet, opus, or full model ID)",
)
parser.add_argument(
"--thinking-level",
diff --git a/apps/backend/runners/insights_runner.py b/apps/backend/runners/insights_runner.py
index a2de9f9408..bd4bf362c4 100644
--- a/apps/backend/runners/insights_runner.py
+++ b/apps/backend/runners/insights_runner.py
@@ -15,8 +15,10 @@
# Add auto-claude to path
sys.path.insert(0, str(Path(__file__).parent.parent))
-# Load .env file from auto-claude/ directory
-from dotenv import load_dotenv
+# Load .env file with centralized error handling
+from cli.utils import import_dotenv
+
+load_dotenv = import_dotenv()
env_file = Path(__file__).parent.parent / ".env"
if env_file.exists():
@@ -39,6 +41,7 @@
debug_section,
debug_success,
)
+from phase_config import resolve_model_id
def load_project_context(project_dir: str) -> str:
@@ -132,7 +135,7 @@ async def run_with_sdk(
project_dir: str,
message: str,
history: list,
- model: str = "claude-sonnet-4-5-20250929",
+ model: str = "sonnet", # Shorthand - resolved via API Profile if configured
thinking_level: str = "medium",
) -> None:
"""Run the chat using Claude SDK with streaming."""
@@ -180,7 +183,7 @@ async def run_with_sdk(
# Create Claude SDK client with appropriate settings for insights
client = ClaudeSDKClient(
options=ClaudeAgentOptions(
- model=model, # Use configured model
+ model=resolve_model_id(model), # Resolve via API Profile if configured
system_prompt=system_prompt,
allowed_tools=[
"Read",
@@ -336,8 +339,8 @@ def main():
)
parser.add_argument(
"--model",
- default="claude-sonnet-4-5-20250929",
- help="Claude model ID (default: claude-sonnet-4-5-20250929)",
+ default="sonnet",
+ help="Model to use (haiku, sonnet, opus, or full model ID)",
)
parser.add_argument(
"--thinking-level",
diff --git a/apps/backend/runners/persona_runner.py b/apps/backend/runners/persona_runner.py
new file mode 100644
index 0000000000..a7172f5d72
--- /dev/null
+++ b/apps/backend/runners/persona_runner.py
@@ -0,0 +1,323 @@
+#!/usr/bin/env python3
+"""
+Persona Generation Runner
+
+CLI entry point for generating user personas for a project.
+Analyzes project structure, documentation, and optionally conducts web research
+to generate detailed user personas.
+
+Also supports single persona enrichment for AI-assisted persona creation.
+
+Usage:
+ python persona_runner.py [options]
+
+Examples:
+ # Generate personas for current directory
+ python persona_runner.py
+
+ # Generate personas for specific project
+ python persona_runner.py --project /path/to/project
+
+ # Enable web research enrichment
+ python persona_runner.py --research
+
+ # Force regeneration
+ python persona_runner.py --refresh
+
+ # Enrich a new persona from minimal input
+ python persona_runner.py --enrich-new --role "DevOps Engineer" --description "Infrastructure team member"
+
+ # Enrich an existing persona
+ python persona_runner.py --enrich-existing --persona-id "persona-123"
+"""
+
+import argparse
+import asyncio
+import json
+import sys
+from pathlib import Path
+
+# Add backend to path for imports
+sys.path.insert(0, str(Path(__file__).parent.parent))
+
+from runners.personas import PersonaOrchestrator
+from runners.personas.single_enricher import SinglePersonaEnricher, PersonaEnrichmentInput
+
+
+def parse_args():
+ """Parse command line arguments."""
+ parser = argparse.ArgumentParser(
+ description="Generate user personas for a project",
+ formatter_class=argparse.RawDescriptionHelpFormatter,
+ epilog="""
+Examples:
+ python persona_runner.py
+ python persona_runner.py --project /path/to/project
+ python persona_runner.py --research
+ python persona_runner.py --refresh --research
+ """,
+ )
+
+ parser.add_argument(
+ "--project",
+ "-p",
+ type=str,
+ default=".",
+ help="Path to project directory (default: current directory)",
+ )
+
+ parser.add_argument(
+ "--output",
+ "-o",
+ type=str,
+ default=None,
+ help="Output directory for personas (default: .auto-claude/personas/)",
+ )
+
+ parser.add_argument(
+ "--model",
+ "-m",
+ type=str,
+ default="sonnet",
+ choices=["sonnet", "opus", "haiku"],
+ help="Claude model to use (default: sonnet)",
+ )
+
+ parser.add_argument(
+ "--thinking-level",
+ "-t",
+ type=str,
+ default="medium",
+ choices=["none", "low", "medium", "high"],
+ help="Thinking level for agent (default: medium)",
+ )
+
+ parser.add_argument(
+ "--refresh",
+ "-r",
+ action="store_true",
+ help="Force regeneration even if personas exist",
+ )
+
+ parser.add_argument(
+ "--research",
+ action="store_true",
+ help="Enable web research enrichment phase",
+ )
+
+ # Single persona enrichment arguments
+ parser.add_argument(
+ "--enrich-new",
+ action="store_true",
+ help="Enrich a new persona from minimal input (requires --role and --description)",
+ )
+
+ parser.add_argument(
+ "--enrich-existing",
+ action="store_true",
+ help="Enrich an existing persona with AI research (requires --persona-id)",
+ )
+
+ parser.add_argument(
+ "--role",
+ type=str,
+ help="Role/title for new persona (required with --enrich-new)",
+ )
+
+ parser.add_argument(
+ "--description",
+ type=str,
+ help="Description for new persona (required with --enrich-new)",
+ )
+
+ parser.add_argument(
+ "--persona-type",
+ type=str,
+ default="secondary",
+ choices=["primary", "secondary", "edge-case"],
+ help="Type of persona (default: secondary)",
+ )
+
+ parser.add_argument(
+ "--primary-goal",
+ type=str,
+ help="Primary goal for the persona (optional)",
+ )
+
+ parser.add_argument(
+ "--experience-level",
+ type=str,
+ choices=["junior", "mid", "senior", "lead", "executive"],
+ help="Experience level (optional)",
+ )
+
+ parser.add_argument(
+ "--industry",
+ type=str,
+ help="Industry context (optional)",
+ )
+
+ parser.add_argument(
+ "--persona-id",
+ type=str,
+ help="ID of existing persona to enrich (required with --enrich-existing)",
+ )
+
+ return parser.parse_args()
+
+
+async def run_enrich_new(args, project_dir: Path, output_dir: Path) -> bool:
+ """Enrich a new persona from minimal input."""
+ if not args.role:
+ print("Error: --role is required with --enrich-new")
+ return False
+ if not args.description:
+ print("Error: --description is required with --enrich-new")
+ return False
+
+ print(f"ENRICHMENT_PHASE:researching")
+ print(f"Creating AI-enriched persona for: {args.role}")
+
+ # Create the enricher (we need an agent executor which we'll get from orchestrator)
+ # The orchestrator initializes the agent_executor in its __init__
+ orchestrator = PersonaOrchestrator(
+ project_dir=project_dir,
+ output_dir=output_dir,
+ model=args.model,
+ thinking_level=args.thinking_level,
+ refresh=False,
+ enable_research=True, # Always use research for enrichment
+ )
+
+ enricher = SinglePersonaEnricher(
+ output_dir=output_dir or project_dir / ".auto-claude" / "personas",
+ agent_executor=orchestrator.agent_executor,
+ )
+
+ input_data = PersonaEnrichmentInput(
+ role=args.role,
+ description=args.description,
+ persona_type=args.persona_type,
+ primary_goal=args.primary_goal,
+ experience_level=args.experience_level,
+ industry=args.industry,
+ )
+
+ print(f"ENRICHMENT_PHASE:generating")
+ result = await enricher.enrich_new_persona(input_data)
+
+ if result.success and result.persona:
+ # Output the result as JSON for the frontend to parse
+ print(f"ENRICHMENT_COMPLETE:{json.dumps(result.persona)}")
+ return True
+ else:
+ print(f"ENRICHMENT_ERROR:{result.error or 'Unknown error'}")
+ return False
+
+
+async def run_enrich_existing(args, project_dir: Path, output_dir: Path) -> bool:
+ """Enrich an existing persona with AI research."""
+ if not args.persona_id:
+ print("Error: --persona-id is required with --enrich-existing")
+ return False
+
+ # Load the existing persona from the personas file
+ personas_file = (output_dir or project_dir / ".auto-claude" / "personas") / "personas.json"
+ if not personas_file.exists():
+ print(f"Error: Personas file not found: {personas_file}")
+ return False
+
+ try:
+ with open(personas_file) as f:
+ data = json.load(f)
+ personas = data.get("personas", [])
+ persona = next((p for p in personas if p.get("id") == args.persona_id), None)
+ if not persona:
+ print(f"Error: Persona not found: {args.persona_id}")
+ return False
+ except json.JSONDecodeError as e:
+ print(f"Error: Invalid personas file: {e}")
+ return False
+
+ print(f"ENRICHMENT_PHASE:researching")
+ print(f"Enriching persona: {persona.get('name', args.persona_id)}")
+
+ # Create the enricher
+ # The orchestrator initializes the agent_executor in its __init__
+ orchestrator = PersonaOrchestrator(
+ project_dir=project_dir,
+ output_dir=output_dir,
+ model=args.model,
+ thinking_level=args.thinking_level,
+ refresh=False,
+ enable_research=True,
+ )
+
+ enricher = SinglePersonaEnricher(
+ output_dir=output_dir or project_dir / ".auto-claude" / "personas",
+ agent_executor=orchestrator.agent_executor,
+ )
+
+ print(f"ENRICHMENT_PHASE:generating")
+ result = await enricher.enrich_existing_persona(persona)
+
+ if result.success and result.persona:
+ # Update the persona in the file
+ for i, p in enumerate(personas):
+ if p.get("id") == args.persona_id:
+ personas[i] = result.persona
+ break
+
+ data["personas"] = personas
+ with open(personas_file, "w") as f:
+ json.dump(data, f, indent=2)
+
+ print(f"ENRICHMENT_COMPLETE:{json.dumps(result.persona)}")
+ return True
+ else:
+ print(f"ENRICHMENT_ERROR:{result.error or 'Unknown error'}")
+ return False
+
+
+async def main():
+ """Main entry point."""
+ args = parse_args()
+
+ project_dir = Path(args.project).resolve()
+ if not project_dir.exists():
+ print(f"Error: Project directory not found: {project_dir}")
+ sys.exit(1)
+
+ output_dir = Path(args.output).resolve() if args.output else None
+
+ # Handle enrichment modes
+ if args.enrich_new:
+ success = await run_enrich_new(args, project_dir, output_dir)
+ sys.exit(0 if success else 1)
+
+ if args.enrich_existing:
+ success = await run_enrich_existing(args, project_dir, output_dir)
+ sys.exit(0 if success else 1)
+
+ # Standard persona generation
+ orchestrator = PersonaOrchestrator(
+ project_dir=project_dir,
+ output_dir=output_dir,
+ model=args.model,
+ thinking_level=args.thinking_level,
+ refresh=args.refresh,
+ enable_research=args.research,
+ )
+
+ success = await orchestrator.run()
+
+ if success:
+ print("\n✓ Persona generation completed successfully")
+ sys.exit(0)
+ else:
+ print("\n✗ Persona generation failed")
+ sys.exit(1)
+
+
+if __name__ == "__main__":
+ asyncio.run(main())
diff --git a/apps/backend/runners/personas/__init__.py b/apps/backend/runners/personas/__init__.py
new file mode 100644
index 0000000000..4bfeca894c
--- /dev/null
+++ b/apps/backend/runners/personas/__init__.py
@@ -0,0 +1,12 @@
+"""
+Persona Generation Package
+==========================
+
+This package provides AI-powered persona generation for projects.
+It orchestrates multiple phases to analyze projects and generate user personas.
+"""
+
+from .models import PersonaConfig, PersonaPhaseResult
+from .orchestrator import PersonaOrchestrator
+
+__all__ = ["PersonaConfig", "PersonaPhaseResult", "PersonaOrchestrator"]
diff --git a/apps/backend/runners/personas/executor.py b/apps/backend/runners/personas/executor.py
new file mode 100644
index 0000000000..50ec44f01d
--- /dev/null
+++ b/apps/backend/runners/personas/executor.py
@@ -0,0 +1,172 @@
+"""
+Execution layer for agents and scripts in the persona generation process.
+"""
+
+import subprocess
+import sys
+from pathlib import Path
+
+from debug import debug, debug_detailed, debug_error, debug_success
+
+
+class ScriptExecutor:
+ """Executes Python scripts with proper error handling and output capture."""
+
+ def __init__(self, project_dir: Path):
+ self.project_dir = project_dir
+ # Go up from personas/ -> runners/ -> backend/
+ self.scripts_base_dir = Path(__file__).parent.parent.parent
+
+ def run_script(self, script: str, args: list[str]) -> tuple[bool, str]:
+ """Run a Python script and return (success, output)."""
+ script_path = self.scripts_base_dir / script
+
+ debug_detailed(
+ "persona_executor",
+ f"Running script: {script}",
+ script_path=str(script_path),
+ args=args,
+ )
+
+ if not script_path.exists():
+ debug_error("persona_executor", f"Script not found: {script_path}")
+ return False, f"Script not found: {script_path}"
+
+ cmd = [sys.executable, str(script_path)] + args
+
+ try:
+ result = subprocess.run(
+ cmd,
+ cwd=self.project_dir,
+ capture_output=True,
+ text=True,
+ timeout=300,
+ )
+
+ if result.returncode == 0:
+ debug_success("persona_executor", f"Script completed: {script}")
+ return True, result.stdout
+ else:
+ debug_error(
+ "persona_executor",
+ f"Script failed: {script}",
+ returncode=result.returncode,
+ stderr=result.stderr[:500] if result.stderr else None,
+ )
+ return False, result.stderr or result.stdout
+
+ except subprocess.TimeoutExpired:
+ debug_error("persona_executor", f"Script timed out: {script}")
+ return False, "Script timed out"
+ except Exception as e:
+ debug_error("persona_executor", f"Script exception: {script}", error=str(e))
+ return False, str(e)
+
+
+class AgentExecutor:
+ """Executes Claude AI agents with specific prompts."""
+
+ def __init__(
+ self,
+ project_dir: Path,
+ output_dir: Path,
+ model: str,
+ create_client_func,
+ thinking_budget: int | None = None,
+ ):
+ self.project_dir = project_dir
+ self.output_dir = output_dir
+ self.model = model
+ self.create_client = create_client_func
+ self.thinking_budget = thinking_budget
+ # Go up from personas/ -> runners/ -> backend/prompts/
+ self.prompts_dir = Path(__file__).parent.parent.parent / "prompts"
+
+ async def run_agent(
+ self,
+ prompt_file: str,
+ additional_context: str = "",
+ ) -> tuple[bool, str]:
+ """Run an agent with the given prompt."""
+ prompt_path = self.prompts_dir / prompt_file
+
+ debug_detailed(
+ "persona_executor",
+ f"Running agent with prompt: {prompt_file}",
+ prompt_path=str(prompt_path),
+ model=self.model,
+ )
+
+ if not prompt_path.exists():
+ debug_error("persona_executor", f"Prompt file not found: {prompt_path}")
+ return False, f"Prompt not found: {prompt_path}"
+
+ # Load prompt
+ prompt = prompt_path.read_text()
+ debug_detailed(
+ "persona_executor", "Loaded prompt file", prompt_length=len(prompt)
+ )
+
+ # Add context
+ prompt += f"\n\n---\n\n**Output Directory**: {self.output_dir}\n"
+ prompt += f"**Project Directory**: {self.project_dir}\n"
+
+ if additional_context:
+ prompt += f"\n{additional_context}\n"
+ debug_detailed(
+ "persona_executor",
+ "Added additional context",
+ context_length=len(additional_context),
+ )
+
+ # Create client with thinking budget
+ debug(
+ "persona_executor",
+ "Creating Claude client",
+ project_dir=str(self.project_dir),
+ model=self.model,
+ thinking_budget=self.thinking_budget,
+ )
+ client = self.create_client(
+ self.project_dir,
+ self.output_dir,
+ self.model,
+ max_thinking_tokens=self.thinking_budget,
+ )
+
+ try:
+ async with client:
+ debug("persona_executor", "Sending query to agent")
+ await client.query(prompt)
+
+ response_text = ""
+ async for msg in client.receive_response():
+ msg_type = type(msg).__name__
+
+ if msg_type == "AssistantMessage" and hasattr(msg, "content"):
+ for block in msg.content:
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
+ response_text += block.text
+ print(block.text, end="", flush=True)
+ elif block_type == "ToolUseBlock" and hasattr(
+ block, "name"
+ ):
+ debug_detailed(
+ "persona_executor", f"Tool called: {block.name}"
+ )
+ print(f"\n[Tool: {block.name}]", flush=True)
+
+ print()
+ debug_success(
+ "persona_executor",
+ f"Agent completed: {prompt_file}",
+ response_length=len(response_text),
+ )
+ return True, response_text
+
+ except Exception as e:
+ debug_error(
+ "persona_executor", f"Agent failed: {prompt_file}", error=str(e)
+ )
+ return False, str(e)
diff --git a/apps/backend/runners/personas/graph_integration.py b/apps/backend/runners/personas/graph_integration.py
new file mode 100644
index 0000000000..8106efc807
--- /dev/null
+++ b/apps/backend/runners/personas/graph_integration.py
@@ -0,0 +1,122 @@
+"""
+Graphiti integration for retrieving graph hints during persona generation.
+"""
+
+import json
+from datetime import datetime
+from pathlib import Path
+
+from debug import debug, debug_error, debug_success
+from graphiti_providers import get_graph_hints, is_graphiti_enabled
+from ui import print_status
+
+from .models import PersonaPhaseResult
+
+
+class GraphHintsProvider:
+ """Provides graph-based hints for persona generation using Graphiti."""
+
+ def __init__(self, output_dir: Path, project_dir: Path, refresh: bool = False):
+ self.output_dir = output_dir
+ self.project_dir = project_dir
+ self.refresh = refresh
+ self.hints_file = output_dir / "graph_hints.json"
+
+ async def retrieve_hints(self) -> PersonaPhaseResult:
+ """Retrieve graph hints for persona generation from Graphiti (if enabled).
+
+ This is a lightweight integration - hints are optional and cached.
+ """
+ debug("persona_graph", "Starting graph hints retrieval")
+
+ if self.hints_file.exists() and not self.refresh:
+ debug(
+ "persona_graph",
+ "graph_hints.json already exists, skipping",
+ hints_file=str(self.hints_file),
+ )
+ print_status("graph_hints.json already exists", "success")
+ return PersonaPhaseResult(
+ "graph_hints", True, [str(self.hints_file)], [], 0
+ )
+
+ if not is_graphiti_enabled():
+ debug("persona_graph", "Graphiti not enabled, creating placeholder")
+ print_status("Graphiti not enabled, skipping graph hints", "info")
+ self._create_disabled_hints_file()
+ return PersonaPhaseResult(
+ "graph_hints", True, [str(self.hints_file)], [], 0
+ )
+
+ debug("persona_graph", "Querying Graphiti for persona insights")
+ print_status("Querying Graphiti for persona insights...", "progress")
+
+ try:
+ hints = await get_graph_hints(
+ query="user personas target audience user types customer segments pain points goals",
+ project_id=str(self.project_dir),
+ max_results=10,
+ )
+
+ debug_success("persona_graph", f"Retrieved {len(hints)} graph hints")
+
+ self._save_hints(hints)
+
+ if hints:
+ print_status(f"Retrieved {len(hints)} graph hints", "success")
+ else:
+ print_status("No relevant graph hints found", "info")
+
+ return PersonaPhaseResult(
+ "graph_hints", True, [str(self.hints_file)], [], 0
+ )
+
+ except Exception as e:
+ debug_error("persona_graph", "Graph query failed", error=str(e))
+ print_status(f"Graph query failed: {e}", "warning")
+ self._save_error_hints(str(e))
+ return PersonaPhaseResult(
+ "graph_hints", True, [str(self.hints_file)], [str(e)], 0
+ )
+
+ def _create_disabled_hints_file(self):
+ """Create a hints file indicating Graphiti is disabled."""
+ with open(self.hints_file, "w") as f:
+ json.dump(
+ {
+ "enabled": False,
+ "reason": "Graphiti not configured",
+ "hints": [],
+ "created_at": datetime.now().isoformat(),
+ },
+ f,
+ indent=2,
+ )
+
+ def _save_hints(self, hints: list):
+ """Save retrieved hints to file."""
+ with open(self.hints_file, "w") as f:
+ json.dump(
+ {
+ "enabled": True,
+ "hints": hints,
+ "hint_count": len(hints),
+ "created_at": datetime.now().isoformat(),
+ },
+ f,
+ indent=2,
+ )
+
+ def _save_error_hints(self, error: str):
+ """Save error information to hints file."""
+ with open(self.hints_file, "w") as f:
+ json.dump(
+ {
+ "enabled": True,
+ "error": error,
+ "hints": [],
+ "created_at": datetime.now().isoformat(),
+ },
+ f,
+ indent=2,
+ )
diff --git a/apps/backend/runners/personas/models.py b/apps/backend/runners/personas/models.py
new file mode 100644
index 0000000000..26398cdad6
--- /dev/null
+++ b/apps/backend/runners/personas/models.py
@@ -0,0 +1,29 @@
+"""
+Data models for persona generation.
+"""
+
+from dataclasses import dataclass
+from pathlib import Path
+
+
+@dataclass
+class PersonaPhaseResult:
+ """Result of a persona phase execution."""
+
+ phase: str
+ success: bool
+ output_files: list[str]
+ errors: list[str]
+ retries: int
+
+
+@dataclass
+class PersonaConfig:
+ """Configuration for persona generation."""
+
+ project_dir: Path
+ output_dir: Path
+ model: str = "sonnet"
+ thinking_level: str = "medium"
+ refresh: bool = False # Force regeneration even if personas exist
+ enable_research: bool = False # Enable web research enrichment phase
diff --git a/apps/backend/runners/personas/orchestrator.py b/apps/backend/runners/personas/orchestrator.py
new file mode 100644
index 0000000000..46d2f2599c
--- /dev/null
+++ b/apps/backend/runners/personas/orchestrator.py
@@ -0,0 +1,243 @@
+"""
+Persona generation orchestrator.
+
+Coordinates all phases of the persona generation process.
+"""
+
+import asyncio
+import json
+from pathlib import Path
+
+from client import create_client
+from debug import debug, debug_error, debug_section, debug_success
+from init import init_auto_claude_dir
+from phase_config import get_thinking_budget
+from ui import Icons, box, icon, muted, print_section, print_status
+
+from .executor import AgentExecutor, ScriptExecutor
+from .graph_integration import GraphHintsProvider
+from .phases import DiscoveryPhase, GenerationPhase, ProjectIndexPhase, ResearchPhase
+
+
+class PersonaOrchestrator:
+ """Orchestrates the persona creation process."""
+
+ def __init__(
+ self,
+ project_dir: Path,
+ output_dir: Path | None = None,
+ model: str = "sonnet",
+ thinking_level: str = "medium",
+ refresh: bool = False,
+ enable_research: bool = False,
+ ):
+ self.project_dir = Path(project_dir)
+ self.model = model
+ self.thinking_level = thinking_level
+ self.thinking_budget = get_thinking_budget(thinking_level)
+ self.refresh = refresh
+ self.enable_research = enable_research
+
+ # Default output to project's .auto-claude directory (installed instance)
+ # Note: auto-claude/ is source code, .auto-claude/ is the installed instance
+ if output_dir:
+ self.output_dir = Path(output_dir)
+ else:
+ # Initialize .auto-claude directory and ensure it's in .gitignore
+ init_auto_claude_dir(self.project_dir)
+ self.output_dir = self.project_dir / ".auto-claude" / "personas"
+
+ self.output_dir.mkdir(parents=True, exist_ok=True)
+
+ # Initialize executors
+ self.script_executor = ScriptExecutor(self.project_dir)
+ self.agent_executor = AgentExecutor(
+ self.project_dir,
+ self.output_dir,
+ self.model,
+ create_client,
+ self.thinking_budget,
+ )
+
+ # Initialize phase handlers
+ self.graph_hints_provider = GraphHintsProvider(
+ self.output_dir, self.project_dir, self.refresh
+ )
+ self.project_index_phase = ProjectIndexPhase(
+ self.output_dir, self.refresh, self.script_executor
+ )
+ self.discovery_phase = DiscoveryPhase(
+ self.output_dir, self.refresh, self.agent_executor
+ )
+ self.research_phase = ResearchPhase(
+ self.output_dir, self.refresh, self.agent_executor
+ )
+ self.generation_phase = GenerationPhase(
+ self.output_dir, self.refresh, self.agent_executor
+ )
+
+ debug_section("persona_orchestrator", "Persona Orchestrator Initialized")
+ debug(
+ "persona_orchestrator",
+ "Configuration",
+ project_dir=str(self.project_dir),
+ output_dir=str(self.output_dir),
+ model=self.model,
+ refresh=self.refresh,
+ enable_research=self.enable_research,
+ )
+
+ async def run(self) -> bool:
+ """Run the complete persona generation process."""
+ debug_section("persona_orchestrator", "Starting Persona Generation")
+ debug(
+ "persona_orchestrator",
+ "Run configuration",
+ project_dir=str(self.project_dir),
+ output_dir=str(self.output_dir),
+ model=self.model,
+ refresh=self.refresh,
+ enable_research=self.enable_research,
+ )
+
+ print(
+ box(
+ f"Project: {self.project_dir}\n"
+ f"Output: {self.output_dir}\n"
+ f"Model: {self.model}\n"
+ f"Web Research: {'enabled' if self.enable_research else 'disabled'}",
+ title="PERSONA GENERATOR",
+ style="heavy",
+ )
+ )
+ results = []
+
+ # Phase 1: Project Index & Graph Hints (in parallel)
+ debug(
+ "persona_orchestrator",
+ "Starting Phase 1: Project Analysis & Graph Hints (parallel)",
+ )
+ print_section("PHASE 1: PROJECT ANALYSIS & GRAPH HINTS", Icons.FOLDER)
+
+ # Run project index and graph hints in parallel
+ index_task = self.project_index_phase.execute()
+ hints_task = self.graph_hints_provider.retrieve_hints()
+ index_result, hints_result = await asyncio.gather(index_task, hints_task)
+
+ results.append(index_result)
+ results.append(hints_result)
+
+ debug(
+ "persona_orchestrator",
+ "Phase 1 complete",
+ index_success=index_result.success,
+ hints_success=hints_result.success,
+ )
+
+ if not index_result.success:
+ debug_error(
+ "persona_orchestrator",
+ "Project analysis failed - aborting persona generation",
+ )
+ print_status("Project analysis failed", "error")
+ return False
+ # Note: hints_result.success is always True (graceful degradation)
+
+ # Phase 2: Discovery
+ debug("persona_orchestrator", "Starting Phase 2: User Type Discovery")
+ print_section("PHASE 2: USER TYPE DISCOVERY", Icons.SEARCH)
+ result = await self.discovery_phase.execute()
+ results.append(result)
+ if not result.success:
+ debug_error(
+ "persona_orchestrator",
+ "Discovery failed - aborting persona generation",
+ errors=result.errors,
+ )
+ print_status("Discovery failed", "error")
+ for err in result.errors:
+ print(f" {muted('Error:')} {err}")
+ return False
+ debug_success("persona_orchestrator", "Phase 2 complete")
+
+ # Phase 3: Research (optional, graceful degradation)
+ debug("persona_orchestrator", "Starting Phase 3: Research (optional)")
+ print_section("PHASE 3: WEB RESEARCH (OPTIONAL)", Icons.SEARCH)
+ research_result = await self.research_phase.execute(enabled=self.enable_research)
+ results.append(research_result)
+ # Note: research_result.success is always True (graceful degradation)
+
+ # Phase 4: Persona Generation
+ debug("persona_orchestrator", "Starting Phase 4: Persona Generation")
+ print_section("PHASE 4: PERSONA GENERATION", Icons.SUBTASK)
+ result = await self.generation_phase.execute()
+ results.append(result)
+ if not result.success:
+ debug_error(
+ "persona_orchestrator",
+ "Persona generation failed - aborting",
+ errors=result.errors,
+ )
+ print_status("Persona generation failed", "error")
+ for err in result.errors:
+ print(f" {muted('Error:')} {err}")
+ return False
+ debug_success("persona_orchestrator", "Phase 4 complete")
+
+ # Summary
+ self._print_summary()
+ return True
+
+ def _print_summary(self):
+ """Print the final persona generation summary."""
+ personas_file = self.output_dir / "personas.json"
+ if not personas_file.exists():
+ return
+
+ with open(personas_file) as f:
+ personas_data = json.load(f)
+
+ personas = personas_data.get("personas", [])
+ metadata = personas_data.get("metadata", {})
+
+ # Count by type
+ type_counts = {}
+ for p in personas:
+ t = p.get("type", "unknown")
+ type_counts[t] = type_counts.get(t, 0) + 1
+
+ # Count goals and pain points
+ total_goals = sum(len(p.get("goals", [])) for p in personas)
+ total_pain_points = sum(len(p.get("painPoints", [])) for p in personas)
+
+ debug_success(
+ "persona_orchestrator",
+ "Persona generation complete",
+ persona_count=len(personas),
+ type_breakdown=type_counts,
+ total_goals=total_goals,
+ total_pain_points=total_pain_points,
+ )
+
+ # Build persona list for display
+ persona_list = "\n".join(
+ f" {icon(Icons.ARROW_RIGHT)} {p.get('name', 'Unknown')} ({p.get('type', 'unknown')})"
+ for p in personas
+ )
+
+ print(
+ box(
+ f"Personas Generated: {len(personas)}\n\n"
+ f"Personas:\n{persona_list}\n\n"
+ f"Type breakdown:\n"
+ + "\n".join(
+ f" {icon(Icons.ARROW_RIGHT)} {t.upper()}: {c}"
+ for t, c in type_counts.items()
+ )
+ + f"\n\nGoals: {total_goals} | Pain Points: {total_pain_points}"
+ + f"\nResearch Enriched: {'Yes' if metadata.get('researchEnriched') else 'No'}"
+ + f"\n\nPersonas saved to: {personas_file}",
+ title=f"{icon(Icons.SUCCESS)} PERSONAS GENERATED",
+ style="heavy",
+ )
+ )
diff --git a/apps/backend/runners/personas/phases.py b/apps/backend/runners/personas/phases.py
new file mode 100644
index 0000000000..70088d8af0
--- /dev/null
+++ b/apps/backend/runners/personas/phases.py
@@ -0,0 +1,533 @@
+"""
+Core phases for persona generation.
+"""
+
+import json
+import shutil
+from pathlib import Path
+from typing import TYPE_CHECKING
+
+from debug import (
+ debug,
+ debug_detailed,
+ debug_error,
+ debug_success,
+ debug_warning,
+)
+from ui import print_status
+
+from .models import PersonaPhaseResult
+
+if TYPE_CHECKING:
+ from .executor import AgentExecutor, ScriptExecutor
+
+MAX_RETRIES = 3
+
+
+class ProjectIndexPhase:
+ """Handles project index creation and validation."""
+
+ def __init__(
+ self,
+ output_dir: Path,
+ refresh: bool,
+ script_executor: "ScriptExecutor",
+ ):
+ self.output_dir = output_dir
+ self.refresh = refresh
+ self.script_executor = script_executor
+ self.project_index = output_dir / "project_index.json"
+ # Check for existing index in roadmap directory
+ self.roadmap_index = output_dir.parent / "roadmap" / "project_index.json"
+
+ async def execute(self) -> PersonaPhaseResult:
+ """Ensure project index exists."""
+ debug("persona_phase", "Starting phase: project_index")
+
+ debug_detailed(
+ "persona_phase",
+ "Checking for existing project index",
+ project_index=str(self.project_index),
+ roadmap_index=str(self.roadmap_index),
+ )
+
+ # Check if we can copy existing index from roadmap
+ if self.roadmap_index.exists() and not self.project_index.exists():
+ debug(
+ "persona_phase", "Copying existing project_index.json from roadmap"
+ )
+ shutil.copy(self.roadmap_index, self.project_index)
+ print_status("Copied existing project_index.json from roadmap", "success")
+ debug_success("persona_phase", "Project index copied successfully")
+ return PersonaPhaseResult(
+ "project_index", True, [str(self.project_index)], [], 0
+ )
+
+ if self.project_index.exists() and not self.refresh:
+ debug("persona_phase", "project_index.json already exists, skipping")
+ print_status("project_index.json already exists", "success")
+ return PersonaPhaseResult(
+ "project_index", True, [str(self.project_index)], [], 0
+ )
+
+ # Run analyzer
+ debug("persona_phase", "Running project analyzer to create index")
+ print_status("Running project analyzer...", "progress")
+ success, output = self.script_executor.run_script(
+ "analyzer.py", ["--output", str(self.project_index)]
+ )
+
+ if success and self.project_index.exists():
+ debug_success("persona_phase", "Created project_index.json")
+ print_status("Created project_index.json", "success")
+ return PersonaPhaseResult(
+ "project_index", True, [str(self.project_index)], [], 0
+ )
+
+ debug_error(
+ "persona_phase",
+ "Failed to create project index",
+ output=output[:500] if output else None,
+ )
+ return PersonaPhaseResult("project_index", False, [], [output], 1)
+
+
+class DiscoveryPhase:
+ """Handles user type discovery from project analysis."""
+
+ def __init__(
+ self,
+ output_dir: Path,
+ refresh: bool,
+ agent_executor: "AgentExecutor",
+ ):
+ self.output_dir = output_dir
+ self.refresh = refresh
+ self.agent_executor = agent_executor
+ self.discovery_file = output_dir / "persona_discovery.json"
+ self.project_index_file = output_dir / "project_index.json"
+ # Check for roadmap discovery to sync
+ self.roadmap_discovery = output_dir.parent / "roadmap" / "roadmap_discovery.json"
+
+ async def execute(self) -> PersonaPhaseResult:
+ """Run discovery phase to identify user types."""
+ debug("persona_phase", "Starting phase: discovery")
+
+ if self.discovery_file.exists() and not self.refresh:
+ debug("persona_phase", "persona_discovery.json already exists, skipping")
+ print_status("persona_discovery.json already exists", "success")
+ return PersonaPhaseResult(
+ "discovery", True, [str(self.discovery_file)], [], 0
+ )
+
+ errors = []
+ for attempt in range(MAX_RETRIES):
+ debug("persona_phase", f"Discovery attempt {attempt + 1}/{MAX_RETRIES}")
+ print_status(
+ f"Running persona discovery agent (attempt {attempt + 1})...", "progress"
+ )
+
+ context = self._build_context()
+ success, output = await self.agent_executor.run_agent(
+ "persona_discovery.md",
+ additional_context=context,
+ )
+
+ if success and self.discovery_file.exists():
+ validation_result = self._validate_discovery(attempt)
+ if validation_result is not None:
+ return validation_result
+ errors.append(f"Validation failed on attempt {attempt + 1}")
+ else:
+ debug_warning(
+ "persona_phase",
+ f"Discovery attempt {attempt + 1} failed - file not created",
+ )
+ errors.append(
+ f"Attempt {attempt + 1}: Agent did not create discovery file"
+ )
+
+ debug_error(
+ "persona_phase", "Discovery phase failed after all retries", errors=errors
+ )
+ return PersonaPhaseResult("discovery", False, [], errors, MAX_RETRIES)
+
+ def _build_context(self) -> str:
+ """Build context string for the discovery agent."""
+ context = f"""
+**Project Index**: {self.project_index_file}
+**Output Directory**: {self.output_dir}
+**Output File**: {self.discovery_file}
+
+IMPORTANT: This runs NON-INTERACTIVELY. Do NOT ask questions or wait for user input.
+
+Your task:
+1. Analyze the project (read README, code structure, git history)
+2. Identify distinct user types that would use this software
+3. IMMEDIATELY create {self.discovery_file} with identified user types
+"""
+ # Add roadmap context if available
+ if self.roadmap_discovery.exists():
+ context += f"""
+**Roadmap Discovery Available**: {self.roadmap_discovery}
+Sync with roadmap target_audience if available.
+"""
+ else:
+ context += "\n**Roadmap Discovery**: Not available\n"
+
+ context += "\nDo NOT ask questions. Make educated inferences and create the file.\n"
+ return context
+
+ def _validate_discovery(self, attempt: int) -> PersonaPhaseResult | None:
+ """Validate the discovery file.
+
+ Returns PersonaPhaseResult if validation succeeds, None otherwise.
+ """
+ try:
+ with open(self.discovery_file) as f:
+ data = json.load(f)
+
+ required = ["project_name", "identified_user_types"]
+ missing = [k for k in required if k not in data]
+
+ user_types = data.get("identified_user_types", [])
+ if not user_types:
+ missing.append("identified_user_types (empty)")
+
+ if not missing:
+ debug_success(
+ "persona_phase",
+ "Created valid persona_discovery.json",
+ attempt=attempt + 1,
+ user_type_count=len(user_types),
+ )
+ print_status(
+ f"Created valid persona_discovery.json with {len(user_types)} user types",
+ "success",
+ )
+ return PersonaPhaseResult(
+ "discovery", True, [str(self.discovery_file)], [], attempt
+ )
+ else:
+ debug_warning("persona_phase", f"Missing required fields: {missing}")
+ return None
+
+ except json.JSONDecodeError as e:
+ debug_error("persona_phase", "Invalid JSON in discovery file", error=str(e))
+ return None
+
+
+class ResearchPhase:
+ """Handles optional web research enrichment of personas."""
+
+ def __init__(
+ self,
+ output_dir: Path,
+ refresh: bool,
+ agent_executor: "AgentExecutor",
+ ):
+ self.output_dir = output_dir
+ self.refresh = refresh
+ self.agent_executor = agent_executor
+ self.research_file = output_dir / "research_results.json"
+ self.discovery_file = output_dir / "persona_discovery.json"
+
+ async def execute(self, enabled: bool = False) -> PersonaPhaseResult:
+ """Run research phase to enrich personas with web insights."""
+ debug("persona_phase", "Starting phase: research", enabled=enabled)
+
+ if not enabled:
+ debug("persona_phase", "Research phase disabled, skipping")
+ print_status("Web research disabled, skipping", "info")
+ self._create_disabled_research_file()
+ return PersonaPhaseResult(
+ "research", True, [str(self.research_file)], [], 0
+ )
+
+ if not self.discovery_file.exists():
+ debug_error(
+ "persona_phase",
+ "Discovery file not found - cannot run research",
+ discovery_file=str(self.discovery_file),
+ )
+ return PersonaPhaseResult(
+ "research", False, [], ["Discovery file not found"], 0
+ )
+
+ if self.research_file.exists() and not self.refresh:
+ debug("persona_phase", "research_results.json already exists, skipping")
+ print_status("research_results.json already exists", "success")
+ return PersonaPhaseResult(
+ "research", True, [str(self.research_file)], [], 0
+ )
+
+ errors = []
+ for attempt in range(MAX_RETRIES):
+ debug("persona_phase", f"Research attempt {attempt + 1}/{MAX_RETRIES}")
+ print_status(
+ f"Running persona research agent (attempt {attempt + 1})...", "progress"
+ )
+
+ context = self._build_context()
+ success, output = await self.agent_executor.run_agent(
+ "persona_research.md",
+ additional_context=context,
+ )
+
+ if success and self.research_file.exists():
+ validation_result = self._validate_research(attempt)
+ if validation_result is not None:
+ return validation_result
+ errors.append(f"Validation failed on attempt {attempt + 1}")
+ else:
+ debug_warning(
+ "persona_phase",
+ f"Research attempt {attempt + 1} failed - file not created",
+ )
+ errors.append(
+ f"Attempt {attempt + 1}: Agent did not create research file"
+ )
+
+ # Research is optional - graceful degradation
+ debug_warning(
+ "persona_phase",
+ "Research phase failed, creating fallback file",
+ errors=errors,
+ )
+ print_status("Research failed, proceeding without enrichment", "warning")
+ self._create_fallback_research_file(errors)
+ return PersonaPhaseResult(
+ "research", True, [str(self.research_file)], errors, MAX_RETRIES
+ )
+
+ def _build_context(self) -> str:
+ """Build context string for the research agent."""
+ return f"""
+**Discovery File**: {self.discovery_file}
+**Output Directory**: {self.output_dir}
+**Output File**: {self.research_file}
+
+Your task:
+1. Read persona_discovery.json to understand identified user types
+2. Conduct web research to enrich each user type
+3. IMMEDIATELY create {self.research_file} with research results
+
+Do NOT ask questions. Conduct research and create the file.
+"""
+
+ def _validate_research(self, attempt: int) -> PersonaPhaseResult | None:
+ """Validate the research file.
+
+ Returns PersonaPhaseResult if validation succeeds, None otherwise.
+ """
+ try:
+ with open(self.research_file) as f:
+ data = json.load(f)
+
+ required = ["research_completed_at", "user_type_enrichments"]
+ missing = [k for k in required if k not in data]
+
+ if not missing:
+ enrichment_count = len(data.get("user_type_enrichments", []))
+ debug_success(
+ "persona_phase",
+ "Created valid research_results.json",
+ attempt=attempt + 1,
+ enrichment_count=enrichment_count,
+ )
+ print_status(
+ f"Created valid research_results.json with {enrichment_count} enrichments",
+ "success",
+ )
+ return PersonaPhaseResult(
+ "research", True, [str(self.research_file)], [], attempt
+ )
+ else:
+ debug_warning("persona_phase", f"Missing required fields: {missing}")
+ return None
+
+ except json.JSONDecodeError as e:
+ debug_error("persona_phase", "Invalid JSON in research file", error=str(e))
+ return None
+
+ def _create_disabled_research_file(self):
+ """Create a research file indicating research was disabled."""
+ from datetime import datetime
+
+ with open(self.research_file, "w") as f:
+ json.dump(
+ {
+ "research_completed_at": datetime.now().isoformat(),
+ "user_type_enrichments": [],
+ "market_context": None,
+ "research_sources": [],
+ "research_limitations": ["Research phase was disabled by user"],
+ },
+ f,
+ indent=2,
+ )
+
+ def _create_fallback_research_file(self, errors: list[str]):
+ """Create a fallback research file on failure."""
+ from datetime import datetime
+
+ with open(self.research_file, "w") as f:
+ json.dump(
+ {
+ "research_completed_at": datetime.now().isoformat(),
+ "user_type_enrichments": [],
+ "market_context": None,
+ "research_sources": [],
+ "research_limitations": [
+ "Research phase failed - proceeding without enrichment"
+ ]
+ + errors,
+ },
+ f,
+ indent=2,
+ )
+
+
+class GenerationPhase:
+ """Handles persona generation from discovery and research data."""
+
+ def __init__(
+ self,
+ output_dir: Path,
+ refresh: bool,
+ agent_executor: "AgentExecutor",
+ ):
+ self.output_dir = output_dir
+ self.refresh = refresh
+ self.agent_executor = agent_executor
+ self.personas_file = output_dir / "personas.json"
+ self.discovery_file = output_dir / "persona_discovery.json"
+ self.research_file = output_dir / "research_results.json"
+
+ async def execute(self) -> PersonaPhaseResult:
+ """Generate detailed personas from discovery and research data."""
+ debug("persona_phase", "Starting phase: generation")
+
+ if not self.discovery_file.exists():
+ debug_error(
+ "persona_phase",
+ "Discovery file not found - cannot generate personas",
+ discovery_file=str(self.discovery_file),
+ )
+ return PersonaPhaseResult(
+ "generation", False, [], ["Discovery file not found"], 0
+ )
+
+ if self.personas_file.exists() and not self.refresh:
+ debug("persona_phase", "personas.json already exists, skipping")
+ print_status("personas.json already exists", "success")
+ return PersonaPhaseResult(
+ "generation", True, [str(self.personas_file)], [], 0
+ )
+
+ errors = []
+ for attempt in range(MAX_RETRIES):
+ debug("persona_phase", f"Generation attempt {attempt + 1}/{MAX_RETRIES}")
+ print_status(
+ f"Running persona generation agent (attempt {attempt + 1})...",
+ "progress",
+ )
+
+ context = self._build_context()
+ success, output = await self.agent_executor.run_agent(
+ "persona_generation.md",
+ additional_context=context,
+ )
+
+ if success and self.personas_file.exists():
+ validation_result = self._validate_personas(attempt)
+ if validation_result is not None:
+ return validation_result
+ errors.append(f"Validation failed on attempt {attempt + 1}")
+ else:
+ debug_warning(
+ "persona_phase",
+ f"Generation attempt {attempt + 1} failed - file not created",
+ )
+ errors.append(
+ f"Attempt {attempt + 1}: Agent did not create personas file"
+ )
+
+ debug_error(
+ "persona_phase", "Generation phase failed after all retries", errors=errors
+ )
+ return PersonaPhaseResult("generation", False, [], errors, MAX_RETRIES)
+
+ def _build_context(self) -> str:
+ """Build context string for the generation agent."""
+ context = f"""
+**Discovery File**: {self.discovery_file}
+**Output Directory**: {self.output_dir}
+**Output File**: {self.personas_file}
+
+Based on the discovery data, generate detailed personas.
+"""
+ # Add research context if available
+ if self.research_file.exists():
+ context += f"""
+**Research File**: {self.research_file}
+Use research data to enrich personas with validated pain points and quotes.
+"""
+ else:
+ context += "\n**Research File**: Not available - generate without research enrichment\n"
+
+ context += "\nOutput the complete personas to personas.json.\n"
+ return context
+
+ def _validate_personas(self, attempt: int) -> PersonaPhaseResult | None:
+ """Validate the personas file.
+
+ Returns PersonaPhaseResult if validation succeeds, None otherwise.
+ """
+ try:
+ with open(self.personas_file) as f:
+ data = json.load(f)
+
+ required = ["version", "projectId", "personas", "metadata"]
+ missing = [k for k in required if k not in data]
+
+ personas = data.get("personas", [])
+ if not personas:
+ missing.append("personas (empty)")
+
+ # Validate each persona has required fields
+ required_persona_fields = [
+ "id",
+ "name",
+ "type",
+ "tagline",
+ "demographics",
+ "goals",
+ "painPoints",
+ ]
+ for i, persona in enumerate(personas):
+ for field in required_persona_fields:
+ if field not in persona:
+ missing.append(f"personas[{i}].{field}")
+
+ if not missing:
+ debug_success(
+ "persona_phase",
+ "Created valid personas.json",
+ attempt=attempt + 1,
+ persona_count=len(personas),
+ )
+ print_status(
+ f"Created valid personas.json with {len(personas)} personas",
+ "success",
+ )
+ return PersonaPhaseResult(
+ "generation", True, [str(self.personas_file)], [], attempt
+ )
+ else:
+ debug_warning("persona_phase", f"Missing required fields: {missing}")
+ return None
+
+ except json.JSONDecodeError as e:
+ debug_error("persona_phase", "Invalid JSON in personas file", error=str(e))
+ return None
diff --git a/apps/backend/runners/personas/single_enricher.py b/apps/backend/runners/personas/single_enricher.py
new file mode 100644
index 0000000000..745b01f3ce
--- /dev/null
+++ b/apps/backend/runners/personas/single_enricher.py
@@ -0,0 +1,440 @@
+"""
+Single Persona Enricher - Handles AI-assisted persona creation and enrichment.
+
+This module provides functionality to:
+1. Create a new persona from minimal user input via AI enrichment
+2. Enrich an existing manually-created persona with AI research
+
+It reuses the research and generation phase logic but operates on single personas.
+"""
+
+import json
+from dataclasses import dataclass
+from datetime import datetime
+from pathlib import Path
+from typing import TYPE_CHECKING, Any
+
+from debug import debug, debug_error, debug_success, debug_warning
+from ui import print_status
+
+if TYPE_CHECKING:
+ from .executor import AgentExecutor
+
+
+@dataclass
+class PersonaEnrichmentInput:
+ """Input for AI-assisted persona creation."""
+
+ role: str
+ description: str
+ persona_type: str # 'primary' | 'secondary' | 'edge-case'
+ primary_goal: str | None = None
+ experience_level: str | None = None
+ industry: str | None = None
+
+
+@dataclass
+class SinglePersonaResult:
+ """Result of single persona enrichment."""
+
+ success: bool
+ persona: dict[str, Any] | None
+ error: str | None = None
+
+
+class SinglePersonaEnricher:
+ """Handles single persona enrichment with AI research."""
+
+ MAX_RETRIES = 2
+
+ def __init__(
+ self,
+ output_dir: Path,
+ agent_executor: "AgentExecutor",
+ ):
+ self.output_dir = output_dir
+ self.agent_executor = agent_executor
+ # Temp files for single persona enrichment
+ self.temp_discovery_file = output_dir / "temp_single_discovery.json"
+ self.temp_research_file = output_dir / "temp_single_research.json"
+ self.temp_persona_file = output_dir / "temp_single_persona.json"
+
+ async def enrich_new_persona(
+ self, input_data: PersonaEnrichmentInput
+ ) -> SinglePersonaResult:
+ """
+ Create a new persona from minimal user input.
+
+ 1. Create a discovery entry from user input
+ 2. Run research phase for this user type
+ 3. Generate the persona from research
+ 4. Return the enriched persona
+ """
+ debug("single_enricher", "Starting new persona enrichment", role=input_data.role)
+ print_status("Starting AI-assisted persona creation...", "progress")
+
+ try:
+ # Step 1: Create discovery entry from user input
+ discovery_data = self._create_discovery_entry(input_data)
+ self._write_json(self.temp_discovery_file, discovery_data)
+ debug_success("single_enricher", "Created discovery entry")
+
+ # Step 2: Run research for this user type
+ research_success = await self._run_research(input_data)
+ if not research_success:
+ debug_warning(
+ "single_enricher",
+ "Research failed, proceeding with basic persona",
+ )
+
+ # Step 3: Generate persona from discovery and research
+ persona = await self._generate_single_persona(input_data)
+ if persona:
+ debug_success("single_enricher", "Created enriched persona")
+ print_status("Persona created successfully!", "success")
+ return SinglePersonaResult(success=True, persona=persona)
+ else:
+ debug_error("single_enricher", "Failed to generate persona")
+ return SinglePersonaResult(
+ success=False, persona=None, error="Failed to generate persona"
+ )
+
+ except Exception as e:
+ debug_error("single_enricher", f"Enrichment failed: {e}")
+ return SinglePersonaResult(success=False, persona=None, error=str(e))
+
+ finally:
+ # Cleanup temp files
+ self._cleanup_temp_files()
+
+ async def enrich_existing_persona(
+ self, persona: dict[str, Any]
+ ) -> SinglePersonaResult:
+ """
+ Enrich an existing manually-created persona with AI research.
+
+ 1. Create a discovery entry from existing persona data
+ 2. Run research phase for this user type
+ 3. Merge research results into existing persona
+ 4. Return the enriched persona
+ """
+ debug(
+ "single_enricher",
+ "Starting existing persona enrichment",
+ persona_id=persona.get("id"),
+ )
+ print_status("Starting AI enrichment for existing persona...", "progress")
+
+ try:
+ # Extract input from existing persona
+ demographics = persona.get("demographics", {})
+ input_data = PersonaEnrichmentInput(
+ role=demographics.get("role", "Unknown Role"),
+ description=persona.get("tagline", ""),
+ persona_type=persona.get("type", "secondary"),
+ primary_goal=persona.get("goals", [{}])[0].get("description")
+ if persona.get("goals")
+ else None,
+ experience_level=demographics.get("experienceLevel"),
+ industry=demographics.get("industry"),
+ )
+
+ # Step 1: Create discovery entry from existing persona
+ discovery_data = self._create_discovery_entry(input_data)
+ self._write_json(self.temp_discovery_file, discovery_data)
+ debug_success("single_enricher", "Created discovery entry from persona")
+
+ # Step 2: Run research for this user type
+ research_success = await self._run_research(input_data)
+ if not research_success:
+ debug_warning(
+ "single_enricher",
+ "Research failed, returning original persona",
+ )
+ return SinglePersonaResult(
+ success=False, persona=None, error="Research phase failed"
+ )
+
+ # Step 3: Merge research results into existing persona
+ enriched_persona = await self._merge_research_into_persona(persona)
+ if enriched_persona:
+ debug_success("single_enricher", "Enriched existing persona")
+ print_status("Persona enriched successfully!", "success")
+ return SinglePersonaResult(success=True, persona=enriched_persona)
+ else:
+ debug_error("single_enricher", "Failed to merge research results")
+ return SinglePersonaResult(
+ success=False, persona=None, error="Failed to enrich persona"
+ )
+
+ except Exception as e:
+ debug_error("single_enricher", f"Enrichment failed: {e}")
+ return SinglePersonaResult(success=False, persona=None, error=str(e))
+
+ finally:
+ # Cleanup temp files
+ self._cleanup_temp_files()
+
+ def _create_discovery_entry(
+ self, input_data: PersonaEnrichmentInput
+ ) -> dict[str, Any]:
+ """Create a discovery JSON structure from user input."""
+ user_type_id = f"manual-{datetime.now().strftime('%Y%m%d%H%M%S')}"
+
+ return {
+ "project_name": "Manual Persona",
+ "identified_user_types": [
+ {
+ "id": user_type_id,
+ "suggested_name": input_data.role,
+ "category": input_data.persona_type,
+ "confidence": "high", # User-provided, so high confidence
+ "evidence": {
+ "readme_mentions": [],
+ "code_patterns": [],
+ "documentation_hints": [],
+ "roadmap_alignment": [],
+ "user_provided": [input_data.description],
+ },
+ "inferred_characteristics": {
+ "technical_level": input_data.experience_level or "mid",
+ "likely_role": input_data.role,
+ "usage_frequency": "weekly",
+ "primary_goal": input_data.primary_goal or "",
+ "key_pain_points": [],
+ },
+ }
+ ],
+ "discovery_sources": {
+ "readme_analyzed": False,
+ "docs_analyzed": False,
+ "code_analyzed": False,
+ "roadmap_synced": False,
+ "user_provided": True,
+ },
+ "recommended_persona_count": 1,
+ "created_at": datetime.now().isoformat(),
+ }
+
+ async def _run_research(self, input_data: PersonaEnrichmentInput) -> bool:
+ """Run research phase for the single user type."""
+ debug("single_enricher", "Running research phase")
+ print_status("Researching user type...", "progress")
+
+ context = f"""
+**Discovery File**: {self.temp_discovery_file}
+**Output File**: {self.temp_research_file}
+
+Research this single user type:
+- Role: {input_data.role}
+- Description: {input_data.description}
+- Industry: {input_data.industry or "General"}
+
+Focus on finding:
+1. Common pain points for this role
+2. Typical goals and success metrics
+3. Realistic quotes from people in this role
+4. Tool preferences and behaviors
+
+IMPORTANT: This runs NON-INTERACTIVELY. Create the research file immediately.
+"""
+
+ for attempt in range(self.MAX_RETRIES):
+ debug(
+ "single_enricher", f"Research attempt {attempt + 1}/{self.MAX_RETRIES}"
+ )
+ success, _ = await self.agent_executor.run_agent(
+ "persona_research.md",
+ additional_context=context,
+ )
+
+ if success and self.temp_research_file.exists():
+ try:
+ with open(self.temp_research_file) as f:
+ data = json.load(f)
+ if "user_type_enrichments" in data:
+ debug_success("single_enricher", "Research completed")
+ return True
+ except json.JSONDecodeError:
+ pass
+
+ # Research failed - create fallback file
+ debug_warning("single_enricher", "Research failed, creating fallback")
+ self._write_json(
+ self.temp_research_file,
+ {
+ "research_completed_at": datetime.now().isoformat(),
+ "user_type_enrichments": [],
+ "research_sources": [],
+ "research_limitations": ["Research phase failed - using basic enrichment"],
+ },
+ )
+ return False
+
+ async def _generate_single_persona(
+ self, input_data: PersonaEnrichmentInput
+ ) -> dict[str, Any] | None:
+ """Generate a single persona from discovery and research."""
+ debug("single_enricher", "Generating persona")
+ print_status("Generating persona profile...", "progress")
+
+ context = f"""
+**Discovery File**: {self.temp_discovery_file}
+**Research File**: {self.temp_research_file}
+**Output File**: {self.temp_persona_file}
+
+Generate a SINGLE detailed persona based on the discovery and research data.
+
+User-provided details:
+- Role: {input_data.role}
+- Description: {input_data.description}
+- Type: {input_data.persona_type}
+- Industry: {input_data.industry or "Not specified"}
+
+Output format: Write to {self.temp_persona_file} with structure:
+{{
+ "version": "1.0",
+ "projectId": "manual",
+ "personas": [],
+ "metadata": {{...}}
+}}
+
+IMPORTANT: This runs NON-INTERACTIVELY. Create the persona file immediately.
+"""
+
+ for attempt in range(self.MAX_RETRIES):
+ debug(
+ "single_enricher",
+ f"Generation attempt {attempt + 1}/{self.MAX_RETRIES}",
+ )
+ success, _ = await self.agent_executor.run_agent(
+ "persona_generation.md",
+ additional_context=context,
+ )
+
+ if success and self.temp_persona_file.exists():
+ try:
+ with open(self.temp_persona_file) as f:
+ data = json.load(f)
+ personas = data.get("personas", [])
+ if personas:
+ persona = personas[0]
+ # Ensure research enriched flag is set
+ if "discoverySource" in persona:
+ persona["discoverySource"]["researchEnriched"] = True
+ debug_success("single_enricher", "Generated persona")
+ return persona
+ except json.JSONDecodeError:
+ pass
+
+ debug_error("single_enricher", "Failed to generate persona")
+ return None
+
+ async def _merge_research_into_persona(
+ self, persona: dict[str, Any]
+ ) -> dict[str, Any] | None:
+ """Merge research results into existing persona."""
+ debug("single_enricher", "Merging research into persona")
+ print_status("Applying research insights...", "progress")
+
+ # Read research results
+ if not self.temp_research_file.exists():
+ debug_error("single_enricher", "Research file not found")
+ return None
+
+ try:
+ with open(self.temp_research_file) as f:
+ research_data = json.load(f)
+ except json.JSONDecodeError:
+ debug_error("single_enricher", "Invalid research file")
+ return None
+
+ enrichments = research_data.get("user_type_enrichments", [])
+ if not enrichments:
+ debug_warning("single_enricher", "No enrichments found")
+ # Still mark as enriched even if no additional data
+ enriched = {**persona}
+ if "discoverySource" not in enriched:
+ enriched["discoverySource"] = {}
+ enriched["discoverySource"]["researchEnriched"] = True
+ enriched["updatedAt"] = datetime.now().isoformat()
+ return enriched
+
+ enrichment = enrichments[0]
+
+ # Merge the enrichment data
+ enriched = {**persona}
+
+ # Add discovered pain points
+ discovered_pain_points = enrichment.get("discovered_pain_points", [])
+ if discovered_pain_points and "painPoints" in enriched:
+ existing_ids = {pp.get("id") for pp in enriched["painPoints"]}
+ for i, dp in enumerate(discovered_pain_points):
+ new_id = f"research-pain-{i + 1}"
+ if new_id not in existing_ids:
+ enriched["painPoints"].append(
+ {
+ "id": new_id,
+ "description": dp.get("description", ""),
+ "severity": dp.get("severity", "medium"),
+ "currentWorkaround": dp.get("current_workaround"),
+ }
+ )
+
+ # Add quotes from research
+ quotes_found = enrichment.get("quotes_found", [])
+ if quotes_found and "quotes" in enriched:
+ existing_quotes = set(enriched["quotes"])
+ for quote_data in quotes_found:
+ quote_text = quote_data.get("quote", "")
+ if quote_text and quote_text not in existing_quotes:
+ enriched["quotes"].append(quote_text)
+
+ # Add behavior patterns
+ behavior_patterns = enrichment.get("behavior_patterns", {})
+ if behavior_patterns and "behaviors" in enriched:
+ # Merge tool preferences
+ tools = behavior_patterns.get("tool_preferences", [])
+ if tools:
+ existing_tools = set(enriched["behaviors"].get("toolStack", []))
+ enriched["behaviors"]["toolStack"] = list(
+ existing_tools.union(set(tools[:5])) # Limit to 5 new tools
+ )
+
+ # Merge decision factors
+ factors = behavior_patterns.get("decision_factors", [])
+ if factors:
+ existing_factors = set(
+ enriched["behaviors"].get("decisionFactors", [])
+ )
+ enriched["behaviors"]["decisionFactors"] = list(
+ existing_factors.union(set(factors[:5]))
+ )
+
+ # Mark as research enriched
+ if "discoverySource" not in enriched:
+ enriched["discoverySource"] = {}
+ enriched["discoverySource"]["researchEnriched"] = True
+ enriched["updatedAt"] = datetime.now().isoformat()
+
+ debug_success("single_enricher", "Merged research into persona")
+ return enriched
+
+ def _write_json(self, path: Path, data: dict[str, Any]) -> None:
+ """Write JSON data to file."""
+ path.parent.mkdir(parents=True, exist_ok=True)
+ with open(path, "w") as f:
+ json.dump(data, f, indent=2)
+
+ def _cleanup_temp_files(self) -> None:
+ """Remove temporary files."""
+ for temp_file in [
+ self.temp_discovery_file,
+ self.temp_research_file,
+ self.temp_persona_file,
+ ]:
+ try:
+ if temp_file.exists():
+ temp_file.unlink()
+ except Exception:
+ pass
diff --git a/apps/backend/runners/roadmap/models.py b/apps/backend/runners/roadmap/models.py
index cc7a1f5f8b..377f5cfacc 100644
--- a/apps/backend/runners/roadmap/models.py
+++ b/apps/backend/runners/roadmap/models.py
@@ -23,6 +23,6 @@ class RoadmapConfig:
project_dir: Path
output_dir: Path
- model: str = "claude-opus-4-5-20251101"
+ model: str = "sonnet" # Changed from "opus" (fix #433)
refresh: bool = False # Force regeneration even if roadmap exists
enable_competitor_analysis: bool = False # Enable competitor analysis phase
diff --git a/apps/backend/runners/roadmap/orchestrator.py b/apps/backend/runners/roadmap/orchestrator.py
index b7a9803af1..ba35bd2327 100644
--- a/apps/backend/runners/roadmap/orchestrator.py
+++ b/apps/backend/runners/roadmap/orchestrator.py
@@ -17,6 +17,7 @@
from .competitor_analyzer import CompetitorAnalyzer
from .executor import AgentExecutor, ScriptExecutor
from .graph_integration import GraphHintsProvider
+from .persona_generator import PersonaGenerator
from .phases import DiscoveryPhase, FeaturesPhase, ProjectIndexPhase
@@ -27,11 +28,13 @@ def __init__(
self,
project_dir: Path,
output_dir: Path | None = None,
- model: str = "claude-opus-4-5-20251101",
+ model: str = "sonnet", # Changed from "opus" (fix #433)
thinking_level: str = "medium",
refresh: bool = False,
enable_competitor_analysis: bool = False,
refresh_competitor_analysis: bool = False,
+ enable_persona_generation: bool = False,
+ refresh_personas: bool = False,
):
self.project_dir = Path(project_dir)
self.model = model
@@ -40,6 +43,8 @@ def __init__(
self.refresh = refresh
self.enable_competitor_analysis = enable_competitor_analysis
self.refresh_competitor_analysis = refresh_competitor_analysis
+ self.enable_persona_generation = enable_persona_generation
+ self.refresh_personas = refresh_personas
# Default output to project's .auto-claude directory (installed instance)
# Note: auto-claude/ is source code, .auto-claude/ is the installed instance
@@ -66,10 +71,15 @@ def __init__(
self.graph_hints_provider = GraphHintsProvider(
self.output_dir, self.project_dir, self.refresh
)
- # Competitor analyzer refreshes if either general refresh or specific competitor refresh
- competitor_should_refresh = self.refresh or self.refresh_competitor_analysis
+ # Competitor analyzer refresh is controlled by user's explicit choice
+ # (analyzer handles case where file doesn't exist - it will generate regardless)
self.competitor_analyzer = CompetitorAnalyzer(
- self.output_dir, competitor_should_refresh, self.agent_executor
+ self.output_dir, self.refresh_competitor_analysis, self.agent_executor
+ )
+ # Persona generator refresh is controlled by user's explicit choice
+ # (generator handles case where file doesn't exist - it will generate regardless)
+ self.persona_generator = PersonaGenerator(
+ self.project_dir, self.refresh_personas, self.model, self.thinking_level
)
self.project_index_phase = ProjectIndexPhase(
self.output_dir, self.refresh, self.script_executor
@@ -78,7 +88,7 @@ def __init__(
self.output_dir, self.refresh, self.agent_executor
)
self.features_phase = FeaturesPhase(
- self.output_dir, self.refresh, self.agent_executor
+ self.output_dir, self.refresh, self.agent_executor, self.project_dir
)
debug_section("roadmap_orchestrator", "Roadmap Orchestrator Initialized")
@@ -108,7 +118,8 @@ async def run(self) -> bool:
f"Project: {self.project_dir}\n"
f"Output: {self.output_dir}\n"
f"Model: {self.model}\n"
- f"Competitor Analysis: {'enabled' if self.enable_competitor_analysis else 'disabled'}",
+ f"Competitor Analysis: {'enabled' if self.enable_competitor_analysis else 'disabled'}\n"
+ f"Persona Generation: {'enabled' if self.enable_persona_generation else 'disabled'}",
title="ROADMAP GENERATOR",
style="heavy",
)
@@ -171,6 +182,14 @@ async def run(self) -> bool:
results.append(competitor_result)
# Note: competitor_result.success is always True (graceful degradation)
+ # Phase 2.75: Persona Generation (optional, runs after competitor analysis)
+ print_section("PHASE 2.75: PERSONA GENERATION", Icons.USER)
+ persona_result = await self.persona_generator.generate(
+ enabled=self.enable_persona_generation
+ )
+ results.append(persona_result)
+ # Note: persona_result.success is always True (graceful degradation)
+
# Phase 3: Feature Generation
debug("roadmap_orchestrator", "Starting Phase 3: Feature Generation")
print_section("PHASE 3: FEATURE GENERATION", Icons.SUBTASK)
diff --git a/apps/backend/runners/roadmap/persona_generator.py b/apps/backend/runners/roadmap/persona_generator.py
new file mode 100644
index 0000000000..6211943ef2
--- /dev/null
+++ b/apps/backend/runners/roadmap/persona_generator.py
@@ -0,0 +1,114 @@
+"""
+Persona generation wrapper for roadmap generation.
+
+Wraps the PersonaOrchestrator for use within the roadmap generation pipeline.
+"""
+
+import json
+from datetime import datetime
+from pathlib import Path
+
+from ui import print_status
+
+from .models import RoadmapPhaseResult
+
+
+class PersonaGenerator:
+ """Generates user personas as part of roadmap generation."""
+
+ def __init__(
+ self,
+ project_dir: Path,
+ refresh: bool,
+ model: str = "sonnet",
+ thinking_level: str = "medium",
+ ):
+ self.project_dir = Path(project_dir)
+ self.refresh = refresh
+ self.model = model
+ self.thinking_level = thinking_level
+ self.personas_dir = self.project_dir / ".auto-claude" / "personas"
+ self.personas_file = self.personas_dir / "personas.json"
+
+ async def generate(self, enabled: bool = False) -> RoadmapPhaseResult:
+ """Generate user personas (if enabled).
+
+ This is an optional phase - it gracefully degrades if disabled or if generation fails.
+ Personas enhance roadmap features but are not required.
+ """
+ if not enabled:
+ print_status("Persona generation not enabled, skipping", "info")
+ return RoadmapPhaseResult(
+ "persona_generation", True, [], [], 0
+ )
+
+ if self.personas_file.exists() and not self.refresh:
+ # Load existing personas and report count
+ try:
+ with open(self.personas_file) as f:
+ data = json.load(f)
+ persona_count = len(data.get("personas", []))
+ print_status(
+ f"Using {persona_count} existing personas (use --refresh-personas to regenerate)",
+ "success",
+ )
+ return RoadmapPhaseResult(
+ "persona_generation", True, [str(self.personas_file)], [], 0
+ )
+ except (json.JSONDecodeError, IOError):
+ # Continue to regeneration if file is corrupt
+ pass
+
+ # Import PersonaOrchestrator here to avoid circular imports
+ from runners.personas import PersonaOrchestrator
+
+ print_status("Running persona generation...", "progress")
+
+ orchestrator = PersonaOrchestrator(
+ project_dir=self.project_dir,
+ output_dir=self.personas_dir,
+ model=self.model,
+ thinking_level=self.thinking_level,
+ refresh=self.refresh,
+ enable_research=False, # Skip web research for faster generation
+ )
+
+ try:
+ success = await orchestrator.run()
+
+ if success and self.personas_file.exists():
+ with open(self.personas_file) as f:
+ data = json.load(f)
+ persona_count = len(data.get("personas", []))
+ print_status(
+ f"Generated {persona_count} personas",
+ "success",
+ )
+ return RoadmapPhaseResult(
+ "persona_generation", True, [str(self.personas_file)], [], 0
+ )
+ else:
+ print_status(
+ "Persona generation failed, continuing without personas",
+ "warning",
+ )
+ return RoadmapPhaseResult(
+ "persona_generation",
+ True, # Return True for graceful degradation
+ [],
+ ["Persona generation failed"],
+ 1,
+ )
+
+ except Exception as e:
+ print_status(
+ f"Persona generation error: {e}, continuing without personas",
+ "warning",
+ )
+ return RoadmapPhaseResult(
+ "persona_generation",
+ True, # Return True for graceful degradation
+ [],
+ [str(e)],
+ 1,
+ )
diff --git a/apps/backend/runners/roadmap/phases.py b/apps/backend/runners/roadmap/phases.py
index 7954969239..686f61cf9f 100644
--- a/apps/backend/runners/roadmap/phases.py
+++ b/apps/backend/runners/roadmap/phases.py
@@ -205,13 +205,17 @@ def __init__(
output_dir: Path,
refresh: bool,
agent_executor: "AgentExecutor",
+ project_dir: Path,
):
self.output_dir = output_dir
self.refresh = refresh
self.agent_executor = agent_executor
+ self.project_dir = project_dir
self.roadmap_file = output_dir / "roadmap.json"
self.discovery_file = output_dir / "roadmap_discovery.json"
self.project_index_file = output_dir / "project_index.json"
+ # Personas file location (may or may not exist)
+ self.personas_file = project_dir / ".auto-claude" / "personas" / "personas.json"
async def execute(self) -> RoadmapPhaseResult:
"""Generate and prioritize features for the roadmap."""
@@ -267,7 +271,7 @@ async def execute(self) -> RoadmapPhaseResult:
def _build_context(self) -> str:
"""Build context string for the features agent."""
- return f"""
+ context = f"""
**Discovery File**: {self.discovery_file}
**Project Index**: {self.project_index_file}
**Output File**: {self.roadmap_file}
@@ -278,9 +282,31 @@ def _build_context(self) -> str:
3. Organize into phases
4. Create milestones
5. Map dependencies
-
-Output the complete roadmap to roadmap.json.
"""
+ # Add persona context if personas exist
+ if self.personas_file.exists():
+ try:
+ with open(self.personas_file) as f:
+ personas_data = json.load(f)
+ persona_count = len(personas_data.get("personas", []))
+ if persona_count > 0:
+ context += f"""
+**IMPORTANT - User Personas Available**:
+**Personas File**: {self.personas_file}
+**Persona Count**: {persona_count}
+
+You MUST:
+1. Read the personas file to understand target users
+2. Link features to relevant personas using `target_persona_ids`
+3. Add `persona_impact` with impact scores for each linked persona
+4. Prioritize features that serve PRIMARY personas (3x weight)
+5. Reference personas in feature rationale
+"""
+ except (json.JSONDecodeError, OSError):
+ pass # Graceful degradation if file is malformed or unreadable
+
+ context += "\nOutput the complete roadmap to roadmap.json."
+ return context
def _validate_features(self, attempt: int) -> RoadmapPhaseResult | None:
"""Validate the roadmap features file.
diff --git a/apps/backend/runners/roadmap_runner.py b/apps/backend/runners/roadmap_runner.py
index 88f157b12c..d6de46ccea 100644
--- a/apps/backend/runners/roadmap_runner.py
+++ b/apps/backend/runners/roadmap_runner.py
@@ -20,8 +20,10 @@
# Add auto-claude to path
sys.path.insert(0, str(Path(__file__).parent.parent))
-# Load .env file from auto-claude/ directory
-from dotenv import load_dotenv
+# Load .env file with centralized error handling
+from cli.utils import import_dotenv
+
+load_dotenv = import_dotenv()
env_file = Path(__file__).parent.parent / ".env"
if env_file.exists():
@@ -30,7 +32,7 @@
from debug import debug, debug_error, debug_warning
# Import from refactored roadmap package
-from roadmap import RoadmapOrchestrator
+from runners.roadmap import RoadmapOrchestrator
def main():
@@ -55,8 +57,8 @@ def main():
parser.add_argument(
"--model",
type=str,
- default="claude-opus-4-5-20251101",
- help="Model to use (default: claude-opus-4-5-20251101)",
+ default="sonnet", # Changed from "opus" (fix #433)
+ help="Model to use (haiku, sonnet, opus, or full model ID)",
)
parser.add_argument(
"--thinking-level",
@@ -82,6 +84,18 @@ def main():
dest="refresh_competitor_analysis",
help="Force refresh competitor analysis even if it exists (requires --competitor-analysis)",
)
+ parser.add_argument(
+ "--persona-generation",
+ action="store_true",
+ dest="enable_persona_generation",
+ help="Enable persona generation phase",
+ )
+ parser.add_argument(
+ "--refresh-personas",
+ action="store_true",
+ dest="refresh_personas",
+ help="Force refresh personas even if they exist (requires --persona-generation)",
+ )
args = parser.parse_args()
@@ -117,6 +131,8 @@ def main():
refresh=args.refresh,
enable_competitor_analysis=args.enable_competitor_analysis,
refresh_competitor_analysis=args.refresh_competitor_analysis,
+ enable_persona_generation=args.enable_persona_generation,
+ refresh_personas=args.refresh_personas,
)
try:
diff --git a/apps/backend/runners/spec_runner.py b/apps/backend/runners/spec_runner.py
index 0bda6db115..30adbf3fa6 100644
--- a/apps/backend/runners/spec_runner.py
+++ b/apps/backend/runners/spec_runner.py
@@ -26,11 +26,11 @@
- Risk factors and edge cases
Usage:
- python auto-claude/spec_runner.py --task "Add user authentication"
- python auto-claude/spec_runner.py --interactive
- python auto-claude/spec_runner.py --continue 001-feature
- python auto-claude/spec_runner.py --task "Fix button color" --complexity simple
- python auto-claude/spec_runner.py --task "Simple fix" --no-ai-assessment
+ python runners/spec_runner.py --task "Add user authentication"
+ python runners/spec_runner.py --interactive
+ python runners/spec_runner.py --continue 001-feature
+ python runners/spec_runner.py --task "Fix button color" --complexity simple
+ python runners/spec_runner.py --task "Simple fix" --no-ai-assessment
"""
import sys
@@ -81,8 +81,10 @@
# Add auto-claude to path (parent of runners/)
sys.path.insert(0, str(Path(__file__).parent.parent))
-# Load .env file
-from dotenv import load_dotenv
+# Load .env file with centralized error handling
+from cli.utils import import_dotenv
+
+load_dotenv = import_dotenv()
env_file = Path(__file__).parent.parent / ".env"
dev_env_file = Path(__file__).parent.parent.parent / "dev" / "auto-claude" / ".env"
@@ -198,9 +200,21 @@ def main():
default=None,
help="Base branch for creating worktrees (default: auto-detect or current branch)",
)
+ parser.add_argument(
+ "--direct",
+ action="store_true",
+ help="Build directly in project without worktree isolation (default: use isolated worktree)",
+ )
args = parser.parse_args()
+ # Warn user about direct mode risks
+ if args.direct:
+ print_status(
+ "Direct mode: Building in project directory without worktree isolation",
+ "warning",
+ )
+
# Handle task from file if provided
task_description = args.task
if args.task_file:
@@ -328,6 +342,10 @@ def main():
if args.base_branch:
run_cmd.extend(["--base-branch", args.base_branch])
+ # Pass --direct flag if specified (skip worktree isolation)
+ if args.direct:
+ run_cmd.append("--direct")
+
# Note: Model configuration for subsequent phases (planning, coding, qa)
# is read from task_metadata.json by run.py, so we don't pass it here.
# This allows per-phase configuration when using Auto profile.
diff --git a/apps/backend/security/__init__.py b/apps/backend/security/__init__.py
index 9b389373b6..b26311d292 100644
--- a/apps/backend/security/__init__.py
+++ b/apps/backend/security/__init__.py
@@ -62,7 +62,9 @@
validate_chmod_command,
validate_dropdb_command,
validate_dropuser_command,
+ validate_git_command,
validate_git_commit,
+ validate_git_config,
validate_init_script,
validate_kill_command,
validate_killall_command,
@@ -93,7 +95,9 @@
"validate_chmod_command",
"validate_rm_command",
"validate_init_script",
+ "validate_git_command",
"validate_git_commit",
+ "validate_git_config",
"validate_dropdb_command",
"validate_dropuser_command",
"validate_psql_command",
diff --git a/apps/backend/security/constants.py b/apps/backend/security/constants.py
new file mode 100644
index 0000000000..3ddbca3002
--- /dev/null
+++ b/apps/backend/security/constants.py
@@ -0,0 +1,16 @@
+"""
+Security Constants
+==================
+
+Shared constants for the security module.
+"""
+
+# Environment variable name for the project directory
+# Set by agents (coder.py, loop.py) at startup to ensure security hooks
+# can find the correct project directory even in worktree mode.
+PROJECT_DIR_ENV_VAR = "AUTO_CLAUDE_PROJECT_DIR"
+
+# Security configuration filenames
+# These are the files that control which commands are allowed to run.
+ALLOWLIST_FILENAME = ".auto-claude-allowlist"
+PROFILE_FILENAME = ".auto-claude-security.json"
diff --git a/apps/backend/security/git_validators.py b/apps/backend/security/git_validators.py
index 5a75ad39f1..5c21d32909 100644
--- a/apps/backend/security/git_validators.py
+++ b/apps/backend/security/git_validators.py
@@ -2,7 +2,9 @@
Git Validators
==============
-Validators for git operations (commit with secret scanning).
+Validators for git operations:
+- Commit with secret scanning
+- Config protection (prevent setting test users)
"""
import shlex
@@ -10,8 +12,203 @@
from .validation_models import ValidationResult
+# =============================================================================
+# BLOCKED GIT CONFIG PATTERNS
+# =============================================================================
-def validate_git_commit(command_string: str) -> ValidationResult:
+# Git config keys that agents must NOT modify
+# These are identity settings that should inherit from the user's global config
+#
+# NOTE: This validation covers command-line arguments (git config, git -c).
+# Environment variables (GIT_AUTHOR_NAME, GIT_AUTHOR_EMAIL, GIT_COMMITTER_NAME,
+# GIT_COMMITTER_EMAIL) are NOT validated here as they require pre-execution
+# environment filtering, which is handled at the sandbox/hook level.
+BLOCKED_GIT_CONFIG_KEYS = {
+ "user.name",
+ "user.email",
+ "author.name",
+ "author.email",
+ "committer.name",
+ "committer.email",
+}
+
+
+def validate_git_config(command_string: str) -> ValidationResult:
+ """
+ Validate git config commands - block identity changes.
+
+ Agents should not set user.name, user.email, etc. as this:
+ 1. Breaks commit attribution
+ 2. Can create fake "Test User" identities
+ 3. Overrides the user's legitimate git identity
+
+ Args:
+ command_string: The full git command string
+
+ Returns:
+ Tuple of (is_valid, error_message)
+ """
+ try:
+ tokens = shlex.split(command_string)
+ except ValueError:
+ return False, "Could not parse git command" # Fail closed on parse errors
+
+ if len(tokens) < 2 or tokens[0] != "git" or tokens[1] != "config":
+ return True, "" # Not a git config command
+
+ # Check for read-only operations first - these are always allowed
+ # --get, --get-all, --get-regexp, --list are all read operations
+ read_only_flags = {"--get", "--get-all", "--get-regexp", "--list", "-l"}
+ for token in tokens[2:]:
+ if token in read_only_flags:
+ return True, "" # Read operation, allow it
+
+ # Extract the config key from the command
+ # git config [options] [value] - key is typically after config and any options
+ config_key = None
+ for token in tokens[2:]:
+ # Skip options (start with -)
+ if token.startswith("-"):
+ continue
+ # First non-option token is the config key
+ config_key = token.lower()
+ break
+
+ if not config_key:
+ return True, "" # No config key specified (e.g., git config --list)
+
+ # Check if the exact config key is blocked
+ for blocked_key in BLOCKED_GIT_CONFIG_KEYS:
+ if config_key == blocked_key:
+ return False, (
+ f"BLOCKED: Cannot modify git identity configuration\n\n"
+ f"You attempted to set '{blocked_key}' which is not allowed.\n\n"
+ f"WHY: Git identity (user.name, user.email) must inherit from the user's "
+ f"global git configuration. Setting fake identities like 'Test User' breaks "
+ f"commit attribution and causes serious issues.\n\n"
+ f"WHAT TO DO: Simply commit without setting any user configuration. "
+ f"The repository will use the correct identity automatically."
+ )
+
+ return True, ""
+
+
+def validate_git_inline_config(tokens: list[str]) -> ValidationResult:
+ """
+ Check for blocked config keys passed via git -c flag.
+
+ Git allows inline config with: git -c key=value
+ This bypasses 'git config' validation, so we must check all git commands
+ for -c flags containing blocked identity keys.
+
+ Args:
+ tokens: Parsed command tokens
+
+ Returns:
+ Tuple of (is_valid, error_message)
+ """
+ i = 1 # Start after 'git'
+ while i < len(tokens):
+ token = tokens[i]
+
+ # Check for -c flag (can be "-c key=value" or "-c" "key=value")
+ if token == "-c":
+ # Next token should be the key=value
+ if i + 1 < len(tokens):
+ config_pair = tokens[i + 1]
+ # Extract the key from key=value
+ if "=" in config_pair:
+ config_key = config_pair.split("=", 1)[0].lower()
+ if config_key in BLOCKED_GIT_CONFIG_KEYS:
+ return False, (
+ f"BLOCKED: Cannot set git identity via -c flag\n\n"
+ f"You attempted to use '-c {config_pair}' which sets a blocked "
+ f"identity configuration.\n\n"
+ f"WHY: Git identity (user.name, user.email) must inherit from the "
+ f"user's global git configuration. Setting fake identities breaks "
+ f"commit attribution and causes serious issues.\n\n"
+ f"WHAT TO DO: Remove the -c flag and commit normally. "
+ f"The repository will use the correct identity automatically."
+ )
+ i += 2 # Skip -c and its value
+ continue
+ elif token.startswith("-c"):
+ # Handle -ckey=value format (no space)
+ config_pair = token[2:] # Remove "-c" prefix
+ if "=" in config_pair:
+ config_key = config_pair.split("=", 1)[0].lower()
+ if config_key in BLOCKED_GIT_CONFIG_KEYS:
+ return False, (
+ f"BLOCKED: Cannot set git identity via -c flag\n\n"
+ f"You attempted to use '{token}' which sets a blocked "
+ f"identity configuration.\n\n"
+ f"WHY: Git identity (user.name, user.email) must inherit from the "
+ f"user's global git configuration. Setting fake identities breaks "
+ f"commit attribution and causes serious issues.\n\n"
+ f"WHAT TO DO: Remove the -c flag and commit normally. "
+ f"The repository will use the correct identity automatically."
+ )
+
+ i += 1
+
+ return True, ""
+
+
+def validate_git_command(command_string: str) -> ValidationResult:
+ """
+ Main git validator that checks all git security rules.
+
+ Currently validates:
+ - git -c: Block identity changes via inline config on ANY git command
+ - git config: Block identity changes
+ - git commit: Run secret scanning
+
+ Args:
+ command_string: The full git command string
+
+ Returns:
+ Tuple of (is_valid, error_message)
+ """
+ try:
+ tokens = shlex.split(command_string)
+ except ValueError:
+ return False, "Could not parse git command"
+
+ if not tokens or tokens[0] != "git":
+ return True, ""
+
+ if len(tokens) < 2:
+ return True, "" # Just "git" with no subcommand
+
+ # Check for blocked -c flags on ANY git command (security bypass prevention)
+ is_valid, error_msg = validate_git_inline_config(tokens)
+ if not is_valid:
+ return is_valid, error_msg
+
+ # Find the actual subcommand (skip global options like -c, -C, --git-dir, etc.)
+ subcommand = None
+ for token in tokens[1:]:
+ # Skip options and their values
+ if token.startswith("-"):
+ continue
+ subcommand = token
+ break
+
+ if not subcommand:
+ return True, "" # No subcommand found
+
+ # Check git config commands
+ if subcommand == "config":
+ return validate_git_config(command_string)
+
+ # Check git commit commands (secret scanning)
+ if subcommand == "commit":
+ return validate_git_commit_secrets(command_string)
+
+ return True, ""
+
+
+def validate_git_commit_secrets(command_string: str) -> ValidationResult:
"""
Validate git commit commands - run secret scan before allowing commit.
@@ -99,3 +296,8 @@ def validate_git_commit(command_string: str) -> ValidationResult:
)
return False, "\n".join(error_lines)
+
+
+# Backwards compatibility alias - the registry uses this name
+# Now delegates to the comprehensive validator
+validate_git_commit = validate_git_command
diff --git a/apps/backend/security/hooks.py b/apps/backend/security/hooks.py
index 35152d4433..4bc7328d3a 100644
--- a/apps/backend/security/hooks.py
+++ b/apps/backend/security/hooks.py
@@ -66,10 +66,20 @@ async def bash_security_hook(
return {}
# Get the working directory from context or use current directory
- # In the actual client, this would be set by the ClaudeSDKClient
- cwd = os.getcwd()
- if context and hasattr(context, "cwd"):
+ # Priority:
+ # 1. Environment variable PROJECT_DIR_ENV_VAR (set by agent on startup)
+ # 2. input_data cwd (passed by SDK in the tool call)
+ # 3. Context cwd (should be set by ClaudeSDKClient but sometimes isn't)
+ # 4. Current working directory (fallback, may be incorrect in worktree mode)
+ from .constants import PROJECT_DIR_ENV_VAR
+
+ cwd = os.environ.get(PROJECT_DIR_ENV_VAR)
+ if not cwd:
+ cwd = input_data.get("cwd")
+ if not cwd and context and hasattr(context, "cwd"):
cwd = context.cwd
+ if not cwd:
+ cwd = os.getcwd()
# Get or create security profile
# Note: In actual use, spec_dir would be passed through context
diff --git a/apps/backend/security/parser.py b/apps/backend/security/parser.py
index 1b8ead069a..1c51999866 100644
--- a/apps/backend/security/parser.py
+++ b/apps/backend/security/parser.py
@@ -4,11 +4,137 @@
Functions for parsing and extracting commands from shell command strings.
Handles compound commands, pipes, subshells, and various shell constructs.
+
+Windows Compatibility Note:
+--------------------------
+On Windows, commands containing paths with backslashes can cause shlex.split()
+to fail (e.g., incomplete commands with unclosed quotes). This module includes
+a fallback parser that extracts command names even from malformed commands,
+ensuring security validation can still proceed.
"""
-import os
import re
import shlex
+from pathlib import PurePosixPath, PureWindowsPath
+
+
+def _cross_platform_basename(path: str) -> str:
+ """
+ Extract the basename from a path in a cross-platform way.
+
+ Handles both Windows paths (C:\\dir\\cmd.exe) and POSIX paths (/dir/cmd)
+ regardless of the current platform. This is critical for running tests
+ on Linux CI while handling Windows-style paths.
+
+ Args:
+ path: A file path string (Windows or POSIX format)
+
+ Returns:
+ The basename of the path (e.g., "python.exe" from "C:\\Python312\\python.exe")
+ """
+ # Strip surrounding quotes if present
+ path = path.strip("'\"")
+
+ # Check if this looks like a Windows path (contains backslash or drive letter)
+ if "\\" in path or (len(path) >= 2 and path[1] == ":"):
+ # Use PureWindowsPath to handle Windows paths on any platform
+ return PureWindowsPath(path).name
+
+ # For POSIX paths or simple command names, use PurePosixPath
+ # (os.path.basename works but PurePosixPath is more explicit)
+ return PurePosixPath(path).name
+
+
+def _fallback_extract_commands(command_string: str) -> list[str]:
+ """
+ Fallback command extraction when shlex.split() fails.
+
+ Uses regex to extract command names from potentially malformed commands.
+ This is more permissive than shlex but ensures we can at least identify
+ the commands being executed for security validation.
+
+ Args:
+ command_string: The command string to parse
+
+ Returns:
+ List of command names extracted from the string
+ """
+ commands = []
+
+ # Shell keywords to skip
+ shell_keywords = {
+ "if",
+ "then",
+ "else",
+ "elif",
+ "fi",
+ "for",
+ "while",
+ "until",
+ "do",
+ "done",
+ "case",
+ "esac",
+ "in",
+ "function",
+ }
+
+ # First, split by common shell operators
+ # This regex splits on &&, ||, |, ; while being careful about quotes
+ # We're being permissive here since shlex already failed
+ parts = re.split(r"\s*(?:&&|\|\||\|)\s*|;\s*", command_string)
+
+ for part in parts:
+ part = part.strip()
+ if not part:
+ continue
+
+ # Skip variable assignments at the start (VAR=value cmd)
+ while re.match(r"^[A-Za-z_][A-Za-z0-9_]*=\S*\s+", part):
+ part = re.sub(r"^[A-Za-z_][A-Za-z0-9_]*=\S*\s+", "", part)
+
+ if not part:
+ continue
+
+ # Strategy: Extract command from the BEGINNING of the part
+ # Handle various formats:
+ # - Simple: python3, npm, git
+ # - Unix path: /usr/bin/python
+ # - Windows path: C:\Python312\python.exe
+ # - Quoted with spaces: "C:\Program Files\python.exe"
+
+ # Extract first token, handling quoted strings with spaces
+ first_token_match = re.match(r'^(?:"([^"]+)"|\'([^\']+)\'|([^\s]+))', part)
+ if not first_token_match:
+ continue
+
+ # Pick whichever capture group matched (double-quoted, single-quoted, or unquoted)
+ first_token = (
+ first_token_match.group(1)
+ or first_token_match.group(2)
+ or first_token_match.group(3)
+ )
+
+ # Now extract just the command name from this token
+ # Handle Windows paths (C:\dir\cmd.exe) and Unix paths (/dir/cmd)
+ # Use cross-platform basename for reliable path handling on any OS
+ cmd = _cross_platform_basename(first_token)
+
+ # Remove Windows extensions
+ cmd = re.sub(r"\.(exe|cmd|bat|ps1|sh)$", "", cmd, flags=re.IGNORECASE)
+
+ # Clean up any remaining quotes or special chars at the start
+ cmd = re.sub(r'^["\'\\/]+', "", cmd)
+
+ # Skip tokens that look like function calls or code fragments (not shell commands)
+ # These appear when splitting on semicolons inside malformed quoted strings
+ if "(" in cmd or ")" in cmd or "." in cmd:
+ continue
+
+ if cmd and cmd.lower() not in shell_keywords:
+ commands.append(cmd)
+
+ return commands
def split_command_segments(command_string: str) -> list[str]:
@@ -32,13 +158,46 @@ def split_command_segments(command_string: str) -> list[str]:
return result
+def _contains_windows_path(command_string: str) -> bool:
+ """
+ Check if a command string contains Windows-style paths.
+
+ Windows paths with backslashes cause issues with shlex.split() because
+ backslashes are interpreted as escape characters in POSIX mode.
+
+ Args:
+ command_string: The command string to check
+
+ Returns:
+ True if Windows paths are detected
+ """
+ # Pattern matches:
+ # - Drive letter paths: C:\, D:\, etc.
+ # - Backslash followed by a path component (2+ chars to avoid escape sequences like \n, \t)
+ # The second char must be alphanumeric, underscore, or another path separator
+ # This avoids false positives on escape sequences which are single-char after backslash
+ return bool(re.search(r"[A-Za-z]:\\|\\[A-Za-z][A-Za-z0-9_\\/]", command_string))
+
+
def extract_commands(command_string: str) -> list[str]:
"""
Extract command names from a shell command string.
Handles pipes, command chaining (&&, ||, ;), and subshells.
Returns the base command names (without paths).
+
+ On Windows or when commands contain malformed quoting (common with
+ Windows paths in bash-style commands), falls back to regex-based
+ extraction to ensure security validation can proceed.
"""
+ # If command contains Windows paths, use fallback parser directly
+ # because shlex.split() interprets backslashes as escape characters
+ if _contains_windows_path(command_string):
+ fallback_commands = _fallback_extract_commands(command_string)
+ if fallback_commands:
+ return fallback_commands
+ # Continue with shlex if fallback found nothing
+
commands = []
# Split on semicolons that aren't inside quotes
@@ -53,7 +212,12 @@ def extract_commands(command_string: str) -> list[str]:
tokens = shlex.split(segment)
except ValueError:
# Malformed command (unclosed quotes, etc.)
- # Return empty to trigger block (fail-safe)
+ # This is common on Windows with backslash paths in quoted strings
+ # Use fallback parser instead of blocking
+ fallback_commands = _fallback_extract_commands(command_string)
+ if fallback_commands:
+ return fallback_commands
+ # If fallback also found nothing, return empty to trigger block
return []
if not tokens:
@@ -106,7 +270,8 @@ def extract_commands(command_string: str) -> list[str]:
if expect_command:
# Extract the base command name (handle paths like /usr/bin/python)
- cmd = os.path.basename(token)
+ # Use cross-platform basename for Windows paths on Linux CI
+ cmd = _cross_platform_basename(token)
commands.append(cmd)
expect_command = False
diff --git a/apps/backend/security/profile.py b/apps/backend/security/profile.py
index da75cff174..a3087a65bb 100644
--- a/apps/backend/security/profile.py
+++ b/apps/backend/security/profile.py
@@ -9,11 +9,12 @@
from pathlib import Path
from project_analyzer import (
- ProjectAnalyzer,
SecurityProfile,
get_or_create_profile,
)
+from .constants import ALLOWLIST_FILENAME, PROFILE_FILENAME
+
# =============================================================================
# GLOBAL STATE
# =============================================================================
@@ -23,18 +24,33 @@
_cached_project_dir: Path | None = None
_cached_spec_dir: Path | None = None # Track spec directory for cache key
_cached_profile_mtime: float | None = None # Track file modification time
+_cached_allowlist_mtime: float | None = None # Track allowlist modification time
def _get_profile_path(project_dir: Path) -> Path:
"""Get the security profile file path for a project."""
- return project_dir / ProjectAnalyzer.PROFILE_FILENAME
+ return project_dir / PROFILE_FILENAME
+
+
+def _get_allowlist_path(project_dir: Path) -> Path:
+ """Get the allowlist file path for a project."""
+ return project_dir / ALLOWLIST_FILENAME
def _get_profile_mtime(project_dir: Path) -> float | None:
"""Get the modification time of the security profile file, or None if not exists."""
profile_path = _get_profile_path(project_dir)
try:
- return profile_path.stat().st_mtime if profile_path.exists() else None
+ return profile_path.stat().st_mtime
+ except OSError:
+ return None
+
+
+def _get_allowlist_mtime(project_dir: Path) -> float | None:
+ """Get the modification time of the allowlist file, or None if not exists."""
+ allowlist_path = _get_allowlist_path(project_dir)
+ try:
+ return allowlist_path.stat().st_mtime
except OSError:
return None
@@ -49,6 +65,7 @@ def get_security_profile(
- The project directory changes
- The security profile file is created (was None, now exists)
- The security profile file is modified (mtime changed)
+ - The allowlist file is created, modified, or deleted
Args:
project_dir: Project root directory
@@ -57,7 +74,11 @@ def get_security_profile(
Returns:
SecurityProfile for the project
"""
- global _cached_profile, _cached_project_dir, _cached_spec_dir, _cached_profile_mtime
+ global _cached_profile
+ global _cached_project_dir
+ global _cached_spec_dir
+ global _cached_profile_mtime
+ global _cached_allowlist_mtime
project_dir = Path(project_dir).resolve()
resolved_spec_dir = Path(spec_dir).resolve() if spec_dir else None
@@ -68,30 +89,40 @@ def get_security_profile(
and _cached_project_dir == project_dir
and _cached_spec_dir == resolved_spec_dir
):
- # Check if file has been created or modified since caching
- current_mtime = _get_profile_mtime(project_dir)
- # Cache is valid if:
- # - Both are None (file never existed and still doesn't)
- # - Both have same mtime (file unchanged)
- if current_mtime == _cached_profile_mtime:
+ # Check if files have been created or modified since caching
+ current_profile_mtime = _get_profile_mtime(project_dir)
+ current_allowlist_mtime = _get_allowlist_mtime(project_dir)
+
+ # Cache is valid if both mtimes are unchanged
+ if (
+ current_profile_mtime == _cached_profile_mtime
+ and current_allowlist_mtime == _cached_allowlist_mtime
+ ):
return _cached_profile
- # File was created or modified - invalidate cache
- # (This happens when analyzer creates the file after agent starts)
+ # File was created, modified, or deleted - invalidate cache
+ # (This happens when analyzer creates the file after agent starts,
+ # or when user adds/updates the allowlist)
# Analyze and cache
_cached_profile = get_or_create_profile(project_dir, spec_dir)
_cached_project_dir = project_dir
_cached_spec_dir = resolved_spec_dir
_cached_profile_mtime = _get_profile_mtime(project_dir)
+ _cached_allowlist_mtime = _get_allowlist_mtime(project_dir)
return _cached_profile
def reset_profile_cache() -> None:
"""Reset the cached profile (useful for testing or re-analysis)."""
- global _cached_profile, _cached_project_dir, _cached_spec_dir, _cached_profile_mtime
+ global _cached_profile
+ global _cached_project_dir
+ global _cached_spec_dir
+ global _cached_profile_mtime
+ global _cached_allowlist_mtime
_cached_profile = None
_cached_project_dir = None
_cached_spec_dir = None
_cached_profile_mtime = None
+ _cached_allowlist_mtime = None
diff --git a/apps/backend/security/validator.py b/apps/backend/security/validator.py
index 7727f012fa..c1ca28983a 100644
--- a/apps/backend/security/validator.py
+++ b/apps/backend/security/validator.py
@@ -33,7 +33,11 @@
validate_init_script,
validate_rm_command,
)
-from .git_validators import validate_git_commit
+from .git_validators import (
+ validate_git_command,
+ validate_git_commit,
+ validate_git_config,
+)
from .process_validators import (
validate_kill_command,
validate_killall_command,
@@ -60,6 +64,8 @@
"validate_init_script",
# Git validators
"validate_git_commit",
+ "validate_git_command",
+ "validate_git_config",
# Database validators
"validate_dropdb_command",
"validate_dropuser_command",
diff --git a/apps/backend/spec/compaction.py b/apps/backend/spec/compaction.py
index d74b377ce2..9538585ec3 100644
--- a/apps/backend/spec/compaction.py
+++ b/apps/backend/spec/compaction.py
@@ -16,7 +16,7 @@
async def summarize_phase_output(
phase_name: str,
phase_output: str,
- model: str = "claude-sonnet-4-5-20250929",
+ model: str = "sonnet", # Shorthand - resolved via API Profile if configured
target_words: int = 500,
) -> str:
"""
@@ -73,9 +73,12 @@ async def summarize_phase_output(
await client.query(prompt)
response_text = ""
async for msg in client.receive_response():
- if hasattr(msg, "content"):
+ msg_type = type(msg).__name__
+ if msg_type == "AssistantMessage" and hasattr(msg, "content"):
for block in msg.content:
- if hasattr(block, "text"):
+ # Must check block type - only TextBlock has .text attribute
+ block_type = type(block).__name__
+ if block_type == "TextBlock" and hasattr(block, "text"):
response_text += block.text
return response_text.strip()
except Exception as e:
diff --git a/apps/backend/spec/pipeline/orchestrator.py b/apps/backend/spec/pipeline/orchestrator.py
index 76c04d4719..3396f905bd 100644
--- a/apps/backend/spec/pipeline/orchestrator.py
+++ b/apps/backend/spec/pipeline/orchestrator.py
@@ -57,7 +57,7 @@ def __init__(
spec_name: str | None = None,
spec_dir: Path
| None = None, # Use existing spec directory (for UI integration)
- model: str = "claude-sonnet-4-5-20250929",
+ model: str = "sonnet", # Shorthand - resolved via API Profile if configured
thinking_level: str = "medium", # Thinking level for extended thinking
complexity_override: str | None = None, # Force a specific complexity
use_ai_assessment: bool = True, # Use AI for complexity assessment (vs heuristics)
@@ -173,10 +173,11 @@ async def _store_phase_summary(self, phase_name: str) -> None:
return
# Summarize the output
+ # Use sonnet shorthand - will resolve via API Profile if configured
summary = await summarize_phase_output(
phase_name,
phase_output,
- model="claude-sonnet-4-5-20250929", # Use Sonnet for efficiency
+ model="sonnet",
target_words=500,
)
diff --git a/apps/backend/task_logger/capture.py b/apps/backend/task_logger/capture.py
index 346011e20f..f96d893f49 100644
--- a/apps/backend/task_logger/capture.py
+++ b/apps/backend/task_logger/capture.py
@@ -88,17 +88,20 @@ def process_message(
inp = block.input
if isinstance(inp, dict):
# Extract meaningful input description
+ # Increased limits to avoid hiding critical information
if "pattern" in inp:
tool_input = f"pattern: {inp['pattern']}"
elif "file_path" in inp:
fp = inp["file_path"]
- if len(fp) > 50:
- fp = "..." + fp[-47:]
+ # Show last 200 chars for paths (enough for most file paths)
+ if len(fp) > 200:
+ fp = "..." + fp[-197:]
tool_input = fp
elif "command" in inp:
cmd = inp["command"]
- if len(cmd) > 50:
- cmd = cmd[:47] + "..."
+ # Show first 300 chars for commands (enough for most commands)
+ if len(cmd) > 300:
+ cmd = cmd[:297] + "..."
tool_input = cmd
elif "path" in inp:
tool_input = inp["path"]
diff --git a/apps/backend/task_logger/logger.py b/apps/backend/task_logger/logger.py
index 884bb90cea..954814464c 100644
--- a/apps/backend/task_logger/logger.py
+++ b/apps/backend/task_logger/logger.py
@@ -406,10 +406,10 @@ def tool_start(
"""
phase_key = (phase or self.current_phase or LogPhase.CODING).value
- # Truncate long inputs for display
+ # Truncate long inputs for display (increased limit to avoid hiding critical info)
display_input = tool_input
- if display_input and len(display_input) > 100:
- display_input = display_input[:97] + "..."
+ if display_input and len(display_input) > 300:
+ display_input = display_input[:297] + "..."
entry = LogEntry(
timestamp=self._timestamp(),
@@ -462,10 +462,10 @@ def tool_end(
"""
phase_key = (phase or self.current_phase or LogPhase.CODING).value
- # Truncate long results for display
+ # Truncate long results for display (increased limit to avoid hiding critical info)
display_result = result
- if display_result and len(display_result) > 100:
- display_result = display_result[:97] + "..."
+ if display_result and len(display_result) > 300:
+ display_result = display_result[:297] + "..."
status = "Done" if success else "Error"
content = f"[{tool_name}] {status}"
diff --git a/apps/backend/ui/boxes.py b/apps/backend/ui/boxes.py
index 317c4a913f..27921ed29f 100644
--- a/apps/backend/ui/boxes.py
+++ b/apps/backend/ui/boxes.py
@@ -95,11 +95,54 @@ def box(
for line in content:
# Strip ANSI for length calculation
visible_line = re.sub(r"\033\[[0-9;]*m", "", line)
- padding = inner_width - len(visible_line) - 2 # -2 for padding spaces
+ visible_len = len(visible_line)
+ padding = inner_width - visible_len - 2 # -2 for padding spaces
+
if padding < 0:
- # Truncate if too long
- line = line[: inner_width - 5] + "..."
- padding = 0
+ # Line is too long - need to truncate intelligently
+ # Calculate how much to remove (visible characters only)
+ chars_to_remove = abs(padding) + 3 # +3 for "..."
+ target_len = visible_len - chars_to_remove
+
+ if target_len <= 0:
+ # Line is way too long, just show "..."
+ line = "..."
+ padding = inner_width - 5 # 3 for "..." + 2 for padding
+ else:
+ # Truncate the visible text, preserving ANSI codes for what remains
+ # Split line into segments (ANSI code vs text)
+ segments = re.split(r"(\033\[[0-9;]*m)", line)
+ visible_chars = 0
+ result_segments = []
+
+ for segment in segments:
+ if re.match(r"\033\[[0-9;]*m", segment):
+ # ANSI code - include it without counting
+ result_segments.append(segment)
+ else:
+ # Text segment - count visible characters
+ remaining_space = target_len - visible_chars
+ if remaining_space <= 0:
+ break
+ if len(segment) <= remaining_space:
+ result_segments.append(segment)
+ visible_chars += len(segment)
+ else:
+ # Truncate this segment at word boundary if possible
+ truncated = segment[:remaining_space]
+ # Try to truncate at last space to avoid mid-word cuts
+ last_space = truncated.rfind(" ")
+ if (
+ last_space > remaining_space * 0.7
+ ): # Only if space is in last 30%
+ truncated = truncated[:last_space]
+ result_segments.append(truncated)
+ visible_chars += len(truncated)
+ break
+
+ line = "".join(result_segments) + "..."
+ padding = 0
+
lines.append(v + " " + line + " " * (padding + 1) + v)
# Bottom border
diff --git a/apps/backend/ui/capabilities.py b/apps/backend/ui/capabilities.py
index ac8de510d0..26390abbf5 100644
--- a/apps/backend/ui/capabilities.py
+++ b/apps/backend/ui/capabilities.py
@@ -13,6 +13,61 @@
import sys
+def enable_windows_ansi_support() -> bool:
+ """
+ Enable ANSI escape sequence support on Windows.
+
+ Windows 10 (build 10586+) supports ANSI escape sequences natively,
+ but they must be explicitly enabled via the Windows API.
+
+ Returns:
+ True if ANSI support was enabled, False otherwise
+ """
+ if sys.platform != "win32":
+ return True # Non-Windows always has ANSI support
+
+ try:
+ import ctypes
+ from ctypes import wintypes
+
+ # Windows constants
+ STD_OUTPUT_HANDLE = -11
+ STD_ERROR_HANDLE = -12
+ ENABLE_VIRTUAL_TERMINAL_PROCESSING = 0x0004
+
+ kernel32 = ctypes.windll.kernel32
+
+ # Get handles
+ for handle_id in (STD_OUTPUT_HANDLE, STD_ERROR_HANDLE):
+ handle = kernel32.GetStdHandle(handle_id)
+ if handle == -1:
+ continue
+
+ # Get current console mode
+ mode = wintypes.DWORD()
+ if not kernel32.GetConsoleMode(handle, ctypes.byref(mode)):
+ continue
+
+ # Enable ANSI support if not already enabled
+ if not (mode.value & ENABLE_VIRTUAL_TERMINAL_PROCESSING):
+ kernel32.SetConsoleMode(
+ handle, mode.value | ENABLE_VIRTUAL_TERMINAL_PROCESSING
+ )
+
+ return True
+ except (ImportError, AttributeError, OSError):
+ # Fall back to colorama if available
+ try:
+ import colorama
+
+ colorama.init()
+ return True
+ except ImportError:
+ pass
+
+ return False
+
+
def configure_safe_encoding() -> None:
"""
Configure stdout/stderr to handle Unicode safely on Windows.
@@ -54,8 +109,9 @@ def configure_safe_encoding() -> None:
pass
-# Configure safe encoding on module import
+# Configure safe encoding and ANSI support on module import
configure_safe_encoding()
+WINDOWS_ANSI_ENABLED = enable_windows_ansi_support()
def _is_fancy_ui_enabled() -> bool:
diff --git a/apps/backend/ui/icons.py b/apps/backend/ui/icons.py
index 2f27496162..a492f2c322 100644
--- a/apps/backend/ui/icons.py
+++ b/apps/backend/ui/icons.py
@@ -39,9 +39,11 @@ class Icons:
FILE = ("📄", "[F]")
GEAR = ("⚙", "[*]")
SEARCH = ("🔍", "[?]")
- BRANCH = ("", "[B]")
+ BRANCH = ("🌿", "[BR]") # [BR] to avoid collision with BLOCKED [B]
COMMIT = ("◉", "(@)")
LIGHTNING = ("⚡", "!")
+ LINK = ("🔗", "[L]") # For PR URLs
+ USER = ("👤", "[U]") # For personas
# Progress
SUBTASK = ("▣", "#")
diff --git a/apps/frontend/.env.example b/apps/frontend/.env.example
index f01b56f27a..d5d246749d 100644
--- a/apps/frontend/.env.example
+++ b/apps/frontend/.env.example
@@ -19,6 +19,34 @@
# Shows detailed information about app update checks and downloads
# DEBUG_UPDATER=true
+# ============================================
+# SENTRY ERROR REPORTING
+# ============================================
+
+# Sentry DSN for anonymous error reporting
+# If not set, error reporting is completely disabled (safe for forks)
+#
+# For official builds: Set in CI/CD secrets
+# For local testing: Uncomment and add your DSN
+#
+# SENTRY_DSN=https://your-dsn@sentry.io/project-id
+
+# Force enable Sentry in development mode (normally disabled in dev)
+# Only works when SENTRY_DSN is also set
+# SENTRY_DEV=true
+
+# Trace sample rate for performance monitoring (0.0 to 1.0)
+# Controls what percentage of transactions are sampled
+# Default: 0.1 (10%) in production, 0 in development
+# Set to 0 to disable performance monitoring entirely
+# SENTRY_TRACES_SAMPLE_RATE=0.1
+
+# Profile sample rate for profiling (0.0 to 1.0)
+# Controls what percentage of sampled transactions include profiling data
+# Default: 0.1 (10%) in production, 0 in development
+# Set to 0 to disable profiling entirely
+# SENTRY_PROFILES_SAMPLE_RATE=0.1
+
# ============================================
# HOW TO USE
# ============================================
diff --git a/apps/frontend/e2e/task-workflow.spec.ts b/apps/frontend/e2e/task-workflow.spec.ts
new file mode 100644
index 0000000000..19cebabebc
--- /dev/null
+++ b/apps/frontend/e2e/task-workflow.spec.ts
@@ -0,0 +1,341 @@
+/**
+ * End-to-End tests for full task workflow
+ * Tests: create → spec → subtasks → resume
+ *
+ * NOTE: These tests require the Electron app to be built first.
+ * Run `npm run build` before running E2E tests.
+ *
+ * To run: npx playwright test task-workflow --config=e2e/playwright.config.ts
+ */
+import { test, expect } from '@playwright/test';
+import { mkdirSync, mkdtempSync, rmSync, existsSync, writeFileSync, readFileSync } from 'fs';
+import { tmpdir } from 'os';
+import path from 'path';
+
+// Test data directory - created securely with mkdtempSync to prevent TOCTOU attacks
+let TEST_DATA_DIR: string;
+let TEST_PROJECT_DIR: string;
+let SPECS_DIR: string;
+
+// Setup test environment with secure temp directory
+function setupTestEnvironment(): void {
+ // Create secure temp directory with random suffix
+ TEST_DATA_DIR = mkdtempSync(path.join(tmpdir(), 'auto-claude-task-workflow-e2e-'));
+ TEST_PROJECT_DIR = path.join(TEST_DATA_DIR, 'test-project');
+ SPECS_DIR = path.join(TEST_PROJECT_DIR, '.auto-claude', 'specs');
+ mkdirSync(TEST_PROJECT_DIR, { recursive: true });
+ mkdirSync(SPECS_DIR, { recursive: true });
+}
+
+// Cleanup test environment
+function cleanupTestEnvironment(): void {
+ if (existsSync(TEST_DATA_DIR)) {
+ rmSync(TEST_DATA_DIR, { recursive: true, force: true });
+ }
+}
+
+// Helper to create a task spec with subtasks
+function createTaskWithSubtasks(
+ specId: string,
+ subtaskStatuses: Array<'pending' | 'in_progress' | 'completed'>
+): void {
+ const specDir = path.join(SPECS_DIR, specId);
+ mkdirSync(specDir, { recursive: true });
+
+ // Create spec.md
+ writeFileSync(
+ path.join(specDir, 'spec.md'),
+ `# ${specId}\n\n## Overview\n\nTest task for workflow validation.\n\n## Acceptance Criteria\n\n- [ ] All subtasks completed\n- [ ] Tests pass\n`
+ );
+
+ // Create requirements.json
+ writeFileSync(
+ path.join(specDir, 'requirements.json'),
+ JSON.stringify(
+ {
+ task_description: `Test task ${specId}`,
+ user_requirements: ['Requirement 1', 'Requirement 2'],
+ acceptance_criteria: ['All subtasks completed', 'Tests pass'],
+ context: []
+ },
+ null,
+ 2
+ )
+ );
+
+ // Create implementation_plan.json with subtasks
+ const subtasks = subtaskStatuses.map((status, index) => ({
+ id: `subtask-${index + 1}`,
+ phase: 'Implementation',
+ service: 'backend',
+ description: `Subtask ${index + 1}: Implement feature part ${index + 1}`,
+ files_to_modify: [`src/file${index + 1}.py`],
+ files_to_create: [],
+ pattern_files: [],
+ verification_command: 'pytest tests/',
+ status: status,
+ notes: status === 'completed' ? 'Completed successfully' : ''
+ }));
+
+ writeFileSync(
+ path.join(specDir, 'implementation_plan.json'),
+ JSON.stringify(
+ {
+ feature: `Test Feature ${specId}`,
+ workflow_type: 'feature',
+ services_involved: ['backend'],
+ subtasks: subtasks,
+ final_acceptance: ['All subtasks completed', 'Tests pass'],
+ created_at: new Date().toISOString(),
+ updated_at: new Date().toISOString(),
+ spec_file: 'spec.md'
+ },
+ null,
+ 2
+ )
+ );
+
+ // Create build-progress.txt
+ writeFileSync(
+ path.join(specDir, 'build-progress.txt'),
+ `Task Progress: ${specId}\n\nSubtasks: ${subtasks.length}\nCompleted: ${subtasks.filter(s => s.status === 'completed').length}\n`
+ );
+}
+
+// Helper to simulate task resumption
+function simulateTaskResume(specId: string): void {
+ const planPath = path.join(SPECS_DIR, specId, 'implementation_plan.json');
+ const plan = JSON.parse(readFileSync(planPath, 'utf-8'));
+
+ // Find first pending subtask and mark as in_progress
+ const pendingSubtask = plan.subtasks.find((st: { status: string }) => st.status === 'pending');
+ if (pendingSubtask) {
+ pendingSubtask.status = 'in_progress';
+ pendingSubtask.notes = 'Resumed from checkpoint';
+ }
+
+ plan.updated_at = new Date().toISOString();
+ writeFileSync(planPath, JSON.stringify(plan, null, 2));
+}
+
+test.describe('Task Workflow E2E Tests', () => {
+ test.beforeAll(() => {
+ setupTestEnvironment();
+ });
+
+ test.afterAll(() => {
+ cleanupTestEnvironment();
+ });
+
+ test('should create task directory structure', () => {
+ const specId = '001-test-task';
+ const specDir = path.join(SPECS_DIR, specId);
+ mkdirSync(specDir, { recursive: true });
+
+ // Verify directory created
+ expect(existsSync(specDir)).toBe(true);
+ });
+
+ test('should generate spec.md file', () => {
+ const specId = '002-task-with-spec';
+ const specDir = path.join(SPECS_DIR, specId);
+ mkdirSync(specDir, { recursive: true });
+
+ // Write spec
+ const specContent = '# Test Task\n\n## Overview\n\nThis is a test task.\n';
+ writeFileSync(path.join(specDir, 'spec.md'), specContent);
+
+ // Verify spec file
+ expect(existsSync(path.join(specDir, 'spec.md'))).toBe(true);
+ const content = readFileSync(path.join(specDir, 'spec.md'), 'utf-8');
+ expect(content).toContain('Test Task');
+ });
+
+ test('should create implementation plan with subtasks', () => {
+ const specId = '003-task-with-subtasks';
+ createTaskWithSubtasks(specId, ['pending', 'pending', 'pending']);
+
+ const planPath = path.join(SPECS_DIR, specId, 'implementation_plan.json');
+ expect(existsSync(planPath)).toBe(true);
+
+ const plan = JSON.parse(readFileSync(planPath, 'utf-8'));
+ expect(plan.subtasks).toBeDefined();
+ expect(plan.subtasks.length).toBe(3);
+ expect(plan.subtasks[0].status).toBe('pending');
+ });
+
+ test('should track subtask progress', () => {
+ const specId = '004-task-in-progress';
+ createTaskWithSubtasks(specId, ['completed', 'in_progress', 'pending']);
+
+ const planPath = path.join(SPECS_DIR, specId, 'implementation_plan.json');
+ const plan = JSON.parse(readFileSync(planPath, 'utf-8'));
+
+ expect(plan.subtasks[0].status).toBe('completed');
+ expect(plan.subtasks[1].status).toBe('in_progress');
+ expect(plan.subtasks[2].status).toBe('pending');
+ });
+
+ test('should resume task from checkpoint', () => {
+ const specId = '005-task-resume';
+ createTaskWithSubtasks(specId, ['completed', 'pending', 'pending']);
+
+ // Verify initial state
+ let plan = JSON.parse(readFileSync(path.join(SPECS_DIR, specId, 'implementation_plan.json'), 'utf-8'));
+ expect(plan.subtasks[1].status).toBe('pending');
+
+ // Simulate resume
+ simulateTaskResume(specId);
+
+ // Verify resumed state
+ plan = JSON.parse(readFileSync(path.join(SPECS_DIR, specId, 'implementation_plan.json'), 'utf-8'));
+ expect(plan.subtasks[1].status).toBe('in_progress');
+ expect(plan.subtasks[1].notes).toContain('Resumed from checkpoint');
+ });
+
+ test('should complete all subtasks in sequence', () => {
+ const specId = '006-task-completion';
+ createTaskWithSubtasks(specId, ['completed', 'completed', 'completed']);
+
+ const plan = JSON.parse(readFileSync(path.join(SPECS_DIR, specId, 'implementation_plan.json'), 'utf-8'));
+ const allCompleted = plan.subtasks.every((st: { status: string }) => st.status === 'completed');
+
+ expect(allCompleted).toBe(true);
+ });
+
+ test('should maintain build progress log', () => {
+ const specId = '007-task-with-progress';
+ createTaskWithSubtasks(specId, ['completed', 'in_progress', 'pending']);
+
+ const progressPath = path.join(SPECS_DIR, specId, 'build-progress.txt');
+ expect(existsSync(progressPath)).toBe(true);
+
+ const progressContent = readFileSync(progressPath, 'utf-8');
+ expect(progressContent).toContain('Task Progress');
+ expect(progressContent).toContain('Subtasks: 3');
+ });
+});
+
+test.describe('Full Task Workflow Integration', () => {
+ test.beforeAll(() => {
+ setupTestEnvironment();
+ });
+
+ test.afterAll(() => {
+ cleanupTestEnvironment();
+ });
+
+ test('should complete full workflow: create → spec → subtasks → resume → complete', () => {
+ const specId = '100-full-workflow';
+
+ // Step 1: Create task
+ const specDir = path.join(SPECS_DIR, specId);
+ mkdirSync(specDir, { recursive: true });
+ expect(existsSync(specDir)).toBe(true);
+
+ // Step 2: Generate spec
+ writeFileSync(
+ path.join(specDir, 'spec.md'),
+ '# Full Workflow Test\n\n## Overview\n\nComplete workflow test.\n'
+ );
+ expect(existsSync(path.join(specDir, 'spec.md'))).toBe(true);
+
+ // Step 3: Create subtasks
+ createTaskWithSubtasks(specId, ['pending', 'pending', 'pending']);
+ let plan = JSON.parse(readFileSync(path.join(specDir, 'implementation_plan.json'), 'utf-8'));
+ expect(plan.subtasks.length).toBe(3);
+
+ // Step 4: Start first subtask
+ plan.subtasks[0].status = 'in_progress';
+ writeFileSync(path.join(specDir, 'implementation_plan.json'), JSON.stringify(plan, null, 2));
+
+ plan = JSON.parse(readFileSync(path.join(specDir, 'implementation_plan.json'), 'utf-8'));
+ expect(plan.subtasks[0].status).toBe('in_progress');
+
+ // Step 5: Complete first subtask
+ plan.subtasks[0].status = 'completed';
+ plan.subtasks[0].notes = 'First subtask completed';
+ writeFileSync(path.join(specDir, 'implementation_plan.json'), JSON.stringify(plan, null, 2));
+
+ // Step 6: Resume with second subtask
+ simulateTaskResume(specId);
+ plan = JSON.parse(readFileSync(path.join(specDir, 'implementation_plan.json'), 'utf-8'));
+ expect(plan.subtasks[1].status).toBe('in_progress');
+
+ // Step 7: Complete remaining subtasks
+ plan.subtasks[1].status = 'completed';
+ plan.subtasks[2].status = 'completed';
+ writeFileSync(path.join(specDir, 'implementation_plan.json'), JSON.stringify(plan, null, 2));
+
+ // Step 8: Verify all completed
+ plan = JSON.parse(readFileSync(path.join(specDir, 'implementation_plan.json'), 'utf-8'));
+ const allCompleted = plan.subtasks.every((st: { status: string }) => st.status === 'completed');
+ expect(allCompleted).toBe(true);
+
+ // Step 9: Verify final state
+ expect(plan.subtasks[0].notes).toContain('First subtask completed');
+ expect(plan.subtasks[1].notes).toContain('Resumed from checkpoint');
+ });
+
+ test('should handle workflow interruption and recovery', () => {
+ const specId = '101-workflow-recovery';
+
+ // Create task with partial progress
+ createTaskWithSubtasks(specId, ['completed', 'in_progress', 'pending']);
+
+ // Simulate interruption (task status is saved)
+ const planPath = path.join(SPECS_DIR, specId, 'implementation_plan.json');
+ let plan = JSON.parse(readFileSync(planPath, 'utf-8'));
+ expect(plan.subtasks[1].status).toBe('in_progress');
+
+ // Simulate recovery: complete interrupted subtask
+ plan.subtasks[1].status = 'completed';
+ plan.subtasks[1].notes = 'Recovered and completed';
+ writeFileSync(planPath, JSON.stringify(plan, null, 2));
+
+ // Resume with next subtask
+ simulateTaskResume(specId);
+ plan = JSON.parse(readFileSync(planPath, 'utf-8'));
+
+ // Verify recovery successful
+ expect(plan.subtasks[1].status).toBe('completed');
+ expect(plan.subtasks[2].status).toBe('in_progress');
+ });
+
+ test('should validate workflow data integrity', () => {
+ const specId = '102-data-integrity';
+ createTaskWithSubtasks(specId, ['pending', 'pending', 'pending']);
+
+ const specDir = path.join(SPECS_DIR, specId);
+
+ // Verify all required files exist
+ expect(existsSync(path.join(specDir, 'spec.md'))).toBe(true);
+ expect(existsSync(path.join(specDir, 'requirements.json'))).toBe(true);
+ expect(existsSync(path.join(specDir, 'implementation_plan.json'))).toBe(true);
+ expect(existsSync(path.join(specDir, 'build-progress.txt'))).toBe(true);
+
+ // Verify data structure integrity
+ const requirements = JSON.parse(readFileSync(path.join(specDir, 'requirements.json'), 'utf-8'));
+ expect(requirements.task_description).toBeDefined();
+ expect(requirements.acceptance_criteria).toBeDefined();
+
+ const plan = JSON.parse(readFileSync(path.join(specDir, 'implementation_plan.json'), 'utf-8'));
+ expect(plan.feature).toBeDefined();
+ expect(plan.subtasks).toBeDefined();
+ expect(plan.created_at).toBeDefined();
+ expect(plan.updated_at).toBeDefined();
+
+ // Verify subtask structure
+ plan.subtasks.forEach((subtask: {
+ id: string;
+ description: string;
+ status: string;
+ verification_command: string;
+ }) => {
+ expect(subtask.id).toBeDefined();
+ expect(subtask.description).toBeDefined();
+ expect(subtask.status).toMatch(/^(pending|in_progress|completed)$/);
+ expect(subtask.verification_command).toBeDefined();
+ });
+ });
+});
diff --git a/apps/frontend/e2e/terminal-copy-paste.e2e.ts b/apps/frontend/e2e/terminal-copy-paste.e2e.ts
new file mode 100644
index 0000000000..8902600ee1
--- /dev/null
+++ b/apps/frontend/e2e/terminal-copy-paste.e2e.ts
@@ -0,0 +1,335 @@
+/**
+ * End-to-End tests for terminal copy/paste functionality
+ * Tests copy/paste keyboard shortcuts in the Electron app
+ *
+ * These tests require the Electron app to be built first.
+ * Run `npm run build` before running E2E tests.
+ *
+ * To run: npx playwright test terminal-copy-paste.e2e.ts --config=e2e/playwright.config.ts
+ */
+import { test, expect, _electron as electron, ElectronApplication, Page } from '@playwright/test';
+import { mkdirSync, rmSync, existsSync } from 'fs';
+import path from 'path';
+import * as os from 'os';
+
+// Global Navigator declaration for clipboard
+declare global {
+ interface Navigator {
+ clipboard: {
+ readText(): Promise;
+ writeText(text: string): Promise;
+ };
+ }
+}
+
+// Test data directory
+const TEST_DATA_DIR = path.join(os.tmpdir(), 'auto-claude-terminal-e2e');
+
+// Determine platform for platform-specific tests
+const platform = process.platform;
+const isMac = platform === 'darwin';
+const isWindows = platform === 'win32';
+const isLinux = platform === 'linux';
+
+// Setup test environment
+function setupTestEnvironment(): void {
+ if (existsSync(TEST_DATA_DIR)) {
+ rmSync(TEST_DATA_DIR, { recursive: true, force: true });
+ }
+ mkdirSync(TEST_DATA_DIR, { recursive: true });
+}
+
+// Cleanup test environment
+function cleanupTestEnvironment(): void {
+ if (existsSync(TEST_DATA_DIR)) {
+ rmSync(TEST_DATA_DIR, { recursive: true, force: true });
+ }
+}
+
+// Helper to get platform-specific copy shortcut
+function getCopyShortcutKey(): string {
+ return isMac ? 'Meta' : 'Control';
+}
+
+// Helper to check if test should run on current platform
+function shouldRunForPlatform(testPlatform: 'all' | 'windows' | 'linux' | 'mac'): boolean {
+ if (testPlatform === 'all') return true;
+ if (testPlatform === 'windows') return isWindows;
+ if (testPlatform === 'linux') return isLinux;
+ if (testPlatform === 'mac') return isMac;
+ return false;
+}
+
+test.describe('Terminal Copy/Paste Flows', () => {
+ let app: ElectronApplication;
+ let window: Page;
+ let isAppReady = false;
+
+ test.beforeAll(async () => {
+ setupTestEnvironment();
+ });
+
+ test.afterAll(async () => {
+ cleanupTestEnvironment();
+ });
+
+ test.beforeEach(async () => {
+ // Launch Electron app
+ const appPath = path.join(__dirname, '..');
+ app = await electron.launch({ args: [appPath] });
+
+ window = await app.firstWindow({
+ timeout: 15000
+ });
+
+ // Wait for app to be ready
+ try {
+ await window.waitForSelector('body', { timeout: 10000 });
+ isAppReady = true;
+ } catch (error) {
+ console.error('App failed to load:', error);
+ isAppReady = false;
+ }
+ });
+
+ test.afterEach(async () => {
+ if (app) {
+ await app.close();
+ }
+ });
+
+ test.describe.configure({ mode: 'serial' });
+
+ test('should copy selected text to clipboard', async () => {
+ test.skip(!isAppReady, 'App not ready');
+ test.skip(!shouldRunForPlatform('all'), 'Test not applicable to this platform');
+
+ // Look for terminal element - skip if not found
+ const terminalSelector = '.xterm';
+ const terminalExists = await window.locator(terminalSelector).count() > 0;
+ test.skip(!terminalExists, 'Terminal element not found');
+
+ // Run a command to produce output
+ const terminal = window.locator(terminalSelector).first();
+ await terminal.click();
+
+ // Type echo command and press enter
+ await window.keyboard.type('echo "test output for copy"');
+ await window.keyboard.press('Enter');
+
+ // Wait for output to appear in terminal
+ await expect(terminal).toContainText('test output for copy', { timeout: 5000 });
+
+ // Select text (triple click to select line)
+ await terminal.click({ clickCount: 3 });
+
+ // Wait for selection to be active
+ await window.waitForTimeout(100);
+
+ // Press copy shortcut (Cmd+C on Mac, Ctrl+C on Windows/Linux)
+ const copyKey = getCopyShortcutKey();
+ await window.keyboard.press(`${copyKey}+c`);
+
+ // Wait briefly for clipboard operation
+ await window.waitForTimeout(100);
+
+ // Verify clipboard contains selected text
+ const clipboardText = await window.evaluate(async () => {
+ return await navigator.clipboard.readText();
+ });
+
+ expect(clipboardText).toContain('test output for copy');
+ });
+
+ test('should send interrupt signal when no text selected', async () => {
+ test.skip(!isAppReady, 'App not ready');
+ test.skip(!shouldRunForPlatform('all'), 'Test not applicable to this platform');
+
+ const terminalSelector = '.xterm';
+ const terminalExists = await window.locator(terminalSelector).count() > 0;
+ test.skip(!terminalExists, 'Terminal element not found');
+
+ const terminal = window.locator(terminalSelector).first();
+ await terminal.click();
+
+ // Start a long-running process (sleep on Linux/Mac, timeout on Windows)
+ const sleepCommand = isWindows ? 'timeout 10' : 'sleep 10';
+ await window.keyboard.type(sleepCommand);
+ await window.keyboard.press('Enter');
+
+ // Wait for process to start
+ await window.waitForTimeout(500);
+
+ // Press Ctrl+C without selection (should send interrupt)
+ await window.keyboard.press('Control+c');
+
+ // Wait for interrupt to be processed - look for ^C or new prompt
+ await expect(terminal).toContainText(/\^C|[$#>]/, { timeout: 3000 });
+ });
+
+ test('should paste clipboard text into terminal', async () => {
+ test.skip(!isAppReady, 'App not ready');
+ test.skip(!shouldRunForPlatform('all'), 'Test not applicable to this platform');
+
+ const terminalSelector = '.xterm';
+ const terminalExists = await window.locator(terminalSelector).count() > 0;
+ test.skip(!terminalExists, 'Terminal element not found');
+
+ // Set clipboard content
+ const testText = 'hello world from clipboard';
+ await window.evaluate(async (text) => {
+ await navigator.clipboard.writeText(text);
+ }, testText);
+
+ const terminal = window.locator(terminalSelector).first();
+ await terminal.click();
+
+ // Press paste shortcut
+ const pasteKey = isMac ? 'Meta' : 'Control';
+ await window.keyboard.press(`${pasteKey}+v`);
+
+ // Wait briefly for paste to complete
+ await window.waitForTimeout(100);
+
+ // Press Enter to execute the pasted command
+ await window.keyboard.press('Enter');
+
+ // Verify text was pasted (terminal should show the pasted text or output)
+ await expect(terminal).toContainText(testText, { timeout: 5000 });
+ });
+
+ test('should handle Linux CTRL+SHIFT+C copy shortcut', async () => {
+ test.skip(!isAppReady, 'App not ready');
+ test.skip(!shouldRunForPlatform('linux'), 'Linux-specific test');
+
+ const terminalSelector = '.xterm';
+ const terminalExists = await window.locator(terminalSelector).count() > 0;
+ test.skip(!terminalExists, 'Terminal element not found');
+
+ const terminal = window.locator(terminalSelector).first();
+ await terminal.click();
+
+ // Type command to generate output
+ await window.keyboard.type('echo "linux copy test"');
+ await window.keyboard.press('Enter');
+
+ // Wait for output
+ await expect(terminal).toContainText('linux copy test', { timeout: 5000 });
+
+ // Select text
+ await terminal.click({ clickCount: 3 });
+ await window.waitForTimeout(100);
+
+ // Press CTRL+SHIFT+C (Linux copy shortcut)
+ await window.keyboard.down('Control');
+ await window.keyboard.down('Shift');
+ await window.keyboard.press('c');
+ await window.keyboard.up('Shift');
+ await window.keyboard.up('Control');
+
+ // Wait briefly for clipboard operation
+ await window.waitForTimeout(100);
+
+ // Verify clipboard contains selected text
+ const clipboardText = await window.evaluate(async () => {
+ return await navigator.clipboard.readText();
+ });
+
+ expect(clipboardText).toContain('linux copy test');
+ });
+
+ test('should handle Linux CTRL+SHIFT+V paste shortcut', async () => {
+ test.skip(!isAppReady, 'App not ready');
+ test.skip(!shouldRunForPlatform('linux'), 'Linux-specific test');
+
+ const terminalSelector = '.xterm';
+ const terminalExists = await window.locator(terminalSelector).count() > 0;
+ test.skip(!terminalExists, 'Terminal element not found');
+
+ // Set clipboard content
+ const testText = 'pasted via ctrl+shift+v';
+ await window.evaluate(async (text) => {
+ await navigator.clipboard.writeText(text);
+ }, testText);
+
+ const terminal = window.locator(terminalSelector).first();
+ await terminal.click();
+
+ // Press CTRL+SHIFT+V (Linux paste shortcut)
+ await window.keyboard.down('Control');
+ await window.keyboard.down('Shift');
+ await window.keyboard.press('v');
+ await window.keyboard.up('Shift');
+ await window.keyboard.up('Control');
+
+ // Wait briefly for paste to complete
+ await window.waitForTimeout(100);
+
+ // Press Enter to execute
+ await window.keyboard.press('Enter');
+
+ // Verify text was pasted
+ await expect(terminal).toContainText(testText, { timeout: 5000 });
+ });
+
+ test('should verify existing shortcuts still work', async () => {
+ test.skip(!isAppReady, 'App not ready');
+ test.skip(!shouldRunForPlatform('all'), 'Test not applicable to this platform');
+
+ const terminalSelector = '.xterm';
+ const terminalExists = await window.locator(terminalSelector).count() > 0;
+ test.skip(!terminalExists, 'Terminal element not found');
+
+ const terminal = window.locator(terminalSelector).first();
+ await terminal.click();
+
+ // Test SHIFT+Enter (multi-line input)
+ await window.keyboard.type('echo "line 1"');
+ await window.keyboard.down('Shift');
+ await window.keyboard.press('Enter');
+ await window.keyboard.up('Shift');
+ await window.keyboard.type('echo "line 2"');
+ await window.keyboard.press('Enter');
+
+ // Verify multi-line input worked (both commands should execute)
+ await expect(terminal).toContainText('line 1', { timeout: 5000 });
+ await expect(terminal).toContainText('line 2', { timeout: 5000 });
+ });
+
+ test('should handle clipboard errors gracefully', async () => {
+ test.skip(!isAppReady, 'App not ready');
+ test.skip(!shouldRunForPlatform('all'), 'Test not applicable to this platform');
+
+ const terminalSelector = '.xterm';
+ const terminalExists = await window.locator(terminalSelector).count() > 0;
+ test.skip(!terminalExists, 'Terminal element not found');
+
+ // Mock clipboard permission denial by clearing clipboard
+ await window.evaluate(async () => {
+ // Try to read clipboard (may fail if permission denied)
+ try {
+ await navigator.clipboard.readText();
+ } catch (_error) {
+ // Expected - clipboard may not be accessible in test environment
+ console.warn('Clipboard not accessible (expected in some environments)');
+ }
+ });
+
+ const terminal = window.locator(terminalSelector).first();
+ await terminal.click();
+
+ // Try to paste even if clipboard is not accessible
+ const pasteKey = isMac ? 'Meta' : 'Control';
+ await window.keyboard.press(`${pasteKey}+v`);
+
+ // Wait briefly to ensure terminal remains stable
+ await window.waitForTimeout(100);
+
+ // Try typing to verify terminal still works
+ await window.keyboard.type('echo "terminal still works"');
+ await window.keyboard.press('Enter');
+
+ // Verify terminal still functions after clipboard error
+ await expect(terminal).toContainText('terminal still works', { timeout: 5000 });
+ });
+});
diff --git a/apps/frontend/package-lock.json b/apps/frontend/package-lock.json
index 9abc6c3090..e81abc2d9b 100644
--- a/apps/frontend/package-lock.json
+++ b/apps/frontend/package-lock.json
@@ -32,38 +32,38 @@
"@radix-ui/react-tooltip": "^1.2.8",
"@tailwindcss/typography": "^0.5.19",
"@tanstack/react-virtual": "^3.13.13",
- "@xterm/addon-fit": "^0.11.0",
- "@xterm/addon-serialize": "^0.14.0",
- "@xterm/addon-web-links": "^0.12.0",
- "@xterm/addon-webgl": "^0.19.0",
- "@xterm/xterm": "^6.0.0",
+ "@xterm/addon-fit": "^0.10.0",
+ "@xterm/addon-serialize": "^0.13.0",
+ "@xterm/addon-web-links": "^0.11.0",
+ "@xterm/addon-webgl": "^0.18.0",
+ "@xterm/xterm": "^5.5.0",
"chokidar": "^5.0.0",
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
"electron-log": "^5.4.3",
"electron-updater": "^6.6.2",
"i18next": "^25.7.3",
- "lucide-react": "^0.562.0",
+ "lucide-react": "^0.560.0",
"motion": "^12.23.26",
"react": "^19.2.3",
"react-dom": "^19.2.3",
"react-i18next": "^16.5.0",
"react-markdown": "^10.1.0",
- "react-resizable-panels": "^4.2.0",
+ "react-resizable-panels": "^3.0.6",
"remark-gfm": "^4.0.1",
"semver": "^7.7.3",
"tailwind-merge": "^3.4.0",
"uuid": "^13.0.0",
- "zod": "^4.2.1",
"zustand": "^5.0.9"
},
"devDependencies": {
"@electron-toolkit/preload": "^3.0.2",
"@electron-toolkit/utils": "^4.0.0",
- "@electron/rebuild": "^4.0.2",
+ "@electron/rebuild": "^3.7.1",
"@eslint/js": "^9.39.1",
"@playwright/test": "^1.52.0",
"@tailwindcss/postcss": "^4.1.17",
+ "@testing-library/jest-dom": "^6.9.1",
"@testing-library/react": "^16.1.0",
"@types/node": "^25.0.0",
"@types/react": "^19.2.7",
@@ -72,33 +72,32 @@
"@types/uuid": "^10.0.0",
"@vitejs/plugin-react": "^5.1.2",
"autoprefixer": "^10.4.22",
- "cross-env": "^10.1.0",
"electron": "^39.2.7",
"electron-builder": "^26.0.12",
"electron-vite": "^5.0.0",
"eslint": "^9.39.1",
"eslint-plugin-react": "^7.37.5",
"eslint-plugin-react-hooks": "^7.0.1",
- "globals": "^17.0.0",
+ "globals": "^16.5.0",
"husky": "^9.1.7",
- "jsdom": "^27.3.0",
+ "jsdom": "^26.0.0",
"lint-staged": "^16.2.7",
"postcss": "^8.5.6",
"tailwindcss": "^4.1.17",
"typescript": "^5.9.3",
- "typescript-eslint": "^8.50.1",
+ "typescript-eslint": "^8.49.0",
"vite": "^7.2.7",
- "vitest": "^4.0.16"
+ "vitest": "^4.0.15"
},
"engines": {
"node": ">=24.0.0",
"npm": ">=10.0.0"
}
},
- "node_modules/@acemir/cssom": {
- "version": "0.9.30",
- "resolved": "https://registry.npmjs.org/@acemir/cssom/-/cssom-0.9.30.tgz",
- "integrity": "sha512-9CnlMCI0LmCIq0olalQqdWrJHPzm0/tw3gzOA9zJSgvFX7Xau3D24mAGa4BtwxwY69nsuJW6kQqqCzf/mEcQgg==",
+ "node_modules/@adobe/css-tools": {
+ "version": "4.4.4",
+ "resolved": "https://registry.npmjs.org/@adobe/css-tools/-/css-tools-4.4.4.tgz",
+ "integrity": "sha512-Elp+iwUx5rN5+Y8xLt5/GRoG20WGoDCQ/1Fb+1LiGtvwbDavuSk0jhD/eZdckHAuzcDzccnkv+rEjyWfRx18gg==",
"dev": true,
"license": "MIT"
},
@@ -116,59 +115,25 @@
}
},
"node_modules/@asamuzakjp/css-color": {
- "version": "4.1.1",
- "resolved": "https://registry.npmjs.org/@asamuzakjp/css-color/-/css-color-4.1.1.tgz",
- "integrity": "sha512-B0Hv6G3gWGMn0xKJ0txEi/jM5iFpT3MfDxmhZFb4W047GvytCf1DHQ1D69W3zHI4yWe2aTZAA0JnbMZ7Xc8DuQ==",
+ "version": "3.2.0",
+ "resolved": "https://registry.npmjs.org/@asamuzakjp/css-color/-/css-color-3.2.0.tgz",
+ "integrity": "sha512-K1A6z8tS3XsmCMM86xoWdn7Fkdn9m6RSVtocUrJYIwZnFVkng/PvkEoWtOWmP+Scc6saYWHWZYbndEEXxl24jw==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@csstools/css-calc": "^2.1.4",
- "@csstools/css-color-parser": "^3.1.0",
- "@csstools/css-parser-algorithms": "^3.0.5",
- "@csstools/css-tokenizer": "^3.0.4",
- "lru-cache": "^11.2.4"
+ "@csstools/css-calc": "^2.1.3",
+ "@csstools/css-color-parser": "^3.0.9",
+ "@csstools/css-parser-algorithms": "^3.0.4",
+ "@csstools/css-tokenizer": "^3.0.3",
+ "lru-cache": "^10.4.3"
}
},
"node_modules/@asamuzakjp/css-color/node_modules/lru-cache": {
- "version": "11.2.4",
- "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.2.4.tgz",
- "integrity": "sha512-B5Y16Jr9LB9dHVkh6ZevG+vAbOsNOYCX+sXvFWFu7B3Iz5mijW3zdbMyhsh8ANd2mSWBYdJgnqi+mL7/LrOPYg==",
- "dev": true,
- "license": "BlueOak-1.0.0",
- "engines": {
- "node": "20 || >=22"
- }
- },
- "node_modules/@asamuzakjp/dom-selector": {
- "version": "6.7.6",
- "resolved": "https://registry.npmjs.org/@asamuzakjp/dom-selector/-/dom-selector-6.7.6.tgz",
- "integrity": "sha512-hBaJER6A9MpdG3WgdlOolHmbOYvSk46y7IQN/1+iqiCuUu6iWdQrs9DGKF8ocqsEqWujWf/V7b7vaDgiUmIvUg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "@asamuzakjp/nwsapi": "^2.3.9",
- "bidi-js": "^1.0.3",
- "css-tree": "^3.1.0",
- "is-potential-custom-element-name": "^1.0.1",
- "lru-cache": "^11.2.4"
- }
- },
- "node_modules/@asamuzakjp/dom-selector/node_modules/lru-cache": {
- "version": "11.2.4",
- "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.2.4.tgz",
- "integrity": "sha512-B5Y16Jr9LB9dHVkh6ZevG+vAbOsNOYCX+sXvFWFu7B3Iz5mijW3zdbMyhsh8ANd2mSWBYdJgnqi+mL7/LrOPYg==",
- "dev": true,
- "license": "BlueOak-1.0.0",
- "engines": {
- "node": "20 || >=22"
- }
- },
- "node_modules/@asamuzakjp/nwsapi": {
- "version": "2.3.9",
- "resolved": "https://registry.npmjs.org/@asamuzakjp/nwsapi/-/nwsapi-2.3.9.tgz",
- "integrity": "sha512-n8GuYSrI9bF7FFZ/SjhwevlHc8xaVlb/7HmHelnc/PZXBD2ZR49NnN9sMMuDdEGPeeRQ5d0hqlSlEpgCX3Wl0Q==",
+ "version": "10.4.3",
+ "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
+ "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==",
"dev": true,
- "license": "MIT"
+ "license": "ISC"
},
"node_modules/@babel/code-frame": {
"version": "7.27.1",
@@ -592,26 +557,6 @@
"@csstools/css-tokenizer": "^3.0.4"
}
},
- "node_modules/@csstools/css-syntax-patches-for-csstree": {
- "version": "1.0.22",
- "resolved": "https://registry.npmjs.org/@csstools/css-syntax-patches-for-csstree/-/css-syntax-patches-for-csstree-1.0.22.tgz",
- "integrity": "sha512-qBcx6zYlhleiFfdtzkRgwNC7VVoAwfK76Vmsw5t+PbvtdknO9StgRk7ROvq9so1iqbdW4uLIDAsXRsTfUrIoOw==",
- "dev": true,
- "funding": [
- {
- "type": "github",
- "url": "https://github.com/sponsors/csstools"
- },
- {
- "type": "opencollective",
- "url": "https://opencollective.com/csstools"
- }
- ],
- "license": "MIT-0",
- "engines": {
- "node": ">=18"
- }
- },
"node_modules/@csstools/css-tokenizer": {
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/@csstools/css-tokenizer/-/css-tokenizer-3.0.4.tgz",
@@ -741,6 +686,28 @@
"node": ">=10.12.0"
}
},
+ "node_modules/@electron/asar/node_modules/glob": {
+ "version": "7.2.3",
+ "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
+ "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
+ "deprecated": "Glob versions prior to v9 are no longer supported",
+ "dev": true,
+ "license": "ISC",
+ "dependencies": {
+ "fs.realpath": "^1.0.0",
+ "inflight": "^1.0.4",
+ "inherits": "2",
+ "minimatch": "^3.1.1",
+ "once": "^1.3.0",
+ "path-is-absolute": "^1.0.0"
+ },
+ "engines": {
+ "node": "*"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/isaacs"
+ }
+ },
"node_modules/@electron/asar/node_modules/minimatch": {
"version": "3.1.2",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
@@ -785,29 +752,6 @@
"node": ">=10"
}
},
- "node_modules/@electron/fuses/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/@electron/fuses/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
- }
- },
"node_modules/@electron/get": {
"version": "2.0.3",
"resolved": "https://registry.npmjs.org/@electron/get/-/get-2.0.3.tgz",
@@ -830,6 +774,31 @@
"global-agent": "^3.0.0"
}
},
+ "node_modules/@electron/get/node_modules/fs-extra": {
+ "version": "8.1.0",
+ "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz",
+ "integrity": "sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "graceful-fs": "^4.2.0",
+ "jsonfile": "^4.0.0",
+ "universalify": "^0.1.0"
+ },
+ "engines": {
+ "node": ">=6 <7 || >=8"
+ }
+ },
+ "node_modules/@electron/get/node_modules/jsonfile": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz",
+ "integrity": "sha512-m6F1R3z8jjlf2imQHS2Qez5sjKWQzbuuhuJ/FKYFRZvPE3PuHcSMVZzfsLhGVOkfd20obL5SWEBew5ShlquNxg==",
+ "dev": true,
+ "license": "MIT",
+ "optionalDependencies": {
+ "graceful-fs": "^4.1.6"
+ }
+ },
"node_modules/@electron/get/node_modules/semver": {
"version": "6.3.1",
"resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
@@ -840,6 +809,16 @@
"semver": "bin/semver.js"
}
},
+ "node_modules/@electron/get/node_modules/universalify": {
+ "version": "0.1.2",
+ "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz",
+ "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==",
+ "dev": true,
+ "license": "MIT",
+ "engines": {
+ "node": ">= 4.0.0"
+ }
+ },
"node_modules/@electron/node-gyp": {
"version": "10.2.0-electron.1",
"resolved": "git+ssh://git@github.com/electron/node-gyp.git#06b29aafb7708acef8b3669835c8a7857ebc92d2",
@@ -865,581 +844,99 @@
"node": ">=12.13.0"
}
},
- "node_modules/@electron/node-gyp/node_modules/@npmcli/fs": {
- "version": "2.1.2",
- "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-2.1.2.tgz",
- "integrity": "sha512-yOJKRvohFOaLqipNtwYB9WugyZKhC/DZC4VYPmpaCzDBrA8YpK3qHZ8/HGscMnE4GqbkLNuVcCnxkeQEdGt6LQ==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "@gar/promisify": "^1.1.3",
- "semver": "^7.3.5"
- },
- "engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/abbrev": {
- "version": "1.1.1",
- "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz",
- "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==",
- "dev": true,
- "license": "ISC"
- },
- "node_modules/@electron/node-gyp/node_modules/agent-base": {
- "version": "6.0.2",
- "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz",
- "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==",
+ "node_modules/@electron/notarize": {
+ "version": "2.5.0",
+ "resolved": "https://registry.npmjs.org/@electron/notarize/-/notarize-2.5.0.tgz",
+ "integrity": "sha512-jNT8nwH1f9X5GEITXaQ8IF/KdskvIkOFfB2CvwumsveVidzpSc+mvhhTMdAGSYF3O+Nq49lJ7y+ssODRXu06+A==",
"dev": true,
"license": "MIT",
"dependencies": {
- "debug": "4"
+ "debug": "^4.1.1",
+ "fs-extra": "^9.0.1",
+ "promise-retry": "^2.0.1"
},
"engines": {
- "node": ">= 6.0.0"
+ "node": ">= 10.0.0"
}
},
- "node_modules/@electron/node-gyp/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "node_modules/@electron/notarize/node_modules/fs-extra": {
+ "version": "9.1.0",
+ "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
+ "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
"dev": true,
"license": "MIT",
"dependencies": {
- "balanced-match": "^1.0.0"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/cacache": {
- "version": "16.1.3",
- "resolved": "https://registry.npmjs.org/cacache/-/cacache-16.1.3.tgz",
- "integrity": "sha512-/+Emcj9DAXxX4cwlLmRI9c166RuL3w30zp4R7Joiv2cQTtTtA+jeuCAjH3ZlGnYS3tKENSrKhAzVVP9GVyzeYQ==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "@npmcli/fs": "^2.1.0",
- "@npmcli/move-file": "^2.0.0",
- "chownr": "^2.0.0",
- "fs-minipass": "^2.1.0",
- "glob": "^8.0.1",
- "infer-owner": "^1.0.4",
- "lru-cache": "^7.7.1",
- "minipass": "^3.1.6",
- "minipass-collect": "^1.0.2",
- "minipass-flush": "^1.0.5",
- "minipass-pipeline": "^1.2.4",
- "mkdirp": "^1.0.4",
- "p-map": "^4.0.0",
- "promise-inflight": "^1.0.1",
- "rimraf": "^3.0.2",
- "ssri": "^9.0.0",
- "tar": "^6.1.11",
- "unique-filename": "^2.0.0"
+ "at-least-node": "^1.0.0",
+ "graceful-fs": "^4.2.0",
+ "jsonfile": "^6.0.1",
+ "universalify": "^2.0.0"
},
"engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
+ "node": ">=10"
}
},
- "node_modules/@electron/node-gyp/node_modules/fs-minipass": {
- "version": "2.1.0",
- "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz",
- "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==",
+ "node_modules/@electron/osx-sign": {
+ "version": "1.3.1",
+ "resolved": "https://registry.npmjs.org/@electron/osx-sign/-/osx-sign-1.3.1.tgz",
+ "integrity": "sha512-BAfviURMHpmb1Yb50YbCxnOY0wfwaLXH5KJ4+80zS0gUkzDX3ec23naTlEqKsN+PwYn+a1cCzM7BJ4Wcd3sGzw==",
"dev": true,
- "license": "ISC",
+ "license": "BSD-2-Clause",
"dependencies": {
- "minipass": "^3.0.0"
+ "compare-version": "^0.1.2",
+ "debug": "^4.3.4",
+ "fs-extra": "^10.0.0",
+ "isbinaryfile": "^4.0.8",
+ "minimist": "^1.2.6",
+ "plist": "^3.0.5"
+ },
+ "bin": {
+ "electron-osx-flat": "bin/electron-osx-flat.js",
+ "electron-osx-sign": "bin/electron-osx-sign.js"
},
"engines": {
- "node": ">= 8"
+ "node": ">=12.0.0"
}
},
- "node_modules/@electron/node-gyp/node_modules/glob": {
- "version": "8.1.0",
- "resolved": "https://registry.npmjs.org/glob/-/glob-8.1.0.tgz",
- "integrity": "sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==",
- "deprecated": "Glob versions prior to v9 are no longer supported",
+ "node_modules/@electron/osx-sign/node_modules/isbinaryfile": {
+ "version": "4.0.10",
+ "resolved": "https://registry.npmjs.org/isbinaryfile/-/isbinaryfile-4.0.10.tgz",
+ "integrity": "sha512-iHrqe5shvBUcFbmZq9zOQHBoeOhZJu6RQGrDpBgenUm/Am+F3JM2MgQj+rK3Z601fzrL5gLZWtAPH2OBaSVcyw==",
"dev": true,
- "license": "ISC",
- "dependencies": {
- "fs.realpath": "^1.0.0",
- "inflight": "^1.0.4",
- "inherits": "2",
- "minimatch": "^5.0.1",
- "once": "^1.3.0"
- },
+ "license": "MIT",
"engines": {
- "node": ">=12"
+ "node": ">= 8.0.0"
},
"funding": {
- "url": "https://github.com/sponsors/isaacs"
+ "url": "https://github.com/sponsors/gjtorikian/"
}
},
- "node_modules/@electron/node-gyp/node_modules/http-proxy-agent": {
- "version": "5.0.0",
- "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz",
- "integrity": "sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w==",
+ "node_modules/@electron/rebuild": {
+ "version": "3.7.2",
+ "resolved": "https://registry.npmjs.org/@electron/rebuild/-/rebuild-3.7.2.tgz",
+ "integrity": "sha512-19/KbIR/DAxbsCkiaGMXIdPnMCJLkcf8AvGnduJtWBs/CBwiAjY1apCqOLVxrXg+rtXFCngbXhBanWjxLUt1Mg==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@tootallnate/once": "2",
- "agent-base": "6",
- "debug": "4"
+ "@electron/node-gyp": "git+https://github.com/electron/node-gyp.git#06b29aafb7708acef8b3669835c8a7857ebc92d2",
+ "@malept/cross-spawn-promise": "^2.0.0",
+ "chalk": "^4.0.0",
+ "debug": "^4.1.1",
+ "detect-libc": "^2.0.1",
+ "fs-extra": "^10.0.0",
+ "got": "^11.7.0",
+ "node-abi": "^3.45.0",
+ "node-api-version": "^0.2.0",
+ "ora": "^5.1.0",
+ "read-binary-file-arch": "^1.0.6",
+ "semver": "^7.3.5",
+ "tar": "^6.0.5",
+ "yargs": "^17.0.1"
+ },
+ "bin": {
+ "electron-rebuild": "lib/cli.js"
},
"engines": {
- "node": ">= 6"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/https-proxy-agent": {
- "version": "5.0.1",
- "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz",
- "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "agent-base": "6",
- "debug": "4"
- },
- "engines": {
- "node": ">= 6"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/lru-cache": {
- "version": "7.18.3",
- "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
- "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==",
- "dev": true,
- "license": "ISC",
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/make-fetch-happen": {
- "version": "10.2.1",
- "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-10.2.1.tgz",
- "integrity": "sha512-NgOPbRiaQM10DYXvN3/hhGVI2M5MtITFryzBGxHM5p4wnFxsVCbxkrBrDsk+EZ5OB4jEOT7AjDxtdF+KVEFT7w==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "agentkeepalive": "^4.2.1",
- "cacache": "^16.1.0",
- "http-cache-semantics": "^4.1.0",
- "http-proxy-agent": "^5.0.0",
- "https-proxy-agent": "^5.0.0",
- "is-lambda": "^1.0.1",
- "lru-cache": "^7.7.1",
- "minipass": "^3.1.6",
- "minipass-collect": "^1.0.2",
- "minipass-fetch": "^2.0.3",
- "minipass-flush": "^1.0.5",
- "minipass-pipeline": "^1.2.4",
- "negotiator": "^0.6.3",
- "promise-retry": "^2.0.1",
- "socks-proxy-agent": "^7.0.0",
- "ssri": "^9.0.0"
- },
- "engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "brace-expansion": "^2.0.1"
- },
- "engines": {
- "node": ">=10"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/minipass": {
- "version": "3.3.6",
- "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
- "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "yallist": "^4.0.0"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/minipass-collect": {
- "version": "1.0.2",
- "resolved": "https://registry.npmjs.org/minipass-collect/-/minipass-collect-1.0.2.tgz",
- "integrity": "sha512-6T6lH0H8OG9kITm/Jm6tdooIbogG9e0tLgpY6mphXSm/A9u8Nq1ryBG+Qspiub9LjWlBPsPS3tWQ/Botq4FdxA==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "minipass": "^3.0.0"
- },
- "engines": {
- "node": ">= 8"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/minipass-fetch": {
- "version": "2.1.2",
- "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-2.1.2.tgz",
- "integrity": "sha512-LT49Zi2/WMROHYoqGgdlQIZh8mLPZmOrN2NdJjMXxYe4nkN6FUyuPuOAOedNJDrx0IRGg9+4guZewtp8hE6TxA==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "minipass": "^3.1.6",
- "minipass-sized": "^1.0.3",
- "minizlib": "^2.1.2"
- },
- "engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
- },
- "optionalDependencies": {
- "encoding": "^0.1.13"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/minizlib": {
- "version": "2.1.2",
- "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz",
- "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "minipass": "^3.0.0",
- "yallist": "^4.0.0"
- },
- "engines": {
- "node": ">= 8"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/negotiator": {
- "version": "0.6.4",
- "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.4.tgz",
- "integrity": "sha512-myRT3DiWPHqho5PrJaIRyaMv2kgYf0mUVgBNOYMuCH5Ki1yEiQaf/ZJuQ62nvpc44wL5WDbTX7yGJi1Neevw8w==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 0.6"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/nopt": {
- "version": "6.0.0",
- "resolved": "https://registry.npmjs.org/nopt/-/nopt-6.0.0.tgz",
- "integrity": "sha512-ZwLpbTgdhuZUnZzjd7nb1ZV+4DoiC6/sfiVKok72ym/4Tlf+DFdlHYmT2JPmcNNWV6Pi3SDf1kT+A4r9RTuT9g==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "abbrev": "^1.0.0"
- },
- "bin": {
- "nopt": "bin/nopt.js"
- },
- "engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/p-map": {
- "version": "4.0.0",
- "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz",
- "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "aggregate-error": "^3.0.0"
- },
- "engines": {
- "node": ">=10"
- },
- "funding": {
- "url": "https://github.com/sponsors/sindresorhus"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/proc-log": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-2.0.1.tgz",
- "integrity": "sha512-Kcmo2FhfDTXdcbfDH76N7uBYHINxc/8GW7UAVuVP9I+Va3uHSerrnKV6dLooga/gh7GlgzuCCr/eoldnL1muGw==",
- "dev": true,
- "license": "ISC",
- "engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/rimraf": {
- "version": "3.0.2",
- "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
- "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
- "deprecated": "Rimraf versions prior to v4 are no longer supported",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "glob": "^7.1.3"
- },
- "bin": {
- "rimraf": "bin.js"
- },
- "funding": {
- "url": "https://github.com/sponsors/isaacs"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/rimraf/node_modules/brace-expansion": {
- "version": "1.1.12",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
- "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "balanced-match": "^1.0.0",
- "concat-map": "0.0.1"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/rimraf/node_modules/glob": {
- "version": "7.2.3",
- "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
- "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
- "deprecated": "Glob versions prior to v9 are no longer supported",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "fs.realpath": "^1.0.0",
- "inflight": "^1.0.4",
- "inherits": "2",
- "minimatch": "^3.1.1",
- "once": "^1.3.0",
- "path-is-absolute": "^1.0.0"
- },
- "engines": {
- "node": "*"
- },
- "funding": {
- "url": "https://github.com/sponsors/isaacs"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/rimraf/node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "brace-expansion": "^1.1.7"
- },
- "engines": {
- "node": "*"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/socks-proxy-agent": {
- "version": "7.0.0",
- "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-7.0.0.tgz",
- "integrity": "sha512-Fgl0YPZ902wEsAyiQ+idGd1A7rSFx/ayC1CQVMw5P+EQx2V0SgpGtf6OKFhVjPflPUl9YMmEOnmfjCdMUsygww==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "agent-base": "^6.0.2",
- "debug": "^4.3.3",
- "socks": "^2.6.2"
- },
- "engines": {
- "node": ">= 10"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/ssri": {
- "version": "9.0.1",
- "resolved": "https://registry.npmjs.org/ssri/-/ssri-9.0.1.tgz",
- "integrity": "sha512-o57Wcn66jMQvfHG1FlYbWeZWW/dHZhJXjpIcTfXldXEk5nz5lStPo3mK0OJQfGR3RbZUlbISexbljkJzuEj/8Q==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "minipass": "^3.1.1"
- },
- "engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/unique-filename": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/unique-filename/-/unique-filename-2.0.1.tgz",
- "integrity": "sha512-ODWHtkkdx3IAR+veKxFV+VBkUMcN+FaqzUUd7IZzt+0zhDZFPFxhlqwPF3YQvMHx1TD0tdgYl+kuPnJ8E6ql7A==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "unique-slug": "^3.0.0"
- },
- "engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/unique-slug": {
- "version": "3.0.0",
- "resolved": "https://registry.npmjs.org/unique-slug/-/unique-slug-3.0.0.tgz",
- "integrity": "sha512-8EyMynh679x/0gqE9fT9oilG+qEt+ibFyqjuVTsZn1+CMxH+XLlpvr2UZx4nVcCwTpx81nICr2JQFkM+HPLq4w==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "imurmurhash": "^0.1.4"
- },
- "engines": {
- "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
- }
- },
- "node_modules/@electron/node-gyp/node_modules/yallist": {
- "version": "4.0.0",
- "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
- "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
- "dev": true,
- "license": "ISC"
- },
- "node_modules/@electron/notarize": {
- "version": "2.5.0",
- "resolved": "https://registry.npmjs.org/@electron/notarize/-/notarize-2.5.0.tgz",
- "integrity": "sha512-jNT8nwH1f9X5GEITXaQ8IF/KdskvIkOFfB2CvwumsveVidzpSc+mvhhTMdAGSYF3O+Nq49lJ7y+ssODRXu06+A==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "debug": "^4.1.1",
- "fs-extra": "^9.0.1",
- "promise-retry": "^2.0.1"
- },
- "engines": {
- "node": ">= 10.0.0"
- }
- },
- "node_modules/@electron/notarize/node_modules/fs-extra": {
- "version": "9.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
- "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "at-least-node": "^1.0.0",
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
- },
- "engines": {
- "node": ">=10"
- }
- },
- "node_modules/@electron/notarize/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/@electron/notarize/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
- }
- },
- "node_modules/@electron/osx-sign": {
- "version": "1.3.1",
- "resolved": "https://registry.npmjs.org/@electron/osx-sign/-/osx-sign-1.3.1.tgz",
- "integrity": "sha512-BAfviURMHpmb1Yb50YbCxnOY0wfwaLXH5KJ4+80zS0gUkzDX3ec23naTlEqKsN+PwYn+a1cCzM7BJ4Wcd3sGzw==",
- "dev": true,
- "license": "BSD-2-Clause",
- "dependencies": {
- "compare-version": "^0.1.2",
- "debug": "^4.3.4",
- "fs-extra": "^10.0.0",
- "isbinaryfile": "^4.0.8",
- "minimist": "^1.2.6",
- "plist": "^3.0.5"
- },
- "bin": {
- "electron-osx-flat": "bin/electron-osx-flat.js",
- "electron-osx-sign": "bin/electron-osx-sign.js"
- },
- "engines": {
- "node": ">=12.0.0"
- }
- },
- "node_modules/@electron/osx-sign/node_modules/fs-extra": {
- "version": "10.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
- "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
- },
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/@electron/osx-sign/node_modules/isbinaryfile": {
- "version": "4.0.10",
- "resolved": "https://registry.npmjs.org/isbinaryfile/-/isbinaryfile-4.0.10.tgz",
- "integrity": "sha512-iHrqe5shvBUcFbmZq9zOQHBoeOhZJu6RQGrDpBgenUm/Am+F3JM2MgQj+rK3Z601fzrL5gLZWtAPH2OBaSVcyw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 8.0.0"
- },
- "funding": {
- "url": "https://github.com/sponsors/gjtorikian/"
- }
- },
- "node_modules/@electron/osx-sign/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/@electron/osx-sign/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
- }
- },
- "node_modules/@electron/rebuild": {
- "version": "4.0.2",
- "resolved": "https://registry.npmjs.org/@electron/rebuild/-/rebuild-4.0.2.tgz",
- "integrity": "sha512-8iZWVPvOpCdIc5Pj5udQV3PeO7liJVC7BBUSizl1HCfP7ZxYc9Kqz0c3PDNj2HQ5cQfJ5JaBeJIYKPjAvLn2Rg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "@malept/cross-spawn-promise": "^2.0.0",
- "debug": "^4.1.1",
- "detect-libc": "^2.0.1",
- "got": "^11.7.0",
- "graceful-fs": "^4.2.11",
- "node-abi": "^4.2.0",
- "node-api-version": "^0.2.1",
- "node-gyp": "^11.2.0",
- "ora": "^5.1.0",
- "read-binary-file-arch": "^1.0.6",
- "semver": "^7.3.5",
- "tar": "^6.0.5",
- "yargs": "^17.0.1"
- },
- "bin": {
- "electron-rebuild": "lib/cli.js"
- },
- "engines": {
- "node": ">=22.12.0"
+ "node": ">=12.13.0"
}
},
"node_modules/@electron/universal": {
@@ -1472,9 +969,9 @@
}
},
"node_modules/@electron/universal/node_modules/fs-extra": {
- "version": "11.3.3",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.3.3.tgz",
- "integrity": "sha512-VWSRii4t0AFm6ixFFmLLx1t7wS1gh+ckoa84aOeapGum0h+EZd1EhEumSB+ZdDLnEPuucsVB9oB7cxJHap6Afg==",
+ "version": "11.3.2",
+ "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.3.2.tgz",
+ "integrity": "sha512-Xr9F6z6up6Ws+NjzMCZc6WXg2YFRlrLP9NQDO3VQrWrfiojdhS56TzueT88ze0uBdCTwEIhQ3ptnmKeWGFAe0A==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -1486,19 +983,6 @@
"node": ">=14.14"
}
},
- "node_modules/@electron/universal/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
"node_modules/@electron/universal/node_modules/minimatch": {
"version": "9.0.5",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
@@ -1515,16 +999,6 @@
"url": "https://github.com/sponsors/isaacs"
}
},
- "node_modules/@electron/universal/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
- }
- },
"node_modules/@electron/windows-sign": {
"version": "1.2.2",
"resolved": "https://registry.npmjs.org/@electron/windows-sign/-/windows-sign-1.2.2.tgz",
@@ -1548,56 +1022,22 @@
}
},
"node_modules/@electron/windows-sign/node_modules/fs-extra": {
- "version": "11.3.3",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.3.3.tgz",
- "integrity": "sha512-VWSRii4t0AFm6ixFFmLLx1t7wS1gh+ckoa84aOeapGum0h+EZd1EhEumSB+ZdDLnEPuucsVB9oB7cxJHap6Afg==",
- "dev": true,
- "license": "MIT",
- "optional": true,
- "peer": true,
- "dependencies": {
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
- },
- "engines": {
- "node": ">=14.14"
- }
- },
- "node_modules/@electron/windows-sign/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "optional": true,
- "peer": true,
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/@electron/windows-sign/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
+ "version": "11.3.2",
+ "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.3.2.tgz",
+ "integrity": "sha512-Xr9F6z6up6Ws+NjzMCZc6WXg2YFRlrLP9NQDO3VQrWrfiojdhS56TzueT88ze0uBdCTwEIhQ3ptnmKeWGFAe0A==",
"dev": true,
"license": "MIT",
"optional": true,
"peer": true,
+ "dependencies": {
+ "graceful-fs": "^4.2.0",
+ "jsonfile": "^6.0.1",
+ "universalify": "^2.0.0"
+ },
"engines": {
- "node": ">= 10.0.0"
+ "node": ">=14.14"
}
},
- "node_modules/@epic-web/invariant": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/@epic-web/invariant/-/invariant-1.0.0.tgz",
- "integrity": "sha512-lrTPqgvfFQtR/eY/qkIzp98OGdNJu0m5ji3q/nJI8v3SXkRKEnWiOxMmbvcSoAIzv/cGiuvRy57k4suKQSAdwA==",
- "dev": true,
- "license": "MIT"
- },
"node_modules/@esbuild/aix-ppc64": {
"version": "0.25.12",
"resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.12.tgz",
@@ -2041,9 +1481,9 @@
}
},
"node_modules/@eslint-community/eslint-utils": {
- "version": "4.9.1",
- "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.9.1.tgz",
- "integrity": "sha512-phrYmNiYppR7znFEdqgfWHXR6NCkZEK7hwWDHZUjit/2/U0r6XvkDl0SYnoM51Hq7FhCGdLDT6zxCCOY1hexsQ==",
+ "version": "4.9.0",
+ "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.9.0.tgz",
+ "integrity": "sha512-ayVFHdtZ+hsq1t2Dy24wCmGXGe4q9Gu3smhLYALJrr473ZH27MsnSL+LKUlimp4BWJqMDMLmPpx/Q9R3OAlL4g==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -2223,24 +1663,6 @@
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
}
},
- "node_modules/@exodus/bytes": {
- "version": "1.7.0",
- "resolved": "https://registry.npmjs.org/@exodus/bytes/-/bytes-1.7.0.tgz",
- "integrity": "sha512-5i+BtvujK/vM07YCGDyz4C4AyDzLmhxHMtM5HpUyPRtJPBdFPsj290ffXW+UXY21/G7GtXeHD2nRmq0T1ShyQQ==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": "^20.19.0 || ^22.12.0 || >=24.0.0"
- },
- "peerDependencies": {
- "@exodus/crypto": "^1.0.0-rc.4"
- },
- "peerDependenciesMeta": {
- "@exodus/crypto": {
- "optional": true
- }
- }
- },
"node_modules/@floating-ui/core": {
"version": "1.7.3",
"resolved": "https://registry.npmjs.org/@floating-ui/core/-/core-1.7.3.tgz",
@@ -2379,6 +1801,19 @@
"node": ">=12"
}
},
+ "node_modules/@isaacs/cliui/node_modules/ansi-regex": {
+ "version": "6.2.2",
+ "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.2.2.tgz",
+ "integrity": "sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==",
+ "dev": true,
+ "license": "MIT",
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/chalk/ansi-regex?sponsor=1"
+ }
+ },
"node_modules/@isaacs/cliui/node_modules/ansi-styles": {
"version": "6.2.3",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.3.tgz",
@@ -2417,6 +1852,22 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/@isaacs/cliui/node_modules/strip-ansi": {
+ "version": "7.1.2",
+ "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.2.tgz",
+ "integrity": "sha512-gmBGslpoQJtgnMAvOVqGZpEz9dyoKTCzy2nfz/n8aIFhN/jCE/rCmcxabB6jOOHV+0WNnylOxaxBQPSvcWklhA==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "ansi-regex": "^6.0.1"
+ },
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/chalk/strip-ansi?sponsor=1"
+ }
+ },
"node_modules/@isaacs/cliui/node_modules/wrap-ansi": {
"version": "8.1.0",
"resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz",
@@ -2435,19 +1886,6 @@
"url": "https://github.com/chalk/wrap-ansi?sponsor=1"
}
},
- "node_modules/@isaacs/fs-minipass": {
- "version": "4.0.1",
- "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz",
- "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "minipass": "^7.0.4"
- },
- "engines": {
- "node": ">=18.0.0"
- }
- },
"node_modules/@jridgewell/gen-mapping": {
"version": "0.3.13",
"resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz",
@@ -2645,64 +2083,18 @@
"node": ">=10"
}
},
- "node_modules/@malept/flatpak-bundler/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/@malept/flatpak-bundler/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
- }
- },
- "node_modules/@npmcli/agent": {
- "version": "3.0.0",
- "resolved": "https://registry.npmjs.org/@npmcli/agent/-/agent-3.0.0.tgz",
- "integrity": "sha512-S79NdEgDQd/NGCay6TCoVzXSj74skRZIKJcpJjC5lOq34SZzyI6MqtiiWoiVWoVrTcGjNeC4ipbh1VIHlpfF5Q==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "agent-base": "^7.1.0",
- "http-proxy-agent": "^7.0.0",
- "https-proxy-agent": "^7.0.1",
- "lru-cache": "^10.0.1",
- "socks-proxy-agent": "^8.0.3"
- },
- "engines": {
- "node": "^18.17.0 || >=20.5.0"
- }
- },
- "node_modules/@npmcli/agent/node_modules/lru-cache": {
- "version": "10.4.3",
- "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
- "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==",
- "dev": true,
- "license": "ISC"
- },
"node_modules/@npmcli/fs": {
- "version": "4.0.0",
- "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-4.0.0.tgz",
- "integrity": "sha512-/xGlezI6xfGO9NwuJlnwz/K14qD1kCSAGtacBHnGzeAIuJGazcp45KP5NuyARXoKb7cwulAGWVsbeSxdG/cb0Q==",
+ "version": "2.1.2",
+ "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-2.1.2.tgz",
+ "integrity": "sha512-yOJKRvohFOaLqipNtwYB9WugyZKhC/DZC4VYPmpaCzDBrA8YpK3qHZ8/HGscMnE4GqbkLNuVcCnxkeQEdGt6LQ==",
"dev": true,
"license": "ISC",
"dependencies": {
+ "@gar/promisify": "^1.1.3",
"semver": "^7.3.5"
},
"engines": {
- "node": "^18.17.0 || >=20.5.0"
+ "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
"node_modules/@npmcli/move-file": {
@@ -2720,23 +2112,6 @@
"node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
- "node_modules/@npmcli/move-file/node_modules/rimraf": {
- "version": "3.0.2",
- "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
- "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
- "deprecated": "Rimraf versions prior to v4 are no longer supported",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "glob": "^7.1.3"
- },
- "bin": {
- "rimraf": "bin.js"
- },
- "funding": {
- "url": "https://github.com/sponsors/isaacs"
- }
- },
"node_modules/@pkgjs/parseargs": {
"version": "0.11.0",
"resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz",
@@ -3995,9 +3370,9 @@
"license": "MIT"
},
"node_modules/@rollup/rollup-android-arm-eabi": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.54.0.tgz",
- "integrity": "sha512-OywsdRHrFvCdvsewAInDKCNyR3laPA2mc9bRYJ6LBp5IyvF3fvXbbNR0bSzHlZVFtn6E0xw2oZlyjg4rKCVcng==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.53.4.tgz",
+ "integrity": "sha512-PWU3Y92H4DD0bOqorEPp1Y0tbzwAurFmIYpjcObv5axGVOtcTlB0b2UKMd2echo08MgN7jO8WQZSSysvfisFSQ==",
"cpu": [
"arm"
],
@@ -4009,9 +3384,9 @@
]
},
"node_modules/@rollup/rollup-android-arm64": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.54.0.tgz",
- "integrity": "sha512-Skx39Uv+u7H224Af+bDgNinitlmHyQX1K/atIA32JP3JQw6hVODX5tkbi2zof/E69M1qH2UoN3Xdxgs90mmNYw==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.53.4.tgz",
+ "integrity": "sha512-Gw0/DuVm3rGsqhMGYkSOXXIx20cC3kTlivZeuaGt4gEgILivykNyBWxeUV5Cf2tDA2nPLah26vq3emlRrWVbng==",
"cpu": [
"arm64"
],
@@ -4023,9 +3398,9 @@
]
},
"node_modules/@rollup/rollup-darwin-arm64": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.54.0.tgz",
- "integrity": "sha512-k43D4qta/+6Fq+nCDhhv9yP2HdeKeP56QrUUTW7E6PhZP1US6NDqpJj4MY0jBHlJivVJD5P8NxrjuobZBJTCRw==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.53.4.tgz",
+ "integrity": "sha512-+w06QvXsgzKwdVg5qRLZpTHh1bigHZIqoIUPtiqh05ZiJVUQ6ymOxaPkXTvRPRLH88575ZCRSRM3PwIoNma01Q==",
"cpu": [
"arm64"
],
@@ -4037,9 +3412,9 @@
]
},
"node_modules/@rollup/rollup-darwin-x64": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.54.0.tgz",
- "integrity": "sha512-cOo7biqwkpawslEfox5Vs8/qj83M/aZCSSNIWpVzfU2CYHa2G3P1UN5WF01RdTHSgCkri7XOlTdtk17BezlV3A==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.53.4.tgz",
+ "integrity": "sha512-EB4Na9G2GsrRNRNFPuxfwvDRDUwQEzJPpiK1vo2zMVhEeufZ1k7J1bKnT0JYDfnPC7RNZ2H5YNQhW6/p2QKATw==",
"cpu": [
"x64"
],
@@ -4051,9 +3426,9 @@
]
},
"node_modules/@rollup/rollup-freebsd-arm64": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.54.0.tgz",
- "integrity": "sha512-miSvuFkmvFbgJ1BevMa4CPCFt5MPGw094knM64W9I0giUIMMmRYcGW/JWZDriaw/k1kOBtsWh1z6nIFV1vPNtA==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.53.4.tgz",
+ "integrity": "sha512-bldA8XEqPcs6OYdknoTMaGhjytnwQ0NClSPpWpmufOuGPN5dDmvIa32FygC2gneKK4A1oSx86V1l55hyUWUYFQ==",
"cpu": [
"arm64"
],
@@ -4065,9 +3440,9 @@
]
},
"node_modules/@rollup/rollup-freebsd-x64": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.54.0.tgz",
- "integrity": "sha512-KGXIs55+b/ZfZsq9aR026tmr/+7tq6VG6MsnrvF4H8VhwflTIuYh+LFUlIsRdQSgrgmtM3fVATzEAj4hBQlaqQ==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.53.4.tgz",
+ "integrity": "sha512-3T8GPjH6mixCd0YPn0bXtcuSXi1Lj+15Ujw2CEb7dd24j9thcKscCf88IV7n76WaAdorOzAgSSbuVRg4C8V8Qw==",
"cpu": [
"x64"
],
@@ -4079,9 +3454,9 @@
]
},
"node_modules/@rollup/rollup-linux-arm-gnueabihf": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.54.0.tgz",
- "integrity": "sha512-EHMUcDwhtdRGlXZsGSIuXSYwD5kOT9NVnx9sqzYiwAc91wfYOE1g1djOEDseZJKKqtHAHGwnGPQu3kytmfaXLQ==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.53.4.tgz",
+ "integrity": "sha512-UPMMNeC4LXW7ZSHxeP3Edv09aLsFUMaD1TSVW6n1CWMECnUIJMFFB7+XC2lZTdPtvB36tYC0cJWc86mzSsaviw==",
"cpu": [
"arm"
],
@@ -4093,9 +3468,9 @@
]
},
"node_modules/@rollup/rollup-linux-arm-musleabihf": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.54.0.tgz",
- "integrity": "sha512-+pBrqEjaakN2ySv5RVrj/qLytYhPKEUwk+e3SFU5jTLHIcAtqh2rLrd/OkbNuHJpsBgxsD8ccJt5ga/SeG0JmA==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.53.4.tgz",
+ "integrity": "sha512-H8uwlV0otHs5Q7WAMSoyvjV9DJPiy5nJ/xnHolY0QptLPjaSsuX7tw+SPIfiYH6cnVx3fe4EWFafo6gH6ekZKA==",
"cpu": [
"arm"
],
@@ -4107,9 +3482,9 @@
]
},
"node_modules/@rollup/rollup-linux-arm64-gnu": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.54.0.tgz",
- "integrity": "sha512-NSqc7rE9wuUaRBsBp5ckQ5CVz5aIRKCwsoa6WMF7G01sX3/qHUw/z4pv+D+ahL1EIKy6Enpcnz1RY8pf7bjwng==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.53.4.tgz",
+ "integrity": "sha512-BLRwSRwICXz0TXkbIbqJ1ibK+/dSBpTJqDClF61GWIrxTXZWQE78ROeIhgl5MjVs4B4gSLPCFeD4xML9vbzvCQ==",
"cpu": [
"arm64"
],
@@ -4121,9 +3496,9 @@
]
},
"node_modules/@rollup/rollup-linux-arm64-musl": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.54.0.tgz",
- "integrity": "sha512-gr5vDbg3Bakga5kbdpqx81m2n9IX8M6gIMlQQIXiLTNeQW6CucvuInJ91EuCJ/JYvc+rcLLsDFcfAD1K7fMofg==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.53.4.tgz",
+ "integrity": "sha512-6bySEjOTbmVcPJAywjpGLckK793A0TJWSbIa0sVwtVGfe/Nz6gOWHOwkshUIAp9j7wg2WKcA4Snu7Y1nUZyQew==",
"cpu": [
"arm64"
],
@@ -4135,9 +3510,9 @@
]
},
"node_modules/@rollup/rollup-linux-loong64-gnu": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.54.0.tgz",
- "integrity": "sha512-gsrtB1NA3ZYj2vq0Rzkylo9ylCtW/PhpLEivlgWe0bpgtX5+9j9EZa0wtZiCjgu6zmSeZWyI/e2YRX1URozpIw==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.53.4.tgz",
+ "integrity": "sha512-U0ow3bXYJZ5MIbchVusxEycBw7bO6C2u5UvD31i5IMTrnt2p4Fh4ZbHSdc/31TScIJQYHwxbj05BpevB3201ug==",
"cpu": [
"loong64"
],
@@ -4149,9 +3524,9 @@
]
},
"node_modules/@rollup/rollup-linux-ppc64-gnu": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.54.0.tgz",
- "integrity": "sha512-y3qNOfTBStmFNq+t4s7Tmc9hW2ENtPg8FeUD/VShI7rKxNW7O4fFeaYbMsd3tpFlIg1Q8IapFgy7Q9i2BqeBvA==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.53.4.tgz",
+ "integrity": "sha512-iujDk07ZNwGLVn0YIWM80SFN039bHZHCdCCuX9nyx3Jsa2d9V/0Y32F+YadzwbvDxhSeVo9zefkoPnXEImnM5w==",
"cpu": [
"ppc64"
],
@@ -4163,9 +3538,9 @@
]
},
"node_modules/@rollup/rollup-linux-riscv64-gnu": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.54.0.tgz",
- "integrity": "sha512-89sepv7h2lIVPsFma8iwmccN7Yjjtgz0Rj/Ou6fEqg3HDhpCa+Et+YSufy27i6b0Wav69Qv4WBNl3Rs6pwhebQ==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.53.4.tgz",
+ "integrity": "sha512-MUtAktiOUSu+AXBpx1fkuG/Bi5rhlorGs3lw5QeJ2X3ziEGAq7vFNdWVde6XGaVqi0LGSvugwjoxSNJfHFTC0g==",
"cpu": [
"riscv64"
],
@@ -4177,9 +3552,9 @@
]
},
"node_modules/@rollup/rollup-linux-riscv64-musl": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.54.0.tgz",
- "integrity": "sha512-ZcU77ieh0M2Q8Ur7D5X7KvK+UxbXeDHwiOt/CPSBTI1fBmeDMivW0dPkdqkT4rOgDjrDDBUed9x4EgraIKoR2A==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.53.4.tgz",
+ "integrity": "sha512-btm35eAbDfPtcFEgaXCI5l3c2WXyzwiE8pArhd66SDtoLWmgK5/M7CUxmUglkwtniPzwvWioBKKl6IXLbPf2sQ==",
"cpu": [
"riscv64"
],
@@ -4191,9 +3566,9 @@
]
},
"node_modules/@rollup/rollup-linux-s390x-gnu": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.54.0.tgz",
- "integrity": "sha512-2AdWy5RdDF5+4YfG/YesGDDtbyJlC9LHmL6rZw6FurBJ5n4vFGupsOBGfwMRjBYH7qRQowT8D/U4LoSvVwOhSQ==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.53.4.tgz",
+ "integrity": "sha512-uJlhKE9ccUTCUlK+HUz/80cVtx2RayadC5ldDrrDUFaJK0SNb8/cCmC9RhBhIWuZ71Nqj4Uoa9+xljKWRogdhA==",
"cpu": [
"s390x"
],
@@ -4205,9 +3580,9 @@
]
},
"node_modules/@rollup/rollup-linux-x64-gnu": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.54.0.tgz",
- "integrity": "sha512-WGt5J8Ij/rvyqpFexxk3ffKqqbLf9AqrTBbWDk7ApGUzaIs6V+s2s84kAxklFwmMF/vBNGrVdYgbblCOFFezMQ==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.53.4.tgz",
+ "integrity": "sha512-jjEMkzvASQBbzzlzf4os7nzSBd/cvPrpqXCUOqoeCh1dQ4BP3RZCJk8XBeik4MUln3m+8LeTJcY54C/u8wb3DQ==",
"cpu": [
"x64"
],
@@ -4219,9 +3594,9 @@
]
},
"node_modules/@rollup/rollup-linux-x64-musl": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.54.0.tgz",
- "integrity": "sha512-JzQmb38ATzHjxlPHuTH6tE7ojnMKM2kYNzt44LO/jJi8BpceEC8QuXYA908n8r3CNuG/B3BV8VR3Hi1rYtmPiw==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.53.4.tgz",
+ "integrity": "sha512-lu90KG06NNH19shC5rBPkrh6mrTpq5kviFylPBXQVpdEu0yzb0mDgyxLr6XdcGdBIQTH/UAhDJnL+APZTBu1aQ==",
"cpu": [
"x64"
],
@@ -4233,9 +3608,9 @@
]
},
"node_modules/@rollup/rollup-openharmony-arm64": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.54.0.tgz",
- "integrity": "sha512-huT3fd0iC7jigGh7n3q/+lfPcXxBi+om/Rs3yiFxjvSxbSB6aohDFXbWvlspaqjeOh+hx7DDHS+5Es5qRkWkZg==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.53.4.tgz",
+ "integrity": "sha512-dFDcmLwsUzhAm/dn0+dMOQZoONVYBtgik0VuY/d5IJUUb787L3Ko/ibvTvddqhb3RaB7vFEozYevHN4ox22R/w==",
"cpu": [
"arm64"
],
@@ -4247,9 +3622,9 @@
]
},
"node_modules/@rollup/rollup-win32-arm64-msvc": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.54.0.tgz",
- "integrity": "sha512-c2V0W1bsKIKfbLMBu/WGBz6Yci8nJ/ZJdheE0EwB73N3MvHYKiKGs3mVilX4Gs70eGeDaMqEob25Tw2Gb9Nqyw==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.53.4.tgz",
+ "integrity": "sha512-WvUpUAWmUxZKtRnQWpRKnLW2DEO8HB/l8z6oFFMNuHndMzFTJEXzaYJ5ZAmzNw0L21QQJZsUQFt2oPf3ykAD/w==",
"cpu": [
"arm64"
],
@@ -4261,9 +3636,9 @@
]
},
"node_modules/@rollup/rollup-win32-ia32-msvc": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.54.0.tgz",
- "integrity": "sha512-woEHgqQqDCkAzrDhvDipnSirm5vxUXtSKDYTVpZG3nUdW/VVB5VdCYA2iReSj/u3yCZzXID4kuKG7OynPnB3WQ==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.53.4.tgz",
+ "integrity": "sha512-JGbeF2/FDU0x2OLySw/jgvkwWUo05BSiJK0dtuI4LyuXbz3wKiC1xHhLB1Tqm5VU6ZZDmAorj45r/IgWNWku5g==",
"cpu": [
"ia32"
],
@@ -4275,9 +3650,9 @@
]
},
"node_modules/@rollup/rollup-win32-x64-gnu": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.54.0.tgz",
- "integrity": "sha512-dzAc53LOuFvHwbCEOS0rPbXp6SIhAf2txMP5p6mGyOXXw5mWY8NGGbPMPrs4P1WItkfApDathBj/NzMLUZ9rtQ==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.53.4.tgz",
+ "integrity": "sha512-zuuC7AyxLWLubP+mlUwEyR8M1ixW1ERNPHJfXm8x7eQNP4Pzkd7hS3qBuKBR70VRiQ04Kw8FNfRMF5TNxuZq2g==",
"cpu": [
"x64"
],
@@ -4289,9 +3664,9 @@
]
},
"node_modules/@rollup/rollup-win32-x64-msvc": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.54.0.tgz",
- "integrity": "sha512-hYT5d3YNdSh3mbCU1gwQyPgQd3T2ne0A3KG8KSBdav5TiBg6eInVmV+TeR5uHufiIgSFg0XsOWGW5/RhNcSvPg==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.53.4.tgz",
+ "integrity": "sha512-Sbx45u/Lbb5RyptSbX7/3deP+/lzEmZ0BTSHxwxN/IMOZDZf8S0AGo0hJD5n/LQssxb5Z3B4og4P2X6Dd8acCA==",
"cpu": [
"x64"
],
@@ -4316,9 +3691,9 @@
}
},
"node_modules/@standard-schema/spec": {
- "version": "1.1.0",
- "resolved": "https://registry.npmjs.org/@standard-schema/spec/-/spec-1.1.0.tgz",
- "integrity": "sha512-l2aFy5jALhniG5HgqrD6jXLi/rUWrKvqN/qJx6yoJsgKhblVd+iqqU4RCXavm/jPityDo5TCvKMnpjKnOriy0w==",
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/@standard-schema/spec/-/spec-1.0.0.tgz",
+ "integrity": "sha512-m2bOd0f2RT9k8QJx1JN85cZYyH1RqFBdlwtkSlf4tBDYLCiiZnv1fIIwacK6cqwXavOydf0NPToMQgpKq+dVlA==",
"dev": true,
"license": "MIT"
},
@@ -4558,66 +3933,6 @@
"node": ">=14.0.0"
}
},
- "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/core": {
- "version": "1.7.1",
- "dev": true,
- "inBundle": true,
- "license": "MIT",
- "optional": true,
- "dependencies": {
- "@emnapi/wasi-threads": "1.1.0",
- "tslib": "^2.4.0"
- }
- },
- "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/runtime": {
- "version": "1.7.1",
- "dev": true,
- "inBundle": true,
- "license": "MIT",
- "optional": true,
- "dependencies": {
- "tslib": "^2.4.0"
- }
- },
- "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/wasi-threads": {
- "version": "1.1.0",
- "dev": true,
- "inBundle": true,
- "license": "MIT",
- "optional": true,
- "dependencies": {
- "tslib": "^2.4.0"
- }
- },
- "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@napi-rs/wasm-runtime": {
- "version": "1.1.0",
- "dev": true,
- "inBundle": true,
- "license": "MIT",
- "optional": true,
- "dependencies": {
- "@emnapi/core": "^1.7.1",
- "@emnapi/runtime": "^1.7.1",
- "@tybys/wasm-util": "^0.10.1"
- }
- },
- "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@tybys/wasm-util": {
- "version": "0.10.1",
- "dev": true,
- "inBundle": true,
- "license": "MIT",
- "optional": true,
- "dependencies": {
- "tslib": "^2.4.0"
- }
- },
- "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/tslib": {
- "version": "2.8.1",
- "dev": true,
- "inBundle": true,
- "license": "0BSD",
- "optional": true
- },
"node_modules/@tailwindcss/oxide-win32-arm64-msvc": {
"version": "4.1.18",
"resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-arm64-msvc/-/oxide-win32-arm64-msvc-4.1.18.tgz",
@@ -4679,12 +3994,12 @@
}
},
"node_modules/@tanstack/react-virtual": {
- "version": "3.13.14",
- "resolved": "https://registry.npmjs.org/@tanstack/react-virtual/-/react-virtual-3.13.14.tgz",
- "integrity": "sha512-WG0d7mBD54eA7dgA3+sO5csS0B49QKqM6Gy5Rf31+Oq/LTKROQSao9m2N/vz1IqVragOKU5t5k1LAcqh/DfTxw==",
+ "version": "3.13.13",
+ "resolved": "https://registry.npmjs.org/@tanstack/react-virtual/-/react-virtual-3.13.13.tgz",
+ "integrity": "sha512-4o6oPMDvQv+9gMi8rE6gWmsOjtUZUYIJHv7EB+GblyYdi8U6OqLl8rhHWIUZSL1dUU2dPwTdTgybCKf9EjIrQg==",
"license": "MIT",
"dependencies": {
- "@tanstack/virtual-core": "3.13.14"
+ "@tanstack/virtual-core": "3.13.13"
},
"funding": {
"type": "github",
@@ -4696,9 +4011,9 @@
}
},
"node_modules/@tanstack/virtual-core": {
- "version": "3.13.14",
- "resolved": "https://registry.npmjs.org/@tanstack/virtual-core/-/virtual-core-3.13.14.tgz",
- "integrity": "sha512-b5Uvd8J2dc7ICeX9SRb/wkCxWk7pUwN214eEPAQsqrsktSKTCmyLxOQWSMgogBByXclZeAdgZ3k4o0fIYUIBqQ==",
+ "version": "3.13.13",
+ "resolved": "https://registry.npmjs.org/@tanstack/virtual-core/-/virtual-core-3.13.13.tgz",
+ "integrity": "sha512-uQFoSdKKf5S8k51W5t7b2qpfkyIbdHMzAn+AMQvHPxKUPeo1SsGaA4JRISQT87jm28b7z8OEqPcg1IOZagQHcA==",
"license": "MIT",
"funding": {
"type": "github",
@@ -4726,6 +4041,33 @@
"node": ">=18"
}
},
+ "node_modules/@testing-library/jest-dom": {
+ "version": "6.9.1",
+ "resolved": "https://registry.npmjs.org/@testing-library/jest-dom/-/jest-dom-6.9.1.tgz",
+ "integrity": "sha512-zIcONa+hVtVSSep9UT3jZ5rizo2BsxgyDYU7WFD5eICBE7no3881HGeb/QkGfsJs6JTkY1aQhT7rIPC7e+0nnA==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@adobe/css-tools": "^4.4.0",
+ "aria-query": "^5.0.0",
+ "css.escape": "^1.5.1",
+ "dom-accessibility-api": "^0.6.3",
+ "picocolors": "^1.1.1",
+ "redent": "^3.0.0"
+ },
+ "engines": {
+ "node": ">=14",
+ "npm": ">=6",
+ "yarn": ">=1"
+ }
+ },
+ "node_modules/@testing-library/jest-dom/node_modules/dom-accessibility-api": {
+ "version": "0.6.3",
+ "resolved": "https://registry.npmjs.org/dom-accessibility-api/-/dom-accessibility-api-0.6.3.tgz",
+ "integrity": "sha512-7ZgogeTnjuHbo+ct10G9Ffp0mif17idi0IyWNVA/wcwcm7NPOD/WEHVP3n7n3MhXqxoIYm8d6MuZohYWIZ4T3w==",
+ "dev": true,
+ "license": "MIT"
+ },
"node_modules/@testing-library/react": {
"version": "16.3.1",
"resolved": "https://registry.npmjs.org/@testing-library/react/-/react-16.3.1.tgz",
@@ -4931,9 +4273,9 @@
"license": "MIT"
},
"node_modules/@types/node": {
- "version": "25.0.3",
- "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.3.tgz",
- "integrity": "sha512-W609buLVRVmeW693xKfzHeIV6nJGGz98uCPfeXI1ELMLXVeKYZ9m15fAMSaUPBHYLGFsVRcMmSCksQOrZV9BYA==",
+ "version": "25.0.2",
+ "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.2.tgz",
+ "integrity": "sha512-gWEkeiyYE4vqjON/+Obqcoeffmk0NF15WSBwSs7zwVA2bAbTaE0SJ7P0WNGoJn8uE7fiaV5a7dKYIJriEqOrmA==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -5021,20 +4363,20 @@
}
},
"node_modules/@typescript-eslint/eslint-plugin": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.51.0.tgz",
- "integrity": "sha512-XtssGWJvypyM2ytBnSnKtHYOGT+4ZwTnBVl36TA4nRO2f4PRNGz5/1OszHzcZCvcBMh+qb7I06uoCmLTRdR9og==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.49.0.tgz",
+ "integrity": "sha512-JXij0vzIaTtCwu6SxTh8qBc66kmf1xs7pI4UOiMDFVct6q86G0Zs7KRcEoJgY3Cav3x5Tq0MF5jwgpgLqgKG3A==",
"dev": true,
"license": "MIT",
"dependencies": {
"@eslint-community/regexpp": "^4.10.0",
- "@typescript-eslint/scope-manager": "8.51.0",
- "@typescript-eslint/type-utils": "8.51.0",
- "@typescript-eslint/utils": "8.51.0",
- "@typescript-eslint/visitor-keys": "8.51.0",
+ "@typescript-eslint/scope-manager": "8.49.0",
+ "@typescript-eslint/type-utils": "8.49.0",
+ "@typescript-eslint/utils": "8.49.0",
+ "@typescript-eslint/visitor-keys": "8.49.0",
"ignore": "^7.0.0",
"natural-compare": "^1.4.0",
- "ts-api-utils": "^2.2.0"
+ "ts-api-utils": "^2.1.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5044,7 +4386,7 @@
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
- "@typescript-eslint/parser": "^8.51.0",
+ "@typescript-eslint/parser": "^8.49.0",
"eslint": "^8.57.0 || ^9.0.0",
"typescript": ">=4.8.4 <6.0.0"
}
@@ -5060,16 +4402,16 @@
}
},
"node_modules/@typescript-eslint/parser": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.51.0.tgz",
- "integrity": "sha512-3xP4XzzDNQOIqBMWogftkwxhg5oMKApqY0BAflmLZiFYHqyhSOxv/cd/zPQLTcCXr4AkaKb25joocY0BD1WC6A==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.49.0.tgz",
+ "integrity": "sha512-N9lBGA9o9aqb1hVMc9hzySbhKibHmB+N3IpoShyV6HyQYRGIhlrO5rQgttypi+yEeKsKI4idxC8Jw6gXKD4THA==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@typescript-eslint/scope-manager": "8.51.0",
- "@typescript-eslint/types": "8.51.0",
- "@typescript-eslint/typescript-estree": "8.51.0",
- "@typescript-eslint/visitor-keys": "8.51.0",
+ "@typescript-eslint/scope-manager": "8.49.0",
+ "@typescript-eslint/types": "8.49.0",
+ "@typescript-eslint/typescript-estree": "8.49.0",
+ "@typescript-eslint/visitor-keys": "8.49.0",
"debug": "^4.3.4"
},
"engines": {
@@ -5085,14 +4427,14 @@
}
},
"node_modules/@typescript-eslint/project-service": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.51.0.tgz",
- "integrity": "sha512-Luv/GafO07Z7HpiI7qeEW5NW8HUtZI/fo/kE0YbtQEFpJRUuR0ajcWfCE5bnMvL7QQFrmT/odMe8QZww8X2nfQ==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.49.0.tgz",
+ "integrity": "sha512-/wJN0/DKkmRUMXjZUXYZpD1NEQzQAAn9QWfGwo+Ai8gnzqH7tvqS7oNVdTjKqOcPyVIdZdyCMoqN66Ia789e7g==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@typescript-eslint/tsconfig-utils": "^8.51.0",
- "@typescript-eslint/types": "^8.51.0",
+ "@typescript-eslint/tsconfig-utils": "^8.49.0",
+ "@typescript-eslint/types": "^8.49.0",
"debug": "^4.3.4"
},
"engines": {
@@ -5107,14 +4449,14 @@
}
},
"node_modules/@typescript-eslint/scope-manager": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.51.0.tgz",
- "integrity": "sha512-JhhJDVwsSx4hiOEQPeajGhCWgBMBwVkxC/Pet53EpBVs7zHHtayKefw1jtPaNRXpI9RA2uocdmpdfE7T+NrizA==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.49.0.tgz",
+ "integrity": "sha512-npgS3zi+/30KSOkXNs0LQXtsg9ekZ8OISAOLGWA/ZOEn0ZH74Ginfl7foziV8DT+D98WfQ5Kopwqb/PZOaIJGg==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@typescript-eslint/types": "8.51.0",
- "@typescript-eslint/visitor-keys": "8.51.0"
+ "@typescript-eslint/types": "8.49.0",
+ "@typescript-eslint/visitor-keys": "8.49.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5125,9 +4467,9 @@
}
},
"node_modules/@typescript-eslint/tsconfig-utils": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.51.0.tgz",
- "integrity": "sha512-Qi5bSy/vuHeWyir2C8u/uqGMIlIDu8fuiYWv48ZGlZ/k+PRPHtaAu7erpc7p5bzw2WNNSniuxoMSO4Ar6V9OXw==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.49.0.tgz",
+ "integrity": "sha512-8prixNi1/6nawsRYxet4YOhnbW+W9FK/bQPxsGB1D3ZrDzbJ5FXw5XmzxZv82X3B+ZccuSxo/X8q9nQ+mFecWA==",
"dev": true,
"license": "MIT",
"engines": {
@@ -5142,17 +4484,17 @@
}
},
"node_modules/@typescript-eslint/type-utils": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.51.0.tgz",
- "integrity": "sha512-0XVtYzxnobc9K0VU7wRWg1yiUrw4oQzexCG2V2IDxxCxhqBMSMbjB+6o91A+Uc0GWtgjCa3Y8bi7hwI0Tu4n5Q==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.49.0.tgz",
+ "integrity": "sha512-KTExJfQ+svY8I10P4HdxKzWsvtVnsuCifU5MvXrRwoP2KOlNZ9ADNEWWsQTJgMxLzS5VLQKDjkCT/YzgsnqmZg==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@typescript-eslint/types": "8.51.0",
- "@typescript-eslint/typescript-estree": "8.51.0",
- "@typescript-eslint/utils": "8.51.0",
+ "@typescript-eslint/types": "8.49.0",
+ "@typescript-eslint/typescript-estree": "8.49.0",
+ "@typescript-eslint/utils": "8.49.0",
"debug": "^4.3.4",
- "ts-api-utils": "^2.2.0"
+ "ts-api-utils": "^2.1.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5167,9 +4509,9 @@
}
},
"node_modules/@typescript-eslint/types": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.51.0.tgz",
- "integrity": "sha512-TizAvWYFM6sSscmEakjY3sPqGwxZRSywSsPEiuZF6d5GmGD9Gvlsv0f6N8FvAAA0CD06l3rIcWNbsN1e5F/9Ag==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.49.0.tgz",
+ "integrity": "sha512-e9k/fneezorUo6WShlQpMxXh8/8wfyc+biu6tnAqA81oWrEic0k21RHzP9uqqpyBBeBKu4T+Bsjy9/b8u7obXQ==",
"dev": true,
"license": "MIT",
"engines": {
@@ -5181,21 +4523,21 @@
}
},
"node_modules/@typescript-eslint/typescript-estree": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.51.0.tgz",
- "integrity": "sha512-1qNjGqFRmlq0VW5iVlcyHBbCjPB7y6SxpBkrbhNWMy/65ZoncXCEPJxkRZL8McrseNH6lFhaxCIaX+vBuFnRng==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.49.0.tgz",
+ "integrity": "sha512-jrLdRuAbPfPIdYNppHJ/D0wN+wwNfJ32YTAm10eJVsFmrVpXQnDWBn8niCSMlWjvml8jsce5E/O+86IQtTbJWA==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@typescript-eslint/project-service": "8.51.0",
- "@typescript-eslint/tsconfig-utils": "8.51.0",
- "@typescript-eslint/types": "8.51.0",
- "@typescript-eslint/visitor-keys": "8.51.0",
+ "@typescript-eslint/project-service": "8.49.0",
+ "@typescript-eslint/tsconfig-utils": "8.49.0",
+ "@typescript-eslint/types": "8.49.0",
+ "@typescript-eslint/visitor-keys": "8.49.0",
"debug": "^4.3.4",
"minimatch": "^9.0.4",
"semver": "^7.6.0",
"tinyglobby": "^0.2.15",
- "ts-api-utils": "^2.2.0"
+ "ts-api-utils": "^2.1.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5235,16 +4577,16 @@
}
},
"node_modules/@typescript-eslint/utils": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.51.0.tgz",
- "integrity": "sha512-11rZYxSe0zabiKaCP2QAwRf/dnmgFgvTmeDTtZvUvXG3UuAdg/GU02NExmmIXzz3vLGgMdtrIosI84jITQOxUA==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.49.0.tgz",
+ "integrity": "sha512-N3W7rJw7Rw+z1tRsHZbK395TWSYvufBXumYtEGzypgMUthlg0/hmCImeA8hgO2d2G4pd7ftpxxul2J8OdtdaFA==",
"dev": true,
"license": "MIT",
"dependencies": {
"@eslint-community/eslint-utils": "^4.7.0",
- "@typescript-eslint/scope-manager": "8.51.0",
- "@typescript-eslint/types": "8.51.0",
- "@typescript-eslint/typescript-estree": "8.51.0"
+ "@typescript-eslint/scope-manager": "8.49.0",
+ "@typescript-eslint/types": "8.49.0",
+ "@typescript-eslint/typescript-estree": "8.49.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -5259,13 +4601,13 @@
}
},
"node_modules/@typescript-eslint/visitor-keys": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.51.0.tgz",
- "integrity": "sha512-mM/JRQOzhVN1ykejrvwnBRV3+7yTKK8tVANVN3o1O0t0v7o+jqdVu9crPy5Y9dov15TJk/FTIgoUGHrTOVL3Zg==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.49.0.tgz",
+ "integrity": "sha512-LlKaciDe3GmZFphXIc79THF/YYBugZ7FS1pO581E/edlVVNbZKDy93evqmrfQ9/Y4uN0vVhX4iuchq26mK/iiA==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@typescript-eslint/types": "8.51.0",
+ "@typescript-eslint/types": "8.49.0",
"eslint-visitor-keys": "^4.2.1"
},
"engines": {
@@ -5304,16 +4646,16 @@
}
},
"node_modules/@vitest/expect": {
- "version": "4.0.16",
- "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-4.0.16.tgz",
- "integrity": "sha512-eshqULT2It7McaJkQGLkPjPjNph+uevROGuIMJdG3V+0BSR2w9u6J9Lwu+E8cK5TETlfou8GRijhafIMhXsimA==",
+ "version": "4.0.15",
+ "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-4.0.15.tgz",
+ "integrity": "sha512-Gfyva9/GxPAWXIWjyGDli9O+waHDC0Q0jaLdFP1qPAUUfo1FEXPXUfUkp3eZA0sSq340vPycSyOlYUeM15Ft1w==",
"dev": true,
"license": "MIT",
"dependencies": {
"@standard-schema/spec": "^1.0.0",
"@types/chai": "^5.2.2",
- "@vitest/spy": "4.0.16",
- "@vitest/utils": "4.0.16",
+ "@vitest/spy": "4.0.15",
+ "@vitest/utils": "4.0.15",
"chai": "^6.2.1",
"tinyrainbow": "^3.0.3"
},
@@ -5322,13 +4664,13 @@
}
},
"node_modules/@vitest/mocker": {
- "version": "4.0.16",
- "resolved": "https://registry.npmjs.org/@vitest/mocker/-/mocker-4.0.16.tgz",
- "integrity": "sha512-yb6k4AZxJTB+q9ycAvsoxGn+j/po0UaPgajllBgt1PzoMAAmJGYFdDk0uCcRcxb3BrME34I6u8gHZTQlkqSZpg==",
+ "version": "4.0.15",
+ "resolved": "https://registry.npmjs.org/@vitest/mocker/-/mocker-4.0.15.tgz",
+ "integrity": "sha512-CZ28GLfOEIFkvCFngN8Sfx5h+Se0zN+h4B7yOsPVCcgtiO7t5jt9xQh2E1UkFep+eb9fjyMfuC5gBypwb07fvQ==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@vitest/spy": "4.0.16",
+ "@vitest/spy": "4.0.15",
"estree-walker": "^3.0.3",
"magic-string": "^0.30.21"
},
@@ -5349,9 +4691,9 @@
}
},
"node_modules/@vitest/pretty-format": {
- "version": "4.0.16",
- "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.0.16.tgz",
- "integrity": "sha512-eNCYNsSty9xJKi/UdVD8Ou16alu7AYiS2fCPRs0b1OdhJiV89buAXQLpTbe+X8V9L6qrs9CqyvU7OaAopJYPsA==",
+ "version": "4.0.15",
+ "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.0.15.tgz",
+ "integrity": "sha512-SWdqR8vEv83WtZcrfLNqlqeQXlQLh2iilO1Wk1gv4eiHKjEzvgHb2OVc3mIPyhZE6F+CtfYjNlDJwP5MN6Km7A==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -5362,13 +4704,13 @@
}
},
"node_modules/@vitest/runner": {
- "version": "4.0.16",
- "resolved": "https://registry.npmjs.org/@vitest/runner/-/runner-4.0.16.tgz",
- "integrity": "sha512-VWEDm5Wv9xEo80ctjORcTQRJ539EGPB3Pb9ApvVRAY1U/WkHXmmYISqU5E79uCwcW7xYUV38gwZD+RV755fu3Q==",
+ "version": "4.0.15",
+ "resolved": "https://registry.npmjs.org/@vitest/runner/-/runner-4.0.15.tgz",
+ "integrity": "sha512-+A+yMY8dGixUhHmNdPUxOh0la6uVzun86vAbuMT3hIDxMrAOmn5ILBHm8ajrqHE0t8R9T1dGnde1A5DTnmi3qw==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@vitest/utils": "4.0.16",
+ "@vitest/utils": "4.0.15",
"pathe": "^2.0.3"
},
"funding": {
@@ -5376,13 +4718,13 @@
}
},
"node_modules/@vitest/snapshot": {
- "version": "4.0.16",
- "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.0.16.tgz",
- "integrity": "sha512-sf6NcrYhYBsSYefxnry+DR8n3UV4xWZwWxYbCJUt2YdvtqzSPR7VfGrY0zsv090DAbjFZsi7ZaMi1KnSRyK1XA==",
+ "version": "4.0.15",
+ "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.0.15.tgz",
+ "integrity": "sha512-A7Ob8EdFZJIBjLjeO0DZF4lqR6U7Ydi5/5LIZ0xcI+23lYlsYJAfGn8PrIWTYdZQRNnSRlzhg0zyGu37mVdy5g==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@vitest/pretty-format": "4.0.16",
+ "@vitest/pretty-format": "4.0.15",
"magic-string": "^0.30.21",
"pathe": "^2.0.3"
},
@@ -5391,9 +4733,9 @@
}
},
"node_modules/@vitest/spy": {
- "version": "4.0.16",
- "resolved": "https://registry.npmjs.org/@vitest/spy/-/spy-4.0.16.tgz",
- "integrity": "sha512-4jIOWjKP0ZUaEmJm00E0cOBLU+5WE0BpeNr3XN6TEF05ltro6NJqHWxXD0kA8/Zc8Nh23AT8WQxwNG+WeROupw==",
+ "version": "4.0.15",
+ "resolved": "https://registry.npmjs.org/@vitest/spy/-/spy-4.0.15.tgz",
+ "integrity": "sha512-+EIjOJmnY6mIfdXtE/bnozKEvTC4Uczg19yeZ2vtCz5Yyb0QQ31QWVQ8hswJ3Ysx/K2EqaNsVanjr//2+P3FHw==",
"dev": true,
"license": "MIT",
"funding": {
@@ -5401,13 +4743,13 @@
}
},
"node_modules/@vitest/utils": {
- "version": "4.0.16",
- "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.0.16.tgz",
- "integrity": "sha512-h8z9yYhV3e1LEfaQ3zdypIrnAg/9hguReGZoS7Gl0aBG5xgA410zBqECqmaF/+RkTggRsfnzc1XaAHA6bmUufA==",
+ "version": "4.0.15",
+ "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.0.15.tgz",
+ "integrity": "sha512-HXjPW2w5dxhTD0dLwtYHDnelK3j8sR8cWIaLxr22evTyY6q8pRCjZSmhRWVjBaOVXChQd6AwMzi9pucorXCPZA==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@vitest/pretty-format": "4.0.16",
+ "@vitest/pretty-format": "4.0.15",
"tinyrainbow": "^3.0.3"
},
"funding": {
@@ -5425,37 +4767,47 @@
}
},
"node_modules/@xterm/addon-fit": {
- "version": "0.11.0",
- "resolved": "https://registry.npmjs.org/@xterm/addon-fit/-/addon-fit-0.11.0.tgz",
- "integrity": "sha512-jYcgT6xtVYhnhgxh3QgYDnnNMYTcf8ElbxxFzX0IZo+vabQqSPAjC3c1wJrKB5E19VwQei89QCiZZP86DCPF7g==",
- "license": "MIT"
+ "version": "0.10.0",
+ "resolved": "https://registry.npmjs.org/@xterm/addon-fit/-/addon-fit-0.10.0.tgz",
+ "integrity": "sha512-UFYkDm4HUahf2lnEyHvio51TNGiLK66mqP2JoATy7hRZeXaGMRDr00JiSF7m63vR5WKATF605yEggJKsw0JpMQ==",
+ "license": "MIT",
+ "peerDependencies": {
+ "@xterm/xterm": "^5.0.0"
+ }
},
"node_modules/@xterm/addon-serialize": {
- "version": "0.14.0",
- "resolved": "https://registry.npmjs.org/@xterm/addon-serialize/-/addon-serialize-0.14.0.tgz",
- "integrity": "sha512-uteyTU1EkrQa2Ux6P/uFl2fzmXI46jy5uoQMKEOM0fKTyiW7cSn0WrFenHm5vO5uEXX/GpwW/FgILvv3r0WbkA==",
- "license": "MIT"
+ "version": "0.13.0",
+ "resolved": "https://registry.npmjs.org/@xterm/addon-serialize/-/addon-serialize-0.13.0.tgz",
+ "integrity": "sha512-kGs8o6LWAmN1l2NpMp01/YkpxbmO4UrfWybeGu79Khw5K9+Krp7XhXbBTOTc3GJRRhd6EmILjpR8k5+odY39YQ==",
+ "license": "MIT",
+ "peerDependencies": {
+ "@xterm/xterm": "^5.0.0"
+ }
},
"node_modules/@xterm/addon-web-links": {
- "version": "0.12.0",
- "resolved": "https://registry.npmjs.org/@xterm/addon-web-links/-/addon-web-links-0.12.0.tgz",
- "integrity": "sha512-4Smom3RPyVp7ZMYOYDoC/9eGJJJqYhnPLGGqJ6wOBfB8VxPViJNSKdgRYb8NpaM6YSelEKbA2SStD7lGyqaobw==",
- "license": "MIT"
+ "version": "0.11.0",
+ "resolved": "https://registry.npmjs.org/@xterm/addon-web-links/-/addon-web-links-0.11.0.tgz",
+ "integrity": "sha512-nIHQ38pQI+a5kXnRaTgwqSHnX7KE6+4SVoceompgHL26unAxdfP6IPqUTSYPQgSwM56hsElfoNrrW5V7BUED/Q==",
+ "license": "MIT",
+ "peerDependencies": {
+ "@xterm/xterm": "^5.0.0"
+ }
},
"node_modules/@xterm/addon-webgl": {
- "version": "0.19.0",
- "resolved": "https://registry.npmjs.org/@xterm/addon-webgl/-/addon-webgl-0.19.0.tgz",
- "integrity": "sha512-b3fMOsyLVuCeNJWxolACEUED0vm7qC0cy4wRvf3oURSzDTYVQiGPhTnhWZwIHdvC48Y+oLhvYXnY4XDXPoJo6A==",
- "license": "MIT"
+ "version": "0.18.0",
+ "resolved": "https://registry.npmjs.org/@xterm/addon-webgl/-/addon-webgl-0.18.0.tgz",
+ "integrity": "sha512-xCnfMBTI+/HKPdRnSOHaJDRqEpq2Ugy8LEj9GiY4J3zJObo3joylIFaMvzBwbYRg8zLtkO0KQaStCeSfoaI2/w==",
+ "license": "MIT",
+ "peerDependencies": {
+ "@xterm/xterm": "^5.0.0"
+ }
},
"node_modules/@xterm/xterm": {
- "version": "6.0.0",
- "resolved": "https://registry.npmjs.org/@xterm/xterm/-/xterm-6.0.0.tgz",
- "integrity": "sha512-TQwDdQGtwwDt+2cgKDLn0IRaSxYu1tSUjgKarSDkUM0ZNiSRXFpjxEsvc/Zgc5kq5omJ+V0a8/kIM2WD3sMOYg==",
+ "version": "5.5.0",
+ "resolved": "https://registry.npmjs.org/@xterm/xterm/-/xterm-5.5.0.tgz",
+ "integrity": "sha512-hqJHYaQb5OptNunnyAnkHyM8aCjZ1MEIDTQu1iIbbTD/xops91NB5yq1ZK/dC2JDbVWtF23zUtl9JE2NqwT87A==",
"license": "MIT",
- "workspaces": [
- "addons/*"
- ]
+ "peer": true
},
"node_modules/7zip-bin": {
"version": "5.2.0",
@@ -5465,14 +4817,11 @@
"license": "MIT"
},
"node_modules/abbrev": {
- "version": "3.0.1",
- "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-3.0.1.tgz",
- "integrity": "sha512-AO2ac6pjRB3SJmGJo+v5/aK6Omggp6fsLrs6wN9bd35ulu4cCwaAU9+7ZhXjeqHVkaHThLuzH0nZr0YpCDhygg==",
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz",
+ "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==",
"dev": true,
- "license": "ISC",
- "engines": {
- "node": "^18.17.0 || >=20.5.0"
- }
+ "license": "ISC"
},
"node_modules/acorn": {
"version": "8.15.0",
@@ -5680,63 +5029,12 @@
"semver": "^7.3.5",
"tar": "^6.0.5",
"yargs": "^17.0.1"
- },
- "bin": {
- "electron-rebuild": "lib/cli.js"
- },
- "engines": {
- "node": ">=12.13.0"
- }
- },
- "node_modules/app-builder-lib/node_modules/fs-extra": {
- "version": "10.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
- "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
- },
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/app-builder-lib/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/app-builder-lib/node_modules/node-abi": {
- "version": "3.85.0",
- "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-3.85.0.tgz",
- "integrity": "sha512-zsFhmbkAzwhTft6nd3VxcG0cvJsT70rL+BIGHWVq5fi6MwGrHwzqKaxXE+Hl2GmnGItnDKPPkO5/LQqjVkIdFg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "semver": "^7.3.5"
- },
- "engines": {
- "node": ">=10"
- }
- },
- "node_modules/app-builder-lib/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
+ },
+ "bin": {
+ "electron-rebuild": "lib/cli.js"
+ },
"engines": {
- "node": ">= 10.0.0"
+ "node": ">=12.13.0"
}
},
"node_modules/argparse": {
@@ -6074,25 +5372,15 @@
"license": "MIT"
},
"node_modules/baseline-browser-mapping": {
- "version": "2.9.11",
- "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.9.11.tgz",
- "integrity": "sha512-Sg0xJUNDU1sJNGdfGWhVHX0kkZ+HWcvmVymJbj6NSgZZmW/8S9Y2HQ5euytnIgakgxN6papOAWiwDo1ctFDcoQ==",
+ "version": "2.9.7",
+ "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.9.7.tgz",
+ "integrity": "sha512-k9xFKplee6KIio3IDbwj+uaCLpqzOwakOgmqzPezM0sFJlFKcg30vk2wOiAJtkTSfx0SSQDSe8q+mWA/fSH5Zg==",
"dev": true,
"license": "Apache-2.0",
"bin": {
"baseline-browser-mapping": "dist/cli.js"
}
},
- "node_modules/bidi-js": {
- "version": "1.0.3",
- "resolved": "https://registry.npmjs.org/bidi-js/-/bidi-js-1.0.3.tgz",
- "integrity": "sha512-RKshQI1R3YQ+n9YJz2QQ147P66ELpa1FQEg20Dk8oW9t2KgLbpDLLp9aGZ7y8WHSshDknG0bknqGw5/tyCs5tw==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "require-from-string": "^2.0.2"
- }
- },
"node_modules/bl": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz",
@@ -6253,44 +5541,6 @@
"node": ">=12.0.0"
}
},
- "node_modules/builder-util/node_modules/fs-extra": {
- "version": "10.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
- "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
- },
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/builder-util/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/builder-util/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
- }
- },
"node_modules/cac": {
"version": "6.7.14",
"resolved": "https://registry.npmjs.org/cac/-/cac-6.7.14.tgz",
@@ -6302,118 +5552,43 @@
}
},
"node_modules/cacache": {
- "version": "19.0.1",
- "resolved": "https://registry.npmjs.org/cacache/-/cacache-19.0.1.tgz",
- "integrity": "sha512-hdsUxulXCi5STId78vRVYEtDAjq99ICAUktLTeTYsLoTE6Z8dS0c8pWNCxwdrk9YfJeobDZc2Y186hD/5ZQgFQ==",
+ "version": "16.1.3",
+ "resolved": "https://registry.npmjs.org/cacache/-/cacache-16.1.3.tgz",
+ "integrity": "sha512-/+Emcj9DAXxX4cwlLmRI9c166RuL3w30zp4R7Joiv2cQTtTtA+jeuCAjH3ZlGnYS3tKENSrKhAzVVP9GVyzeYQ==",
"dev": true,
"license": "ISC",
"dependencies": {
- "@npmcli/fs": "^4.0.0",
- "fs-minipass": "^3.0.0",
- "glob": "^10.2.2",
- "lru-cache": "^10.0.1",
- "minipass": "^7.0.3",
- "minipass-collect": "^2.0.1",
+ "@npmcli/fs": "^2.1.0",
+ "@npmcli/move-file": "^2.0.0",
+ "chownr": "^2.0.0",
+ "fs-minipass": "^2.1.0",
+ "glob": "^8.0.1",
+ "infer-owner": "^1.0.4",
+ "lru-cache": "^7.7.1",
+ "minipass": "^3.1.6",
+ "minipass-collect": "^1.0.2",
"minipass-flush": "^1.0.5",
"minipass-pipeline": "^1.2.4",
- "p-map": "^7.0.2",
- "ssri": "^12.0.0",
- "tar": "^7.4.3",
- "unique-filename": "^4.0.0"
+ "mkdirp": "^1.0.4",
+ "p-map": "^4.0.0",
+ "promise-inflight": "^1.0.1",
+ "rimraf": "^3.0.2",
+ "ssri": "^9.0.0",
+ "tar": "^6.1.11",
+ "unique-filename": "^2.0.0"
},
"engines": {
- "node": "^18.17.0 || >=20.5.0"
- }
- },
- "node_modules/cacache/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "balanced-match": "^1.0.0"
- }
- },
- "node_modules/cacache/node_modules/chownr": {
- "version": "3.0.0",
- "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz",
- "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==",
- "dev": true,
- "license": "BlueOak-1.0.0",
- "engines": {
- "node": ">=18"
- }
- },
- "node_modules/cacache/node_modules/glob": {
- "version": "10.5.0",
- "resolved": "https://registry.npmjs.org/glob/-/glob-10.5.0.tgz",
- "integrity": "sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "foreground-child": "^3.1.0",
- "jackspeak": "^3.1.2",
- "minimatch": "^9.0.4",
- "minipass": "^7.1.2",
- "package-json-from-dist": "^1.0.0",
- "path-scurry": "^1.11.1"
- },
- "bin": {
- "glob": "dist/esm/bin.mjs"
- },
- "funding": {
- "url": "https://github.com/sponsors/isaacs"
+ "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
"node_modules/cacache/node_modules/lru-cache": {
- "version": "10.4.3",
- "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
- "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==",
- "dev": true,
- "license": "ISC"
- },
- "node_modules/cacache/node_modules/minimatch": {
- "version": "9.0.5",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
- "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+ "version": "7.18.3",
+ "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
+ "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==",
"dev": true,
"license": "ISC",
- "dependencies": {
- "brace-expansion": "^2.0.1"
- },
- "engines": {
- "node": ">=16 || 14 >=14.17"
- },
- "funding": {
- "url": "https://github.com/sponsors/isaacs"
- }
- },
- "node_modules/cacache/node_modules/tar": {
- "version": "7.5.2",
- "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.2.tgz",
- "integrity": "sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==",
- "dev": true,
- "license": "BlueOak-1.0.0",
- "dependencies": {
- "@isaacs/fs-minipass": "^4.0.0",
- "chownr": "^3.0.0",
- "minipass": "^7.1.2",
- "minizlib": "^3.1.0",
- "yallist": "^5.0.0"
- },
- "engines": {
- "node": ">=18"
- }
- },
- "node_modules/cacache/node_modules/yallist": {
- "version": "5.0.0",
- "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz",
- "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==",
- "dev": true,
- "license": "BlueOak-1.0.0",
"engines": {
- "node": ">=18"
+ "node": ">=12"
}
},
"node_modules/cacheable-lookup": {
@@ -6506,9 +5681,9 @@
}
},
"node_modules/caniuse-lite": {
- "version": "1.0.30001762",
- "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001762.tgz",
- "integrity": "sha512-PxZwGNvH7Ak8WX5iXzoK1KPZttBXNPuaOvI2ZYU7NrlM+d9Ov+TUvlLOBNGzVXAntMSMMlJPd+jY6ovrVjSmUw==",
+ "version": "1.0.30001760",
+ "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001760.tgz",
+ "integrity": "sha512-7AAMPcueWELt1p3mi13HR/LHH0TJLT11cnwDJEs3xA4+CK/PLKeO9Kl1oru24htkyUKtkGCvAx4ohB0Ttry8Dw==",
"dev": true,
"funding": [
{
@@ -6537,9 +5712,9 @@
}
},
"node_modules/chai": {
- "version": "6.2.2",
- "resolved": "https://registry.npmjs.org/chai/-/chai-6.2.2.tgz",
- "integrity": "sha512-NUPRluOfOiTKBKvWPtSD4PhFvWCqOi0BGStNWs57X9js7XGTprSmFoz5F0tWhR4WPjNeR9jXqdC7/UpSJTnlRg==",
+ "version": "6.2.1",
+ "resolved": "https://registry.npmjs.org/chai/-/chai-6.2.1.tgz",
+ "integrity": "sha512-p4Z49OGG5W/WBCPSS/dH3jQ73kD6tiMmUM+bckNK6Jr5JHMG3k9bg/BvKR8lKmtVBKmOiuVaV2ws8s9oSbwysg==",
"dev": true,
"license": "MIT",
"engines": {
@@ -6674,19 +5849,16 @@
}
},
"node_modules/cli-cursor": {
- "version": "5.0.0",
- "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-5.0.0.tgz",
- "integrity": "sha512-aCj4O5wKyszjMmDT4tZj93kxyydN/K5zPWSCe6/0AV/AA1pqe5ZBIw0a2ZfPQV7lL5/yb5HsUreJ6UFAF1tEQw==",
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz",
+ "integrity": "sha512-I/zHAwsKf9FqGoXM4WWRACob9+SNukZTd94DWF57E4toouRulbCxcUh6RKUEOQlYTHJnzkPMySvPNaaSLNfLZw==",
"dev": true,
"license": "MIT",
"dependencies": {
- "restore-cursor": "^5.0.0"
+ "restore-cursor": "^3.1.0"
},
"engines": {
- "node": ">=18"
- },
- "funding": {
- "url": "https://github.com/sponsors/sindresorhus"
+ "node": ">=8"
}
},
"node_modules/cli-spinners": {
@@ -6735,37 +5907,6 @@
"node": ">=12"
}
},
- "node_modules/cliui/node_modules/strip-ansi": {
- "version": "6.0.1",
- "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
- "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "ansi-regex": "^5.0.1"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/cliui/node_modules/wrap-ansi": {
- "version": "7.0.0",
- "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
- "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "ansi-styles": "^4.0.0",
- "string-width": "^4.1.0",
- "strip-ansi": "^6.0.0"
- },
- "engines": {
- "node": ">=10"
- },
- "funding": {
- "url": "https://github.com/chalk/wrap-ansi?sponsor=1"
- }
- },
"node_modules/clone": {
"version": "1.0.4",
"resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz",
@@ -6933,6 +6074,16 @@
"url": "https://github.com/sponsors/isaacs"
}
},
+ "node_modules/config-file-ts/node_modules/minipass": {
+ "version": "7.1.2",
+ "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz",
+ "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==",
+ "dev": true,
+ "license": "ISC",
+ "engines": {
+ "node": ">=16 || 14 >=14.17"
+ }
+ },
"node_modules/convert-source-map": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
@@ -6968,24 +6119,6 @@
"optional": true,
"peer": true
},
- "node_modules/cross-env": {
- "version": "10.1.0",
- "resolved": "https://registry.npmjs.org/cross-env/-/cross-env-10.1.0.tgz",
- "integrity": "sha512-GsYosgnACZTADcmEyJctkJIoqAhHjttw7RsFrVoJNXbsWWqaq6Ym+7kZjq6mS45O0jij6vtiReppKQEtqWy6Dw==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "@epic-web/invariant": "^1.0.0",
- "cross-spawn": "^7.0.6"
- },
- "bin": {
- "cross-env": "dist/bin/cross-env.js",
- "cross-env-shell": "dist/bin/cross-env-shell.js"
- },
- "engines": {
- "node": ">=20"
- }
- },
"node_modules/cross-spawn": {
"version": "7.0.6",
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
@@ -7001,19 +6134,12 @@
"node": ">= 8"
}
},
- "node_modules/css-tree": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/css-tree/-/css-tree-3.1.0.tgz",
- "integrity": "sha512-0eW44TGN5SQXU1mWSkKwFstI/22X2bG1nYzZTYMAWjylYURhse752YgbE4Cx46AC+bAvI+/dYTPRk1LqSUnu6w==",
+ "node_modules/css.escape": {
+ "version": "1.5.1",
+ "resolved": "https://registry.npmjs.org/css.escape/-/css.escape-1.5.1.tgz",
+ "integrity": "sha512-YUifsXXuknHlUsmlgyY0PKzgPOr7/FjCePfHNt0jxm83wHZi44VDMQ7/fGNkjY3/jV1MC+1CmZbaHzugyeRtpg==",
"dev": true,
- "license": "MIT",
- "dependencies": {
- "mdn-data": "2.12.2",
- "source-map-js": "^1.0.1"
- },
- "engines": {
- "node": "^10 || ^12.20.0 || ^14.13.0 || >=15.0.0"
- }
+ "license": "MIT"
},
"node_modules/cssesc": {
"version": "3.0.0",
@@ -7028,29 +6154,17 @@
}
},
"node_modules/cssstyle": {
- "version": "5.3.6",
- "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-5.3.6.tgz",
- "integrity": "sha512-legscpSpgSAeGEe0TNcai97DKt9Vd9AsAdOL7Uoetb52Ar/8eJm3LIa39qpv8wWzLFlNG4vVvppQM+teaMPj3A==",
+ "version": "4.6.0",
+ "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-4.6.0.tgz",
+ "integrity": "sha512-2z+rWdzbbSZv6/rhtvzvqeZQHrBaqgogqt85sqFNbabZOuFbCVFb8kPeEtZjiKkbrm395irpNKiYeFeLiQnFPg==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@asamuzakjp/css-color": "^4.1.1",
- "@csstools/css-syntax-patches-for-csstree": "^1.0.21",
- "css-tree": "^3.1.0",
- "lru-cache": "^11.2.4"
+ "@asamuzakjp/css-color": "^3.2.0",
+ "rrweb-cssom": "^0.8.0"
},
"engines": {
- "node": ">=20"
- }
- },
- "node_modules/cssstyle/node_modules/lru-cache": {
- "version": "11.2.4",
- "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.2.4.tgz",
- "integrity": "sha512-B5Y16Jr9LB9dHVkh6ZevG+vAbOsNOYCX+sXvFWFu7B3Iz5mijW3zdbMyhsh8ANd2mSWBYdJgnqi+mL7/LrOPYg==",
- "dev": true,
- "license": "BlueOak-1.0.0",
- "engines": {
- "node": "20 || >=22"
+ "node": ">=18"
}
},
"node_modules/csstype": {
@@ -7060,17 +6174,17 @@
"license": "MIT"
},
"node_modules/data-urls": {
- "version": "6.0.0",
- "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-6.0.0.tgz",
- "integrity": "sha512-BnBS08aLUM+DKamupXs3w2tJJoqU+AkaE/+6vQxi/G/DPmIZFJJp9Dkb1kM03AZx8ADehDUZgsNxju3mPXZYIA==",
+ "version": "5.0.0",
+ "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-5.0.0.tgz",
+ "integrity": "sha512-ZYP5VBHshaDAiVZxjbRVcFJpc+4xGgT0bK3vzy1HLN8jTO975HEbuYzZJcHoQEY5K1a0z8YayJkyVETa08eNTg==",
"dev": true,
"license": "MIT",
"dependencies": {
"whatwg-mimetype": "^4.0.0",
- "whatwg-url": "^15.0.0"
+ "whatwg-url": "^14.0.0"
},
"engines": {
- "node": ">=20"
+ "node": ">=18"
}
},
"node_modules/data-view-buffer": {
@@ -7336,63 +6450,25 @@
"brace-expansion": "^1.1.7"
},
"engines": {
- "node": "*"
- }
- },
- "node_modules/dmg-builder": {
- "version": "26.0.12",
- "resolved": "https://registry.npmjs.org/dmg-builder/-/dmg-builder-26.0.12.tgz",
- "integrity": "sha512-59CAAjAhTaIMCN8y9kD573vDkxbs1uhDcrFLHSgutYdPcGOU35Rf95725snvzEOy4BFB7+eLJ8djCNPmGwG67w==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "app-builder-lib": "26.0.12",
- "builder-util": "26.0.11",
- "builder-util-runtime": "9.3.1",
- "fs-extra": "^10.1.0",
- "iconv-lite": "^0.6.2",
- "js-yaml": "^4.1.0"
- },
- "optionalDependencies": {
- "dmg-license": "^1.0.11"
- }
- },
- "node_modules/dmg-builder/node_modules/fs-extra": {
- "version": "10.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
- "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
- },
- "engines": {
- "node": ">=12"
+ "node": "*"
}
},
- "node_modules/dmg-builder/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
+ "node_modules/dmg-builder": {
+ "version": "26.0.12",
+ "resolved": "https://registry.npmjs.org/dmg-builder/-/dmg-builder-26.0.12.tgz",
+ "integrity": "sha512-59CAAjAhTaIMCN8y9kD573vDkxbs1uhDcrFLHSgutYdPcGOU35Rf95725snvzEOy4BFB7+eLJ8djCNPmGwG67w==",
"dev": true,
"license": "MIT",
"dependencies": {
- "universalify": "^2.0.0"
+ "app-builder-lib": "26.0.12",
+ "builder-util": "26.0.11",
+ "builder-util-runtime": "9.3.1",
+ "fs-extra": "^10.1.0",
+ "iconv-lite": "^0.6.2",
+ "js-yaml": "^4.1.0"
},
"optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/dmg-builder/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
+ "dmg-license": "^1.0.11"
}
},
"node_modules/dmg-license": {
@@ -7568,44 +6644,6 @@
"electron-winstaller": "5.4.0"
}
},
- "node_modules/electron-builder/node_modules/fs-extra": {
- "version": "10.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
- "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
- },
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/electron-builder/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/electron-builder/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
- }
- },
"node_modules/electron-log": {
"version": "5.4.3",
"resolved": "https://registry.npmjs.org/electron-log/-/electron-log-5.4.3.tgz",
@@ -7632,44 +6670,6 @@
"mime": "^2.5.2"
}
},
- "node_modules/electron-publish/node_modules/fs-extra": {
- "version": "10.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
- "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
- },
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/electron-publish/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/electron-publish/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
- }
- },
"node_modules/electron-to-chromium": {
"version": "1.5.267",
"resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.267.tgz",
@@ -7693,41 +6693,6 @@
"tiny-typed-emitter": "^2.1.0"
}
},
- "node_modules/electron-updater/node_modules/fs-extra": {
- "version": "10.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
- "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
- "license": "MIT",
- "dependencies": {
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
- },
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/electron-updater/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
- "license": "MIT",
- "dependencies": {
- "universalify": "^2.0.0"
- },
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/electron-updater/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "license": "MIT",
- "engines": {
- "node": ">= 10.0.0"
- }
- },
"node_modules/electron-vite": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/electron-vite/-/electron-vite-5.0.0.tgz",
@@ -7796,6 +6761,28 @@
"node": ">=6 <7 || >=8"
}
},
+ "node_modules/electron-winstaller/node_modules/jsonfile": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz",
+ "integrity": "sha512-m6F1R3z8jjlf2imQHS2Qez5sjKWQzbuuhuJ/FKYFRZvPE3PuHcSMVZzfsLhGVOkfd20obL5SWEBew5ShlquNxg==",
+ "dev": true,
+ "license": "MIT",
+ "peer": true,
+ "optionalDependencies": {
+ "graceful-fs": "^4.1.6"
+ }
+ },
+ "node_modules/electron-winstaller/node_modules/universalify": {
+ "version": "0.1.2",
+ "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz",
+ "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==",
+ "dev": true,
+ "license": "MIT",
+ "peer": true,
+ "engines": {
+ "node": ">= 4.0.0"
+ }
+ },
"node_modules/electron/node_modules/@types/node": {
"version": "22.19.3",
"resolved": "https://registry.npmjs.org/@types/node/-/node-22.19.3.tgz",
@@ -8353,9 +7340,9 @@
}
},
"node_modules/esquery": {
- "version": "1.7.0",
- "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.7.0.tgz",
- "integrity": "sha512-Ap6G0WQwcU/LHsvLwON1fAQX9Zp0A2Y6Y/cJBl9r/JbW90Zyg4/zbG6zzKa2OTALELarYHmKu0GhpM5EO+7T0g==",
+ "version": "1.6.0",
+ "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.6.0.tgz",
+ "integrity": "sha512-ca9pw9fomFcKPvFLXhBKUK90ZvGibiGOvRJNbjljY7s7uq/5YO4BOzcYtJqExdx99rF6aAcnRxHmcUHcz6sQsg==",
"dev": true,
"license": "BSD-3-Clause",
"dependencies": {
@@ -8511,6 +7498,24 @@
"pend": "~1.2.0"
}
},
+ "node_modules/fdir": {
+ "version": "6.5.0",
+ "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.5.0.tgz",
+ "integrity": "sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==",
+ "dev": true,
+ "license": "MIT",
+ "engines": {
+ "node": ">=12.0.0"
+ },
+ "peerDependencies": {
+ "picomatch": "^3 || ^4"
+ },
+ "peerDependenciesMeta": {
+ "picomatch": {
+ "optional": true
+ }
+ }
+ },
"node_modules/file-entry-cache": {
"version": "8.0.0",
"resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-8.0.0.tgz",
@@ -8641,6 +7646,19 @@
"url": "https://github.com/sponsors/isaacs"
}
},
+ "node_modules/foreground-child/node_modules/signal-exit": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz",
+ "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==",
+ "dev": true,
+ "license": "ISC",
+ "engines": {
+ "node": ">=14"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/isaacs"
+ }
+ },
"node_modules/form-data": {
"version": "4.0.5",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.5.tgz",
@@ -8700,31 +7718,30 @@
}
},
"node_modules/fs-extra": {
- "version": "8.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz",
- "integrity": "sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==",
- "dev": true,
+ "version": "10.1.0",
+ "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
+ "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
"license": "MIT",
"dependencies": {
"graceful-fs": "^4.2.0",
- "jsonfile": "^4.0.0",
- "universalify": "^0.1.0"
+ "jsonfile": "^6.0.1",
+ "universalify": "^2.0.0"
},
"engines": {
- "node": ">=6 <7 || >=8"
+ "node": ">=12"
}
},
"node_modules/fs-minipass": {
- "version": "3.0.3",
- "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-3.0.3.tgz",
- "integrity": "sha512-XUBA9XClHbnJWSfBzjkm6RvPsyg3sryZt06BEQoXcF7EK/xpGaQYJgQKDJSUH5SGZ76Y7pFx1QBnXz09rU5Fbw==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz",
+ "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==",
"dev": true,
"license": "ISC",
"dependencies": {
- "minipass": "^7.0.3"
+ "minipass": "^3.0.0"
},
"engines": {
- "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
+ "node": ">= 8"
}
},
"node_modules/fs.realpath": {
@@ -8916,9 +7933,9 @@
}
},
"node_modules/glob": {
- "version": "7.2.3",
- "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
- "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
+ "version": "8.1.0",
+ "resolved": "https://registry.npmjs.org/glob/-/glob-8.1.0.tgz",
+ "integrity": "sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==",
"deprecated": "Glob versions prior to v9 are no longer supported",
"dev": true,
"license": "ISC",
@@ -8926,12 +7943,11 @@
"fs.realpath": "^1.0.0",
"inflight": "^1.0.4",
"inherits": "2",
- "minimatch": "^3.1.1",
- "once": "^1.3.0",
- "path-is-absolute": "^1.0.0"
+ "minimatch": "^5.0.1",
+ "once": "^1.3.0"
},
"engines": {
- "node": "*"
+ "node": ">=12"
},
"funding": {
"url": "https://github.com/sponsors/isaacs"
@@ -8950,17 +7966,27 @@
"node": ">=10.13.0"
}
},
+ "node_modules/glob/node_modules/brace-expansion": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+ "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "balanced-match": "^1.0.0"
+ }
+ },
"node_modules/glob/node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "5.1.6",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
+ "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
"dev": true,
"license": "ISC",
"dependencies": {
- "brace-expansion": "^1.1.7"
+ "brace-expansion": "^2.0.1"
},
"engines": {
- "node": "*"
+ "node": ">=10"
}
},
"node_modules/global-agent": {
@@ -8983,9 +8009,9 @@
}
},
"node_modules/globals": {
- "version": "17.0.0",
- "resolved": "https://registry.npmjs.org/globals/-/globals-17.0.0.tgz",
- "integrity": "sha512-gv5BeD2EssA793rlFWVPMMCqefTlpusw6/2TbAVMy0FzcG8wKJn4O+NqJ4+XWmmwrayJgw5TzrmWjFgmz1XPqw==",
+ "version": "16.5.0",
+ "resolved": "https://registry.npmjs.org/globals/-/globals-16.5.0.tgz",
+ "integrity": "sha512-c/c15i26VrJ4IRt5Z89DnIzCGDn9EcebibhAOjw5ibqEHsE1wLUgkPn9RDmNcUKyU87GeaL633nyJ+pplFR2ZQ==",
"dev": true,
"license": "MIT",
"engines": {
@@ -9242,16 +8268,16 @@
"license": "ISC"
},
"node_modules/html-encoding-sniffer": {
- "version": "6.0.0",
- "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-6.0.0.tgz",
- "integrity": "sha512-CV9TW3Y3f8/wT0BRFc1/KAVQ3TUHiXmaAb6VW9vtiMFf7SLoMd1PdAc4W3KFOFETBJUb90KatHqlsZMWV+R9Gg==",
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-4.0.0.tgz",
+ "integrity": "sha512-Y22oTqIU4uuPgEemfz7NDJz6OeKf12Lsu+QC+s3BVpda64lTiMYCyGwg5ki4vFxkMwQdeZDl2adZoqUgdFuTgQ==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@exodus/bytes": "^1.6.0"
+ "whatwg-encoding": "^3.1.1"
},
"engines": {
- "node": "^20.19.0 || ^22.12.0 || >=24.0.0"
+ "node": ">=18"
}
},
"node_modules/html-parse-stringify": {
@@ -10152,35 +9178,35 @@
}
},
"node_modules/jsdom": {
- "version": "27.4.0",
- "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-27.4.0.tgz",
- "integrity": "sha512-mjzqwWRD9Y1J1KUi7W97Gja1bwOOM5Ug0EZ6UDK3xS7j7mndrkwozHtSblfomlzyB4NepioNt+B2sOSzczVgtQ==",
+ "version": "26.1.0",
+ "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-26.1.0.tgz",
+ "integrity": "sha512-Cvc9WUhxSMEo4McES3P7oK3QaXldCfNWp7pl2NNeiIFlCoLr3kfq9kb1fxftiwk1FLV7CvpvDfonxtzUDeSOPg==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@acemir/cssom": "^0.9.28",
- "@asamuzakjp/dom-selector": "^6.7.6",
- "@exodus/bytes": "^1.6.0",
- "cssstyle": "^5.3.4",
- "data-urls": "^6.0.0",
- "decimal.js": "^10.6.0",
- "html-encoding-sniffer": "^6.0.0",
+ "cssstyle": "^4.2.1",
+ "data-urls": "^5.0.0",
+ "decimal.js": "^10.5.0",
+ "html-encoding-sniffer": "^4.0.0",
"http-proxy-agent": "^7.0.2",
"https-proxy-agent": "^7.0.6",
"is-potential-custom-element-name": "^1.0.1",
- "parse5": "^8.0.0",
+ "nwsapi": "^2.2.16",
+ "parse5": "^7.2.1",
+ "rrweb-cssom": "^0.8.0",
"saxes": "^6.0.0",
"symbol-tree": "^3.2.4",
- "tough-cookie": "^6.0.0",
+ "tough-cookie": "^5.1.1",
"w3c-xmlserializer": "^5.0.0",
- "webidl-conversions": "^8.0.0",
+ "webidl-conversions": "^7.0.0",
+ "whatwg-encoding": "^3.1.1",
"whatwg-mimetype": "^4.0.0",
- "whatwg-url": "^15.1.0",
- "ws": "^8.18.3",
+ "whatwg-url": "^14.1.1",
+ "ws": "^8.18.0",
"xml-name-validator": "^5.0.0"
},
"engines": {
- "node": "^20.19.0 || ^22.12.0 || >=24.0.0"
+ "node": ">=18"
},
"peerDependencies": {
"canvas": "^3.0.0"
@@ -10247,11 +9273,13 @@
}
},
"node_modules/jsonfile": {
- "version": "4.0.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz",
- "integrity": "sha512-m6F1R3z8jjlf2imQHS2Qez5sjKWQzbuuhuJ/FKYFRZvPE3PuHcSMVZzfsLhGVOkfd20obL5SWEBew5ShlquNxg==",
- "dev": true,
+ "version": "6.2.0",
+ "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
+ "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
"license": "MIT",
+ "dependencies": {
+ "universalify": "^2.0.0"
+ },
"optionalDependencies": {
"graceful-fs": "^4.1.6"
}
@@ -10616,6 +9644,19 @@
"node": ">=20.0.0"
}
},
+ "node_modules/listr2/node_modules/ansi-regex": {
+ "version": "6.2.2",
+ "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.2.2.tgz",
+ "integrity": "sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==",
+ "dev": true,
+ "license": "MIT",
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/chalk/ansi-regex?sponsor=1"
+ }
+ },
"node_modules/listr2/node_modules/ansi-styles": {
"version": "6.2.3",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.3.tgz",
@@ -10646,6 +9687,13 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/listr2/node_modules/emoji-regex": {
+ "version": "10.6.0",
+ "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.6.0.tgz",
+ "integrity": "sha512-toUI84YS5YmxW219erniWD0CIVOo46xGKColeNQRgOzDorgBi1v4D71/OFzgD9GO2UGKIv1C3Sp8DAn0+j5w7A==",
+ "dev": true,
+ "license": "MIT"
+ },
"node_modules/listr2/node_modules/is-fullwidth-code-point": {
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-5.1.0.tgz",
@@ -10696,6 +9744,58 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/listr2/node_modules/strip-ansi": {
+ "version": "7.1.2",
+ "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.2.tgz",
+ "integrity": "sha512-gmBGslpoQJtgnMAvOVqGZpEz9dyoKTCzy2nfz/n8aIFhN/jCE/rCmcxabB6jOOHV+0WNnylOxaxBQPSvcWklhA==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "ansi-regex": "^6.0.1"
+ },
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/chalk/strip-ansi?sponsor=1"
+ }
+ },
+ "node_modules/listr2/node_modules/wrap-ansi": {
+ "version": "9.0.2",
+ "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-9.0.2.tgz",
+ "integrity": "sha512-42AtmgqjV+X1VpdOfyTGOYRi0/zsoLqtXQckTmqTeybT+BDIbM/Guxo7x3pE2vtpr1ok6xRqM9OpBe+Jyoqyww==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "ansi-styles": "^6.2.1",
+ "string-width": "^7.0.0",
+ "strip-ansi": "^7.1.0"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "url": "https://github.com/chalk/wrap-ansi?sponsor=1"
+ }
+ },
+ "node_modules/listr2/node_modules/wrap-ansi/node_modules/string-width": {
+ "version": "7.2.0",
+ "resolved": "https://registry.npmjs.org/string-width/-/string-width-7.2.0.tgz",
+ "integrity": "sha512-tsaTIkKW9b4N+AEj+SVA+WhJzV7/zMhcSu78mLKWSk7cXMOSHsBKFWUs0fWwq8QyK3MgJBQRX6Gbi4kYbdvGkQ==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "emoji-regex": "^10.3.0",
+ "get-east-asian-width": "^1.0.0",
+ "strip-ansi": "^7.1.0"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/sindresorhus"
+ }
+ },
"node_modules/locate-path": {
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz",
@@ -10776,6 +9876,19 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/log-update/node_modules/ansi-regex": {
+ "version": "6.2.2",
+ "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.2.2.tgz",
+ "integrity": "sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==",
+ "dev": true,
+ "license": "MIT",
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/chalk/ansi-regex?sponsor=1"
+ }
+ },
"node_modules/log-update/node_modules/ansi-styles": {
"version": "6.2.3",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.3.tgz",
@@ -10789,6 +9902,29 @@
"url": "https://github.com/chalk/ansi-styles?sponsor=1"
}
},
+ "node_modules/log-update/node_modules/cli-cursor": {
+ "version": "5.0.0",
+ "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-5.0.0.tgz",
+ "integrity": "sha512-aCj4O5wKyszjMmDT4tZj93kxyydN/K5zPWSCe6/0AV/AA1pqe5ZBIw0a2ZfPQV7lL5/yb5HsUreJ6UFAF1tEQw==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "restore-cursor": "^5.0.0"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/sindresorhus"
+ }
+ },
+ "node_modules/log-update/node_modules/emoji-regex": {
+ "version": "10.6.0",
+ "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.6.0.tgz",
+ "integrity": "sha512-toUI84YS5YmxW219erniWD0CIVOo46xGKColeNQRgOzDorgBi1v4D71/OFzgD9GO2UGKIv1C3Sp8DAn0+j5w7A==",
+ "dev": true,
+ "license": "MIT"
+ },
"node_modules/log-update/node_modules/is-fullwidth-code-point": {
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-5.1.0.tgz",
@@ -10805,6 +9941,52 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/log-update/node_modules/onetime": {
+ "version": "7.0.0",
+ "resolved": "https://registry.npmjs.org/onetime/-/onetime-7.0.0.tgz",
+ "integrity": "sha512-VXJjc87FScF88uafS3JllDgvAm+c/Slfz06lorj2uAY34rlUu0Nt+v8wreiImcrgAjjIHp1rXpTDlLOGw29WwQ==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "mimic-function": "^5.0.0"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/sindresorhus"
+ }
+ },
+ "node_modules/log-update/node_modules/restore-cursor": {
+ "version": "5.1.0",
+ "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-5.1.0.tgz",
+ "integrity": "sha512-oMA2dcrw6u0YfxJQXm342bFKX/E4sG9rbTzO9ptUcR/e8A33cHuvStiYOwH7fszkZlZ1z/ta9AAoPk2F4qIOHA==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "onetime": "^7.0.0",
+ "signal-exit": "^4.1.0"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/sindresorhus"
+ }
+ },
+ "node_modules/log-update/node_modules/signal-exit": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz",
+ "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==",
+ "dev": true,
+ "license": "ISC",
+ "engines": {
+ "node": ">=14"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/isaacs"
+ }
+ },
"node_modules/log-update/node_modules/slice-ansi": {
"version": "7.1.2",
"resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-7.1.2.tgz",
@@ -10822,6 +10004,58 @@
"url": "https://github.com/chalk/slice-ansi?sponsor=1"
}
},
+ "node_modules/log-update/node_modules/string-width": {
+ "version": "7.2.0",
+ "resolved": "https://registry.npmjs.org/string-width/-/string-width-7.2.0.tgz",
+ "integrity": "sha512-tsaTIkKW9b4N+AEj+SVA+WhJzV7/zMhcSu78mLKWSk7cXMOSHsBKFWUs0fWwq8QyK3MgJBQRX6Gbi4kYbdvGkQ==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "emoji-regex": "^10.3.0",
+ "get-east-asian-width": "^1.0.0",
+ "strip-ansi": "^7.1.0"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/sindresorhus"
+ }
+ },
+ "node_modules/log-update/node_modules/strip-ansi": {
+ "version": "7.1.2",
+ "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.2.tgz",
+ "integrity": "sha512-gmBGslpoQJtgnMAvOVqGZpEz9dyoKTCzy2nfz/n8aIFhN/jCE/rCmcxabB6jOOHV+0WNnylOxaxBQPSvcWklhA==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "ansi-regex": "^6.0.1"
+ },
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/chalk/strip-ansi?sponsor=1"
+ }
+ },
+ "node_modules/log-update/node_modules/wrap-ansi": {
+ "version": "9.0.2",
+ "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-9.0.2.tgz",
+ "integrity": "sha512-42AtmgqjV+X1VpdOfyTGOYRi0/zsoLqtXQckTmqTeybT+BDIbM/Guxo7x3pE2vtpr1ok6xRqM9OpBe+Jyoqyww==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "ansi-styles": "^6.2.1",
+ "string-width": "^7.0.0",
+ "strip-ansi": "^7.1.0"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "url": "https://github.com/chalk/wrap-ansi?sponsor=1"
+ }
+ },
"node_modules/longest-streak": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/longest-streak/-/longest-streak-3.1.0.tgz",
@@ -10866,9 +10100,9 @@
}
},
"node_modules/lucide-react": {
- "version": "0.562.0",
- "resolved": "https://registry.npmjs.org/lucide-react/-/lucide-react-0.562.0.tgz",
- "integrity": "sha512-82hOAu7y0dbVuFfmO4bYF1XEwYk/mEbM5E+b1jgci/udUBEE/R7LF5Ip0CCEmXe8AybRM8L+04eP+LGZeDvkiw==",
+ "version": "0.560.0",
+ "resolved": "https://registry.npmjs.org/lucide-react/-/lucide-react-0.560.0.tgz",
+ "integrity": "sha512-NwKoUA/aBShsdL8WE5lukV2F/tjHzQRlonQs7fkNGI1sCT0Ay4a9Ap3ST2clUUkcY+9eQ0pBe2hybTQd2fmyDA==",
"license": "ISC",
"peerDependencies": {
"react": "^16.5.1 || ^17.0.0 || ^18.0.0 || ^19.0.0"
@@ -10896,26 +10130,83 @@
}
},
"node_modules/make-fetch-happen": {
- "version": "14.0.3",
- "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-14.0.3.tgz",
- "integrity": "sha512-QMjGbFTP0blj97EeidG5hk/QhKQ3T4ICckQGLgz38QF7Vgbk6e6FTARN8KhKxyBbWn8R0HU+bnw8aSoFPD4qtQ==",
+ "version": "10.2.1",
+ "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-10.2.1.tgz",
+ "integrity": "sha512-NgOPbRiaQM10DYXvN3/hhGVI2M5MtITFryzBGxHM5p4wnFxsVCbxkrBrDsk+EZ5OB4jEOT7AjDxtdF+KVEFT7w==",
"dev": true,
"license": "ISC",
"dependencies": {
- "@npmcli/agent": "^3.0.0",
- "cacache": "^19.0.1",
- "http-cache-semantics": "^4.1.1",
- "minipass": "^7.0.2",
- "minipass-fetch": "^4.0.0",
+ "agentkeepalive": "^4.2.1",
+ "cacache": "^16.1.0",
+ "http-cache-semantics": "^4.1.0",
+ "http-proxy-agent": "^5.0.0",
+ "https-proxy-agent": "^5.0.0",
+ "is-lambda": "^1.0.1",
+ "lru-cache": "^7.7.1",
+ "minipass": "^3.1.6",
+ "minipass-collect": "^1.0.2",
+ "minipass-fetch": "^2.0.3",
"minipass-flush": "^1.0.5",
"minipass-pipeline": "^1.2.4",
- "negotiator": "^1.0.0",
- "proc-log": "^5.0.0",
+ "negotiator": "^0.6.3",
"promise-retry": "^2.0.1",
- "ssri": "^12.0.0"
+ "socks-proxy-agent": "^7.0.0",
+ "ssri": "^9.0.0"
+ },
+ "engines": {
+ "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
+ }
+ },
+ "node_modules/make-fetch-happen/node_modules/agent-base": {
+ "version": "6.0.2",
+ "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz",
+ "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "debug": "4"
+ },
+ "engines": {
+ "node": ">= 6.0.0"
+ }
+ },
+ "node_modules/make-fetch-happen/node_modules/http-proxy-agent": {
+ "version": "5.0.0",
+ "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz",
+ "integrity": "sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@tootallnate/once": "2",
+ "agent-base": "6",
+ "debug": "4"
+ },
+ "engines": {
+ "node": ">= 6"
+ }
+ },
+ "node_modules/make-fetch-happen/node_modules/https-proxy-agent": {
+ "version": "5.0.1",
+ "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz",
+ "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "agent-base": "6",
+ "debug": "4"
},
"engines": {
- "node": "^18.17.0 || >=20.5.0"
+ "node": ">= 6"
+ }
+ },
+ "node_modules/make-fetch-happen/node_modules/lru-cache": {
+ "version": "7.18.3",
+ "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
+ "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==",
+ "dev": true,
+ "license": "ISC",
+ "engines": {
+ "node": ">=12"
}
},
"node_modules/markdown-table": {
@@ -11234,13 +10525,6 @@
"url": "https://opencollective.com/unified"
}
},
- "node_modules/mdn-data": {
- "version": "2.12.2",
- "resolved": "https://registry.npmjs.org/mdn-data/-/mdn-data-2.12.2.tgz",
- "integrity": "sha512-IEn+pegP1aManZuckezWCO+XZQDplx1366JoVhTpMpBB1sPey/SbveZQUosKiKiGYjg1wH4pMlNgXbCiYgihQA==",
- "dev": true,
- "license": "CC0-1.0"
- },
"node_modules/micromark": {
"version": "4.0.2",
"resolved": "https://registry.npmjs.org/micromark/-/micromark-4.0.2.tgz",
@@ -11818,6 +11102,19 @@
"node": ">=8.6"
}
},
+ "node_modules/micromatch/node_modules/picomatch": {
+ "version": "2.3.1",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
+ "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+ "dev": true,
+ "license": "MIT",
+ "engines": {
+ "node": ">=8.6"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/jonschlinkert"
+ }
+ },
"node_modules/mime": {
"version": "2.6.0",
"resolved": "https://registry.npmjs.org/mime/-/mime-2.6.0.tgz",
@@ -11887,6 +11184,16 @@
"node": ">=4"
}
},
+ "node_modules/min-indent": {
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/min-indent/-/min-indent-1.0.1.tgz",
+ "integrity": "sha512-I9jwMn07Sy/IwOj3zVkVik2JTvgpaykDZEigL6Rx6N9LbMywwUSMtxET+7lVoDLLd3O3IXwJwvuuns8UB/HeAg==",
+ "dev": true,
+ "license": "MIT",
+ "engines": {
+ "node": ">=4"
+ }
+ },
"node_modules/minimatch": {
"version": "10.1.1",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.1.1.tgz",
@@ -11914,41 +11221,44 @@
}
},
"node_modules/minipass": {
- "version": "7.1.2",
- "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz",
- "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==",
+ "version": "3.3.6",
+ "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
+ "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
"dev": true,
"license": "ISC",
+ "dependencies": {
+ "yallist": "^4.0.0"
+ },
"engines": {
- "node": ">=16 || 14 >=14.17"
+ "node": ">=8"
}
},
"node_modules/minipass-collect": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/minipass-collect/-/minipass-collect-2.0.1.tgz",
- "integrity": "sha512-D7V8PO9oaz7PWGLbCACuI1qEOsq7UKfLotx/C0Aet43fCUB/wfQ7DYeq2oR/svFJGYDHPr38SHATeaj/ZoKHKw==",
+ "version": "1.0.2",
+ "resolved": "https://registry.npmjs.org/minipass-collect/-/minipass-collect-1.0.2.tgz",
+ "integrity": "sha512-6T6lH0H8OG9kITm/Jm6tdooIbogG9e0tLgpY6mphXSm/A9u8Nq1ryBG+Qspiub9LjWlBPsPS3tWQ/Botq4FdxA==",
"dev": true,
"license": "ISC",
"dependencies": {
- "minipass": "^7.0.3"
+ "minipass": "^3.0.0"
},
"engines": {
- "node": ">=16 || 14 >=14.17"
+ "node": ">= 8"
}
},
"node_modules/minipass-fetch": {
- "version": "4.0.1",
- "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-4.0.1.tgz",
- "integrity": "sha512-j7U11C5HXigVuutxebFadoYBbd7VSdZWggSe64NVdvWNBqGAiXPL2QVCehjmw7lY1oF9gOllYbORh+hiNgfPgQ==",
+ "version": "2.1.2",
+ "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-2.1.2.tgz",
+ "integrity": "sha512-LT49Zi2/WMROHYoqGgdlQIZh8mLPZmOrN2NdJjMXxYe4nkN6FUyuPuOAOedNJDrx0IRGg9+4guZewtp8hE6TxA==",
"dev": true,
"license": "MIT",
"dependencies": {
- "minipass": "^7.0.3",
+ "minipass": "^3.1.6",
"minipass-sized": "^1.0.3",
- "minizlib": "^3.0.1"
+ "minizlib": "^2.1.2"
},
"engines": {
- "node": "^18.17.0 || >=20.5.0"
+ "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
},
"optionalDependencies": {
"encoding": "^0.1.13"
@@ -11967,26 +11277,6 @@
"node": ">= 8"
}
},
- "node_modules/minipass-flush/node_modules/minipass": {
- "version": "3.3.6",
- "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
- "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "yallist": "^4.0.0"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/minipass-flush/node_modules/yallist": {
- "version": "4.0.0",
- "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
- "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
- "dev": true,
- "license": "ISC"
- },
"node_modules/minipass-pipeline": {
"version": "1.2.4",
"resolved": "https://registry.npmjs.org/minipass-pipeline/-/minipass-pipeline-1.2.4.tgz",
@@ -12000,26 +11290,6 @@
"node": ">=8"
}
},
- "node_modules/minipass-pipeline/node_modules/minipass": {
- "version": "3.3.6",
- "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
- "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "yallist": "^4.0.0"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/minipass-pipeline/node_modules/yallist": {
- "version": "4.0.0",
- "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
- "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
- "dev": true,
- "license": "ISC"
- },
"node_modules/minipass-sized": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/minipass-sized/-/minipass-sized-1.0.3.tgz",
@@ -12033,20 +11303,7 @@
"node": ">=8"
}
},
- "node_modules/minipass-sized/node_modules/minipass": {
- "version": "3.3.6",
- "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
- "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "yallist": "^4.0.0"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/minipass-sized/node_modules/yallist": {
+ "node_modules/minipass/node_modules/yallist": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
"integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
@@ -12054,18 +11311,26 @@
"license": "ISC"
},
"node_modules/minizlib": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.1.0.tgz",
- "integrity": "sha512-KZxYo1BUkWD2TVFLr0MQoM8vUUigWD3LlD83a/75BqC+4qE0Hb1Vo5v1FgcfaNXvfXzr+5EhQ6ing/CaBijTlw==",
+ "version": "2.1.2",
+ "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz",
+ "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==",
"dev": true,
"license": "MIT",
"dependencies": {
- "minipass": "^7.1.2"
+ "minipass": "^3.0.0",
+ "yallist": "^4.0.0"
},
"engines": {
- "node": ">= 18"
+ "node": ">= 8"
}
},
+ "node_modules/minizlib/node_modules/yallist": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
+ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
+ "dev": true,
+ "license": "ISC"
+ },
"node_modules/mkdirp": {
"version": "1.0.4",
"resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz",
@@ -12166,9 +11431,9 @@
"license": "MIT"
},
"node_modules/negotiator": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-1.0.0.tgz",
- "integrity": "sha512-8Ofs/AUQh8MaEcrlq5xOX0CQ9ypTF5dl78mjlMNfOK08fzpgTHQRQPBxcPlEtIw0yRpws+Zo/3r+5WRby7u3Gg==",
+ "version": "0.6.4",
+ "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.4.tgz",
+ "integrity": "sha512-myRT3DiWPHqho5PrJaIRyaMv2kgYf0mUVgBNOYMuCH5Ki1yEiQaf/ZJuQ62nvpc44wL5WDbTX7yGJi1Neevw8w==",
"dev": true,
"license": "MIT",
"engines": {
@@ -12176,16 +11441,16 @@
}
},
"node_modules/node-abi": {
- "version": "4.24.0",
- "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-4.24.0.tgz",
- "integrity": "sha512-u2EC1CeNe25uVtX3EZbdQ275c74zdZmmpzrHEQh2aIYqoVjlglfUpOX9YY85x1nlBydEKDVaSmMNhR7N82Qj8A==",
+ "version": "3.85.0",
+ "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-3.85.0.tgz",
+ "integrity": "sha512-zsFhmbkAzwhTft6nd3VxcG0cvJsT70rL+BIGHWVq5fi6MwGrHwzqKaxXE+Hl2GmnGItnDKPPkO5/LQqjVkIdFg==",
"dev": true,
"license": "MIT",
"dependencies": {
- "semver": "^7.6.3"
+ "semver": "^7.3.5"
},
"engines": {
- "node": ">=22.12.0"
+ "node": ">=10"
}
},
"node_modules/node-addon-api": {
@@ -12206,94 +11471,6 @@
"semver": "^7.3.5"
}
},
- "node_modules/node-gyp": {
- "version": "11.5.0",
- "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-11.5.0.tgz",
- "integrity": "sha512-ra7Kvlhxn5V9Slyus0ygMa2h+UqExPqUIkfk7Pc8QTLT956JLSy51uWFwHtIYy0vI8cB4BDhc/S03+880My/LQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "env-paths": "^2.2.0",
- "exponential-backoff": "^3.1.1",
- "graceful-fs": "^4.2.6",
- "make-fetch-happen": "^14.0.3",
- "nopt": "^8.0.0",
- "proc-log": "^5.0.0",
- "semver": "^7.3.5",
- "tar": "^7.4.3",
- "tinyglobby": "^0.2.12",
- "which": "^5.0.0"
- },
- "bin": {
- "node-gyp": "bin/node-gyp.js"
- },
- "engines": {
- "node": "^18.17.0 || >=20.5.0"
- }
- },
- "node_modules/node-gyp/node_modules/chownr": {
- "version": "3.0.0",
- "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz",
- "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==",
- "dev": true,
- "license": "BlueOak-1.0.0",
- "engines": {
- "node": ">=18"
- }
- },
- "node_modules/node-gyp/node_modules/isexe": {
- "version": "3.1.1",
- "resolved": "https://registry.npmjs.org/isexe/-/isexe-3.1.1.tgz",
- "integrity": "sha512-LpB/54B+/2J5hqQ7imZHfdU31OlgQqx7ZicVlkm9kzg9/w8GKLEcFfJl/t7DCEDueOyBAD6zCCwTO6Fzs0NoEQ==",
- "dev": true,
- "license": "ISC",
- "engines": {
- "node": ">=16"
- }
- },
- "node_modules/node-gyp/node_modules/tar": {
- "version": "7.5.2",
- "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.2.tgz",
- "integrity": "sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==",
- "dev": true,
- "license": "BlueOak-1.0.0",
- "dependencies": {
- "@isaacs/fs-minipass": "^4.0.0",
- "chownr": "^3.0.0",
- "minipass": "^7.1.2",
- "minizlib": "^3.1.0",
- "yallist": "^5.0.0"
- },
- "engines": {
- "node": ">=18"
- }
- },
- "node_modules/node-gyp/node_modules/which": {
- "version": "5.0.0",
- "resolved": "https://registry.npmjs.org/which/-/which-5.0.0.tgz",
- "integrity": "sha512-JEdGzHwwkrbWoGOlIHqQ5gtprKGOenpDHpxE9zVR1bWbOtYRyPPHMe9FaP6x61CmNaTThSkb0DAJte5jD+DmzQ==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "isexe": "^3.1.1"
- },
- "bin": {
- "node-which": "bin/which.js"
- },
- "engines": {
- "node": "^18.17.0 || >=20.5.0"
- }
- },
- "node_modules/node-gyp/node_modules/yallist": {
- "version": "5.0.0",
- "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz",
- "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==",
- "dev": true,
- "license": "BlueOak-1.0.0",
- "engines": {
- "node": ">=18"
- }
- },
"node_modules/node-releases": {
"version": "2.0.27",
"resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.27.tgz",
@@ -12302,19 +11479,19 @@
"license": "MIT"
},
"node_modules/nopt": {
- "version": "8.1.0",
- "resolved": "https://registry.npmjs.org/nopt/-/nopt-8.1.0.tgz",
- "integrity": "sha512-ieGu42u/Qsa4TFktmaKEwM6MQH0pOWnaB3htzh0JRtx84+Mebc0cbZYN5bC+6WTZ4+77xrL9Pn5m7CV6VIkV7A==",
+ "version": "6.0.0",
+ "resolved": "https://registry.npmjs.org/nopt/-/nopt-6.0.0.tgz",
+ "integrity": "sha512-ZwLpbTgdhuZUnZzjd7nb1ZV+4DoiC6/sfiVKok72ym/4Tlf+DFdlHYmT2JPmcNNWV6Pi3SDf1kT+A4r9RTuT9g==",
"dev": true,
"license": "ISC",
"dependencies": {
- "abbrev": "^3.0.0"
+ "abbrev": "^1.0.0"
},
"bin": {
"nopt": "bin/nopt.js"
},
"engines": {
- "node": "^18.17.0 || >=20.5.0"
+ "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
"node_modules/normalize-url": {
@@ -12330,6 +11507,13 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/nwsapi": {
+ "version": "2.2.23",
+ "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.23.tgz",
+ "integrity": "sha512-7wfH4sLbt4M0gCDzGE6vzQBo0bfTKjU7Sfpqy/7gs1qBfYz2vEJH6vXcBKpO3+6Yu1telwd0t9HpyOoLEQQbIQ==",
+ "dev": true,
+ "license": "MIT"
+ },
"node_modules/object-assign": {
"version": "4.1.1",
"resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
@@ -12460,16 +11644,16 @@
}
},
"node_modules/onetime": {
- "version": "7.0.0",
- "resolved": "https://registry.npmjs.org/onetime/-/onetime-7.0.0.tgz",
- "integrity": "sha512-VXJjc87FScF88uafS3JllDgvAm+c/Slfz06lorj2uAY34rlUu0Nt+v8wreiImcrgAjjIHp1rXpTDlLOGw29WwQ==",
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz",
+ "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==",
"dev": true,
"license": "MIT",
"dependencies": {
- "mimic-function": "^5.0.0"
+ "mimic-fn": "^2.1.0"
},
"engines": {
- "node": ">=18"
+ "node": ">=6"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
@@ -12517,69 +11701,6 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
- "node_modules/ora/node_modules/cli-cursor": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz",
- "integrity": "sha512-I/zHAwsKf9FqGoXM4WWRACob9+SNukZTd94DWF57E4toouRulbCxcUh6RKUEOQlYTHJnzkPMySvPNaaSLNfLZw==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "restore-cursor": "^3.1.0"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/ora/node_modules/onetime": {
- "version": "5.1.2",
- "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz",
- "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "mimic-fn": "^2.1.0"
- },
- "engines": {
- "node": ">=6"
- },
- "funding": {
- "url": "https://github.com/sponsors/sindresorhus"
- }
- },
- "node_modules/ora/node_modules/restore-cursor": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz",
- "integrity": "sha512-l+sSefzHpj5qimhFSE5a8nufZYAM3sBSVMAPtYkmC+4EH2anSGaEMXSD0izRQbu9nfyQ9y5JrVmp7E8oZrUjvA==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "onetime": "^5.1.0",
- "signal-exit": "^3.0.2"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/ora/node_modules/signal-exit": {
- "version": "3.0.7",
- "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz",
- "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==",
- "dev": true,
- "license": "ISC"
- },
- "node_modules/ora/node_modules/strip-ansi": {
- "version": "6.0.1",
- "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
- "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "ansi-regex": "^5.0.1"
- },
- "engines": {
- "node": ">=8"
- }
- },
"node_modules/own-keys": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/own-keys/-/own-keys-1.0.1.tgz",
@@ -12641,13 +11762,16 @@
}
},
"node_modules/p-map": {
- "version": "7.0.4",
- "resolved": "https://registry.npmjs.org/p-map/-/p-map-7.0.4.tgz",
- "integrity": "sha512-tkAQEw8ysMzmkhgw8k+1U/iPhWNhykKnSk4Rd5zLoPJCuJaGRPo6YposrZgaxHKzDHdDWWZvE/Sk7hsL2X/CpQ==",
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz",
+ "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==",
"dev": true,
"license": "MIT",
+ "dependencies": {
+ "aggregate-error": "^3.0.0"
+ },
"engines": {
- "node": ">=18"
+ "node": ">=10"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
@@ -12699,9 +11823,9 @@
"license": "MIT"
},
"node_modules/parse5": {
- "version": "8.0.0",
- "resolved": "https://registry.npmjs.org/parse5/-/parse5-8.0.0.tgz",
- "integrity": "sha512-9m4m5GSgXjL4AjumKzq1Fgfp3Z8rsvjRNbnkVwfu2ImRqE5D0LnY2QfDen18FSY9C573YU5XxSapdHZTZ2WolA==",
+ "version": "7.3.0",
+ "resolved": "https://registry.npmjs.org/parse5/-/parse5-7.3.0.tgz",
+ "integrity": "sha512-IInvU7fabl34qmi9gY8XOVxhYyMyuH2xUNpb2q8/Y+7552KlejkRvqvD19nMoUW/uQGGbqNpA6Tufu5FL5BZgw==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -12772,6 +11896,16 @@
"dev": true,
"license": "ISC"
},
+ "node_modules/path-scurry/node_modules/minipass": {
+ "version": "7.1.2",
+ "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz",
+ "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==",
+ "dev": true,
+ "license": "ISC",
+ "engines": {
+ "node": ">=16 || 14 >=14.17"
+ }
+ },
"node_modules/pathe": {
"version": "2.0.3",
"resolved": "https://registry.npmjs.org/pathe/-/pathe-2.0.3.tgz",
@@ -12809,13 +11943,13 @@
"license": "ISC"
},
"node_modules/picomatch": {
- "version": "2.3.1",
- "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
- "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+ "version": "4.0.3",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+ "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
"dev": true,
"license": "MIT",
"engines": {
- "node": ">=8.6"
+ "node": ">=12"
},
"funding": {
"url": "https://github.com/sponsors/jonschlinkert"
@@ -13010,14 +12144,22 @@
"url": "https://github.com/chalk/ansi-styles?sponsor=1"
}
},
+ "node_modules/pretty-format/node_modules/react-is": {
+ "version": "17.0.2",
+ "resolved": "https://registry.npmjs.org/react-is/-/react-is-17.0.2.tgz",
+ "integrity": "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==",
+ "dev": true,
+ "license": "MIT",
+ "peer": true
+ },
"node_modules/proc-log": {
- "version": "5.0.0",
- "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-5.0.0.tgz",
- "integrity": "sha512-Azwzvl90HaF0aCz1JrDdXQykFakSSNPaPoiZ9fm5qJIMHioDZEi7OAdRwSm6rSoPtY3Qutnm3L7ogmg3dc+wbQ==",
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-2.0.1.tgz",
+ "integrity": "sha512-Kcmo2FhfDTXdcbfDH76N7uBYHINxc/8GW7UAVuVP9I+Va3uHSerrnKV6dLooga/gh7GlgzuCCr/eoldnL1muGw==",
"dev": true,
"license": "ISC",
"engines": {
- "node": "^18.17.0 || >=20.5.0"
+ "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
"node_modules/progress": {
@@ -13063,13 +12205,6 @@
"react-is": "^16.13.1"
}
},
- "node_modules/prop-types/node_modules/react-is": {
- "version": "16.13.1",
- "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz",
- "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==",
- "dev": true,
- "license": "MIT"
- },
"node_modules/property-information": {
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/property-information/-/property-information-7.1.0.tgz",
@@ -13136,12 +12271,12 @@
}
},
"node_modules/react-i18next": {
- "version": "16.5.1",
- "resolved": "https://registry.npmjs.org/react-i18next/-/react-i18next-16.5.1.tgz",
- "integrity": "sha512-Hks6UIRZWW4c+qDAnx1csVsCGYeIR4MoBGQgJ+NUoNnO6qLxXuf8zu0xdcinyXUORgGzCdRsexxO1Xzv3sTdnw==",
+ "version": "16.5.0",
+ "resolved": "https://registry.npmjs.org/react-i18next/-/react-i18next-16.5.0.tgz",
+ "integrity": "sha512-IMpPTyCTKxEj8klCrLKUTIUa8uYTd851+jcu2fJuUB9Agkk9Qq8asw4omyeHVnOXHrLgQJGTm5zTvn8HpaPiqw==",
"license": "MIT",
"dependencies": {
- "@babel/runtime": "^7.28.4",
+ "@babel/runtime": "^7.27.6",
"html-parse-stringify": "^3.0.1",
"use-sync-external-store": "^1.6.0"
},
@@ -13163,12 +12298,11 @@
}
},
"node_modules/react-is": {
- "version": "17.0.2",
- "resolved": "https://registry.npmjs.org/react-is/-/react-is-17.0.2.tgz",
- "integrity": "sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w==",
+ "version": "16.13.1",
+ "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz",
+ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==",
"dev": true,
- "license": "MIT",
- "peer": true
+ "license": "MIT"
},
"node_modules/react-markdown": {
"version": "10.1.0",
@@ -13255,13 +12389,13 @@
}
},
"node_modules/react-resizable-panels": {
- "version": "4.2.0",
- "resolved": "https://registry.npmjs.org/react-resizable-panels/-/react-resizable-panels-4.2.0.tgz",
- "integrity": "sha512-X/WbnyT/bgx09KEGvtJvaTr3axRrcBGcJdELIoGXZipCxc2hPwFsH/pfpVgwNVq5LpQxF/E5pPXGTQdjBnidPw==",
+ "version": "3.0.6",
+ "resolved": "https://registry.npmjs.org/react-resizable-panels/-/react-resizable-panels-3.0.6.tgz",
+ "integrity": "sha512-b3qKHQ3MLqOgSS+FRYKapNkJZf5EQzuf6+RLiq1/IlTHw99YrZ2NJZLk4hQIzTnnIkRg2LUqyVinu6YWWpUYew==",
"license": "MIT",
"peerDependencies": {
- "react": "^18.0.0 || ^19.0.0",
- "react-dom": "^18.0.0 || ^19.0.0"
+ "react": "^16.14.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc",
+ "react-dom": "^16.14.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc"
}
},
"node_modules/react-style-singleton": {
@@ -13327,6 +12461,20 @@
"url": "https://paulmillr.com/funding/"
}
},
+ "node_modules/redent": {
+ "version": "3.0.0",
+ "resolved": "https://registry.npmjs.org/redent/-/redent-3.0.0.tgz",
+ "integrity": "sha512-6tDA8g98We0zd0GvVeMT9arEOnTw9qM03L9cJXaCjrip1OO764RDBLBfrB4cwzNGDj5OA5ioymC9GkizgWJDUg==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "indent-string": "^4.0.0",
+ "strip-indent": "^3.0.0"
+ },
+ "engines": {
+ "node": ">=8"
+ }
+ },
"node_modules/reflect.getprototypeof": {
"version": "1.0.10",
"resolved": "https://registry.npmjs.org/reflect.getprototypeof/-/reflect.getprototypeof-1.0.10.tgz",
@@ -13447,16 +12595,6 @@
"node": ">=0.10.0"
}
},
- "node_modules/require-from-string": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz",
- "integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">=0.10.0"
- }
- },
"node_modules/resedit": {
"version": "1.7.2",
"resolved": "https://registry.npmjs.org/resedit/-/resedit-1.7.2.tgz",
@@ -13524,20 +12662,17 @@
}
},
"node_modules/restore-cursor": {
- "version": "5.1.0",
- "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-5.1.0.tgz",
- "integrity": "sha512-oMA2dcrw6u0YfxJQXm342bFKX/E4sG9rbTzO9ptUcR/e8A33cHuvStiYOwH7fszkZlZ1z/ta9AAoPk2F4qIOHA==",
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz",
+ "integrity": "sha512-l+sSefzHpj5qimhFSE5a8nufZYAM3sBSVMAPtYkmC+4EH2anSGaEMXSD0izRQbu9nfyQ9y5JrVmp7E8oZrUjvA==",
"dev": true,
"license": "MIT",
"dependencies": {
- "onetime": "^7.0.0",
- "signal-exit": "^4.1.0"
+ "onetime": "^5.1.0",
+ "signal-exit": "^3.0.2"
},
"engines": {
- "node": ">=18"
- },
- "funding": {
- "url": "https://github.com/sponsors/sindresorhus"
+ "node": ">=8"
}
},
"node_modules/retry": {
@@ -13558,18 +12693,55 @@
"license": "MIT"
},
"node_modules/rimraf": {
- "version": "2.6.3",
- "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz",
- "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==",
+ "version": "3.0.2",
+ "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
+ "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
"deprecated": "Rimraf versions prior to v4 are no longer supported",
"dev": true,
"license": "ISC",
- "peer": true,
"dependencies": {
"glob": "^7.1.3"
},
"bin": {
"rimraf": "bin.js"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/isaacs"
+ }
+ },
+ "node_modules/rimraf/node_modules/glob": {
+ "version": "7.2.3",
+ "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
+ "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
+ "deprecated": "Glob versions prior to v9 are no longer supported",
+ "dev": true,
+ "license": "ISC",
+ "dependencies": {
+ "fs.realpath": "^1.0.0",
+ "inflight": "^1.0.4",
+ "inherits": "2",
+ "minimatch": "^3.1.1",
+ "once": "^1.3.0",
+ "path-is-absolute": "^1.0.0"
+ },
+ "engines": {
+ "node": "*"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/isaacs"
+ }
+ },
+ "node_modules/rimraf/node_modules/minimatch": {
+ "version": "3.1.2",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
+ "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "dev": true,
+ "license": "ISC",
+ "dependencies": {
+ "brace-expansion": "^1.1.7"
+ },
+ "engines": {
+ "node": "*"
}
},
"node_modules/roarr": {
@@ -13592,9 +12764,9 @@
}
},
"node_modules/rollup": {
- "version": "4.54.0",
- "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.54.0.tgz",
- "integrity": "sha512-3nk8Y3a9Ea8szgKhinMlGMhGMw89mqule3KWczxhIzqudyHdCIOHw8WJlj/r329fACjKLEh13ZSk7oE22kyeIw==",
+ "version": "4.53.4",
+ "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.53.4.tgz",
+ "integrity": "sha512-YpXaaArg0MvrnJpvduEDYIp7uGOqKXbH9NsHGQ6SxKCOsNAjZF018MmxefFUulVP2KLtiGw1UvZbr+/ekjvlDg==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -13608,31 +12780,38 @@
"npm": ">=8.0.0"
},
"optionalDependencies": {
- "@rollup/rollup-android-arm-eabi": "4.54.0",
- "@rollup/rollup-android-arm64": "4.54.0",
- "@rollup/rollup-darwin-arm64": "4.54.0",
- "@rollup/rollup-darwin-x64": "4.54.0",
- "@rollup/rollup-freebsd-arm64": "4.54.0",
- "@rollup/rollup-freebsd-x64": "4.54.0",
- "@rollup/rollup-linux-arm-gnueabihf": "4.54.0",
- "@rollup/rollup-linux-arm-musleabihf": "4.54.0",
- "@rollup/rollup-linux-arm64-gnu": "4.54.0",
- "@rollup/rollup-linux-arm64-musl": "4.54.0",
- "@rollup/rollup-linux-loong64-gnu": "4.54.0",
- "@rollup/rollup-linux-ppc64-gnu": "4.54.0",
- "@rollup/rollup-linux-riscv64-gnu": "4.54.0",
- "@rollup/rollup-linux-riscv64-musl": "4.54.0",
- "@rollup/rollup-linux-s390x-gnu": "4.54.0",
- "@rollup/rollup-linux-x64-gnu": "4.54.0",
- "@rollup/rollup-linux-x64-musl": "4.54.0",
- "@rollup/rollup-openharmony-arm64": "4.54.0",
- "@rollup/rollup-win32-arm64-msvc": "4.54.0",
- "@rollup/rollup-win32-ia32-msvc": "4.54.0",
- "@rollup/rollup-win32-x64-gnu": "4.54.0",
- "@rollup/rollup-win32-x64-msvc": "4.54.0",
+ "@rollup/rollup-android-arm-eabi": "4.53.4",
+ "@rollup/rollup-android-arm64": "4.53.4",
+ "@rollup/rollup-darwin-arm64": "4.53.4",
+ "@rollup/rollup-darwin-x64": "4.53.4",
+ "@rollup/rollup-freebsd-arm64": "4.53.4",
+ "@rollup/rollup-freebsd-x64": "4.53.4",
+ "@rollup/rollup-linux-arm-gnueabihf": "4.53.4",
+ "@rollup/rollup-linux-arm-musleabihf": "4.53.4",
+ "@rollup/rollup-linux-arm64-gnu": "4.53.4",
+ "@rollup/rollup-linux-arm64-musl": "4.53.4",
+ "@rollup/rollup-linux-loong64-gnu": "4.53.4",
+ "@rollup/rollup-linux-ppc64-gnu": "4.53.4",
+ "@rollup/rollup-linux-riscv64-gnu": "4.53.4",
+ "@rollup/rollup-linux-riscv64-musl": "4.53.4",
+ "@rollup/rollup-linux-s390x-gnu": "4.53.4",
+ "@rollup/rollup-linux-x64-gnu": "4.53.4",
+ "@rollup/rollup-linux-x64-musl": "4.53.4",
+ "@rollup/rollup-openharmony-arm64": "4.53.4",
+ "@rollup/rollup-win32-arm64-msvc": "4.53.4",
+ "@rollup/rollup-win32-ia32-msvc": "4.53.4",
+ "@rollup/rollup-win32-x64-gnu": "4.53.4",
+ "@rollup/rollup-win32-x64-msvc": "4.53.4",
"fsevents": "~2.3.2"
}
},
+ "node_modules/rrweb-cssom": {
+ "version": "0.8.0",
+ "resolved": "https://registry.npmjs.org/rrweb-cssom/-/rrweb-cssom-0.8.0.tgz",
+ "integrity": "sha512-guoltQEx+9aMf2gDZ0s62EcV8lsXR+0w8915TC3ITdn2YueuNjdAYh/levpU9nFaoChh9RUS5ZdQMrKfVEN9tw==",
+ "dev": true,
+ "license": "MIT"
+ },
"node_modules/safe-array-concat": {
"version": "1.1.3",
"resolved": "https://registry.npmjs.org/safe-array-concat/-/safe-array-concat-1.1.3.tgz",
@@ -13944,17 +13123,11 @@
"license": "ISC"
},
"node_modules/signal-exit": {
- "version": "4.1.0",
- "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz",
- "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==",
+ "version": "3.0.7",
+ "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz",
+ "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==",
"dev": true,
- "license": "ISC",
- "engines": {
- "node": ">=14"
- },
- "funding": {
- "url": "https://github.com/sponsors/isaacs"
- }
+ "license": "ISC"
},
"node_modules/simple-update-notifier": {
"version": "2.0.0",
@@ -14012,18 +13185,31 @@
}
},
"node_modules/socks-proxy-agent": {
- "version": "8.0.5",
- "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz",
- "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==",
+ "version": "7.0.0",
+ "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-7.0.0.tgz",
+ "integrity": "sha512-Fgl0YPZ902wEsAyiQ+idGd1A7rSFx/ayC1CQVMw5P+EQx2V0SgpGtf6OKFhVjPflPUl9YMmEOnmfjCdMUsygww==",
"dev": true,
"license": "MIT",
"dependencies": {
- "agent-base": "^7.1.2",
- "debug": "^4.3.4",
- "socks": "^2.8.3"
+ "agent-base": "^6.0.2",
+ "debug": "^4.3.3",
+ "socks": "^2.6.2"
},
"engines": {
- "node": ">= 14"
+ "node": ">= 10"
+ }
+ },
+ "node_modules/socks-proxy-agent/node_modules/agent-base": {
+ "version": "6.0.2",
+ "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz",
+ "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "debug": "4"
+ },
+ "engines": {
+ "node": ">= 6.0.0"
}
},
"node_modules/source-map": {
@@ -14076,16 +13262,16 @@
"optional": true
},
"node_modules/ssri": {
- "version": "12.0.0",
- "resolved": "https://registry.npmjs.org/ssri/-/ssri-12.0.0.tgz",
- "integrity": "sha512-S7iGNosepx9RadX82oimUkvr0Ct7IjJbEbs4mJcTxst8um95J3sDYU1RBEOvdu6oL1Wek2ODI5i4MAw+dZ6cAQ==",
+ "version": "9.0.1",
+ "resolved": "https://registry.npmjs.org/ssri/-/ssri-9.0.1.tgz",
+ "integrity": "sha512-o57Wcn66jMQvfHG1FlYbWeZWW/dHZhJXjpIcTfXldXEk5nz5lStPo3mK0OJQfGR3RbZUlbISexbljkJzuEj/8Q==",
"dev": true,
"license": "ISC",
"dependencies": {
- "minipass": "^7.0.3"
+ "minipass": "^3.1.1"
},
"engines": {
- "node": "^18.17.0 || >=20.5.0"
+ "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
"node_modules/stackback": {
@@ -14177,32 +13363,6 @@
"node": ">=8"
}
},
- "node_modules/string-width-cjs/node_modules/strip-ansi": {
- "version": "6.0.1",
- "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
- "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "ansi-regex": "^5.0.1"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/string-width/node_modules/strip-ansi": {
- "version": "6.0.1",
- "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
- "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "ansi-regex": "^5.0.1"
- },
- "engines": {
- "node": ">=8"
- }
- },
"node_modules/string.prototype.matchall": {
"version": "4.0.12",
"resolved": "https://registry.npmjs.org/string.prototype.matchall/-/string.prototype.matchall-4.0.12.tgz",
@@ -14316,19 +13476,16 @@
}
},
"node_modules/strip-ansi": {
- "version": "7.1.2",
- "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.2.tgz",
- "integrity": "sha512-gmBGslpoQJtgnMAvOVqGZpEz9dyoKTCzy2nfz/n8aIFhN/jCE/rCmcxabB6jOOHV+0WNnylOxaxBQPSvcWklhA==",
+ "version": "6.0.1",
+ "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
+ "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
"dev": true,
"license": "MIT",
"dependencies": {
- "ansi-regex": "^6.0.1"
+ "ansi-regex": "^5.0.1"
},
"engines": {
- "node": ">=12"
- },
- "funding": {
- "url": "https://github.com/chalk/strip-ansi?sponsor=1"
+ "node": ">=8"
}
},
"node_modules/strip-ansi-cjs": {
@@ -14345,17 +13502,17 @@
"node": ">=8"
}
},
- "node_modules/strip-ansi/node_modules/ansi-regex": {
- "version": "6.2.2",
- "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.2.2.tgz",
- "integrity": "sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==",
+ "node_modules/strip-indent": {
+ "version": "3.0.0",
+ "resolved": "https://registry.npmjs.org/strip-indent/-/strip-indent-3.0.0.tgz",
+ "integrity": "sha512-laJTa3Jb+VQpaC6DseHhF7dXVqHTfJPCRDaEbid/drOhgitgYku/letMUqOXFoWV0zIIUbjpdH2t+tYj4bQMRQ==",
"dev": true,
"license": "MIT",
- "engines": {
- "node": ">=12"
+ "dependencies": {
+ "min-indent": "^1.0.0"
},
- "funding": {
- "url": "https://github.com/chalk/ansi-regex?sponsor=1"
+ "engines": {
+ "node": ">=8"
}
},
"node_modules/strip-json-comments": {
@@ -14470,78 +13627,25 @@
"resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz",
"integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==",
"dev": true,
- "license": "ISC",
- "dependencies": {
- "chownr": "^2.0.0",
- "fs-minipass": "^2.0.0",
- "minipass": "^5.0.0",
- "minizlib": "^2.1.1",
- "mkdirp": "^1.0.3",
- "yallist": "^4.0.0"
- },
- "engines": {
- "node": ">=10"
- }
- },
- "node_modules/tar/node_modules/fs-minipass": {
- "version": "2.1.0",
- "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz",
- "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "minipass": "^3.0.0"
- },
- "engines": {
- "node": ">= 8"
- }
- },
- "node_modules/tar/node_modules/fs-minipass/node_modules/minipass": {
- "version": "3.3.6",
- "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
- "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
- "dev": true,
- "license": "ISC",
- "dependencies": {
- "yallist": "^4.0.0"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/tar/node_modules/minipass": {
- "version": "5.0.0",
- "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz",
- "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==",
- "dev": true,
- "license": "ISC",
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/tar/node_modules/minizlib": {
- "version": "2.1.2",
- "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz",
- "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==",
- "dev": true,
- "license": "MIT",
+ "license": "ISC",
"dependencies": {
- "minipass": "^3.0.0",
+ "chownr": "^2.0.0",
+ "fs-minipass": "^2.0.0",
+ "minipass": "^5.0.0",
+ "minizlib": "^2.1.1",
+ "mkdirp": "^1.0.3",
"yallist": "^4.0.0"
},
"engines": {
- "node": ">= 8"
+ "node": ">=10"
}
},
- "node_modules/tar/node_modules/minizlib/node_modules/minipass": {
- "version": "3.3.6",
- "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz",
- "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==",
+ "node_modules/tar/node_modules/minipass": {
+ "version": "5.0.0",
+ "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz",
+ "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==",
"dev": true,
"license": "ISC",
- "dependencies": {
- "yallist": "^4.0.0"
- },
"engines": {
"node": ">=8"
}
@@ -14579,42 +13683,41 @@
"fs-extra": "^10.0.0"
}
},
- "node_modules/temp-file/node_modules/fs-extra": {
- "version": "10.1.0",
- "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
- "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
+ "node_modules/temp/node_modules/glob": {
+ "version": "7.2.3",
+ "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
+ "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
+ "deprecated": "Glob versions prior to v9 are no longer supported",
"dev": true,
- "license": "MIT",
+ "license": "ISC",
+ "peer": true,
"dependencies": {
- "graceful-fs": "^4.2.0",
- "jsonfile": "^6.0.1",
- "universalify": "^2.0.0"
+ "fs.realpath": "^1.0.0",
+ "inflight": "^1.0.4",
+ "inherits": "2",
+ "minimatch": "^3.1.1",
+ "once": "^1.3.0",
+ "path-is-absolute": "^1.0.0"
},
"engines": {
- "node": ">=12"
+ "node": "*"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/isaacs"
}
},
- "node_modules/temp-file/node_modules/jsonfile": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.2.0.tgz",
- "integrity": "sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==",
+ "node_modules/temp/node_modules/minimatch": {
+ "version": "3.1.2",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
+ "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
"dev": true,
- "license": "MIT",
+ "license": "ISC",
+ "peer": true,
"dependencies": {
- "universalify": "^2.0.0"
+ "brace-expansion": "^1.1.7"
},
- "optionalDependencies": {
- "graceful-fs": "^4.1.6"
- }
- },
- "node_modules/temp-file/node_modules/universalify": {
- "version": "2.0.1",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
- "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
- "dev": true,
- "license": "MIT",
"engines": {
- "node": ">= 10.0.0"
+ "node": "*"
}
},
"node_modules/temp/node_modules/mkdirp": {
@@ -14631,6 +13734,21 @@
"mkdirp": "bin/cmd.js"
}
},
+ "node_modules/temp/node_modules/rimraf": {
+ "version": "2.6.3",
+ "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz",
+ "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==",
+ "deprecated": "Rimraf versions prior to v4 are no longer supported",
+ "dev": true,
+ "license": "ISC",
+ "peer": true,
+ "dependencies": {
+ "glob": "^7.1.3"
+ },
+ "bin": {
+ "rimraf": "bin.js"
+ }
+ },
"node_modules/tiny-async-pool": {
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/tiny-async-pool/-/tiny-async-pool-1.3.0.tgz",
@@ -14691,37 +13809,6 @@
"url": "https://github.com/sponsors/SuperchupuDev"
}
},
- "node_modules/tinyglobby/node_modules/fdir": {
- "version": "6.5.0",
- "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.5.0.tgz",
- "integrity": "sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">=12.0.0"
- },
- "peerDependencies": {
- "picomatch": "^3 || ^4"
- },
- "peerDependenciesMeta": {
- "picomatch": {
- "optional": true
- }
- }
- },
- "node_modules/tinyglobby/node_modules/picomatch": {
- "version": "4.0.3",
- "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
- "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">=12"
- },
- "funding": {
- "url": "https://github.com/sponsors/jonschlinkert"
- }
- },
"node_modules/tinyrainbow": {
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.0.3.tgz",
@@ -14733,22 +13820,22 @@
}
},
"node_modules/tldts": {
- "version": "7.0.19",
- "resolved": "https://registry.npmjs.org/tldts/-/tldts-7.0.19.tgz",
- "integrity": "sha512-8PWx8tvC4jDB39BQw1m4x8y5MH1BcQ5xHeL2n7UVFulMPH/3Q0uiamahFJ3lXA0zO2SUyRXuVVbWSDmstlt9YA==",
+ "version": "6.1.86",
+ "resolved": "https://registry.npmjs.org/tldts/-/tldts-6.1.86.tgz",
+ "integrity": "sha512-WMi/OQ2axVTf/ykqCQgXiIct+mSQDFdH2fkwhPwgEwvJ1kSzZRiinb0zF2Xb8u4+OqPChmyI6MEu4EezNJz+FQ==",
"dev": true,
"license": "MIT",
"dependencies": {
- "tldts-core": "^7.0.19"
+ "tldts-core": "^6.1.86"
},
"bin": {
"tldts": "bin/cli.js"
}
},
"node_modules/tldts-core": {
- "version": "7.0.19",
- "resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-7.0.19.tgz",
- "integrity": "sha512-lJX2dEWx0SGH4O6p+7FPwYmJ/bu1JbcGJ8RLaG9b7liIgZ85itUVEPbMtWRVrde/0fnDPEPHW10ZsKW3kVsE9A==",
+ "version": "6.1.86",
+ "resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-6.1.86.tgz",
+ "integrity": "sha512-Je6p7pkk+KMzMv2XXKmAE3McmolOQFdxkKw0R8EYNr7sELW46JqnNeTX8ybPiQgvg1ymCoF8LXs5fzFaZvJPTA==",
"dev": true,
"license": "MIT"
},
@@ -14786,29 +13873,29 @@
}
},
"node_modules/tough-cookie": {
- "version": "6.0.0",
- "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-6.0.0.tgz",
- "integrity": "sha512-kXuRi1mtaKMrsLUxz3sQYvVl37B0Ns6MzfrtV5DvJceE9bPyspOqk9xxv7XbZWcfLWbFmm997vl83qUWVJA64w==",
+ "version": "5.1.2",
+ "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-5.1.2.tgz",
+ "integrity": "sha512-FVDYdxtnj0G6Qm/DhNPSb8Ju59ULcup3tuJxkFb5K8Bv2pUXILbf0xZWU8PX8Ov19OXljbUyveOFwRMwkXzO+A==",
"dev": true,
"license": "BSD-3-Clause",
"dependencies": {
- "tldts": "^7.0.5"
+ "tldts": "^6.1.32"
},
"engines": {
"node": ">=16"
}
},
"node_modules/tr46": {
- "version": "6.0.0",
- "resolved": "https://registry.npmjs.org/tr46/-/tr46-6.0.0.tgz",
- "integrity": "sha512-bLVMLPtstlZ4iMQHpFHTR7GAGj2jxi8Dg0s2h2MafAE4uSWF98FC/3MomU51iQAMf8/qDUbKWf5GxuvvVcXEhw==",
+ "version": "5.1.1",
+ "resolved": "https://registry.npmjs.org/tr46/-/tr46-5.1.1.tgz",
+ "integrity": "sha512-hdF5ZgjTqgAntKkklYw0R03MG2x/bSzTtkxmIRw/sTNV8YXsCJ1tfLAX23lhxhHJlEf3CRCOCGGWw3vI3GaSPw==",
"dev": true,
"license": "MIT",
"dependencies": {
"punycode": "^2.3.1"
},
"engines": {
- "node": ">=20"
+ "node": ">=18"
}
},
"node_modules/trim-lines": {
@@ -14842,9 +13929,9 @@
}
},
"node_modules/ts-api-utils": {
- "version": "2.3.0",
- "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.3.0.tgz",
- "integrity": "sha512-6eg3Y9SF7SsAvGzRHQvvc1skDAhwI4YQ32ui1scxD1Ccr0G5qIIbUBT3pFTKX8kmWIQClHobtUdNuaBgwdfdWg==",
+ "version": "2.1.0",
+ "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.1.0.tgz",
+ "integrity": "sha512-CUgTZL1irw8u29bzrOD/nH85jqyc74D6SshFgujOIA7osm2Rz7dYH77agkx7H4FBNxDq7Cjf+IjaX/8zwFW+ZQ==",
"dev": true,
"license": "MIT",
"engines": {
@@ -14980,16 +14067,16 @@
}
},
"node_modules/typescript-eslint": {
- "version": "8.51.0",
- "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.51.0.tgz",
- "integrity": "sha512-jh8ZuM5oEh2PSdyQG9YAEM1TCGuWenLSuSUhf/irbVUNW9O5FhbFVONviN2TgMTBnUmyHv7E56rYnfLZK6TkiA==",
+ "version": "8.49.0",
+ "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.49.0.tgz",
+ "integrity": "sha512-zRSVH1WXD0uXczCXw+nsdjGPUdx4dfrs5VQoHnUWmv1U3oNlAKv4FUNdLDhVUg+gYn+a5hUESqch//Rv5wVhrg==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@typescript-eslint/eslint-plugin": "8.51.0",
- "@typescript-eslint/parser": "8.51.0",
- "@typescript-eslint/typescript-estree": "8.51.0",
- "@typescript-eslint/utils": "8.51.0"
+ "@typescript-eslint/eslint-plugin": "8.49.0",
+ "@typescript-eslint/parser": "8.49.0",
+ "@typescript-eslint/typescript-estree": "8.49.0",
+ "@typescript-eslint/utils": "8.49.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -15049,29 +14136,29 @@
}
},
"node_modules/unique-filename": {
- "version": "4.0.0",
- "resolved": "https://registry.npmjs.org/unique-filename/-/unique-filename-4.0.0.tgz",
- "integrity": "sha512-XSnEewXmQ+veP7xX2dS5Q4yZAvO40cBN2MWkJ7D/6sW4Dg6wYBNwM1Vrnz1FhH5AdeLIlUXRI9e28z1YZi71NQ==",
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/unique-filename/-/unique-filename-2.0.1.tgz",
+ "integrity": "sha512-ODWHtkkdx3IAR+veKxFV+VBkUMcN+FaqzUUd7IZzt+0zhDZFPFxhlqwPF3YQvMHx1TD0tdgYl+kuPnJ8E6ql7A==",
"dev": true,
"license": "ISC",
"dependencies": {
- "unique-slug": "^5.0.0"
+ "unique-slug": "^3.0.0"
},
"engines": {
- "node": "^18.17.0 || >=20.5.0"
+ "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
"node_modules/unique-slug": {
- "version": "5.0.0",
- "resolved": "https://registry.npmjs.org/unique-slug/-/unique-slug-5.0.0.tgz",
- "integrity": "sha512-9OdaqO5kwqR+1kVgHAhsp5vPNU0hnxRa26rBFNfNgM7M6pNtgzeBn3s/xbyCQL3dcjzOatcef6UUHpB/6MaETg==",
+ "version": "3.0.0",
+ "resolved": "https://registry.npmjs.org/unique-slug/-/unique-slug-3.0.0.tgz",
+ "integrity": "sha512-8EyMynh679x/0gqE9fT9oilG+qEt+ibFyqjuVTsZn1+CMxH+XLlpvr2UZx4nVcCwTpx81nICr2JQFkM+HPLq4w==",
"dev": true,
"license": "ISC",
"dependencies": {
"imurmurhash": "^0.1.4"
},
"engines": {
- "node": "^18.17.0 || >=20.5.0"
+ "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
"node_modules/unist-util-is": {
@@ -15143,19 +14230,18 @@
}
},
"node_modules/universalify": {
- "version": "0.1.2",
- "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz",
- "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==",
- "dev": true,
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
+ "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
"license": "MIT",
"engines": {
- "node": ">= 4.0.0"
+ "node": ">= 10.0.0"
}
},
"node_modules/update-browserslist-db": {
- "version": "1.2.3",
- "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.2.3.tgz",
- "integrity": "sha512-Js0m9cx+qOgDxo0eMiFGEueWztz+d4+M3rGlmKPT+T4IS/jP4ylw3Nwpu6cpTTP8R1MAC1kF4VbdLt3ARf209w==",
+ "version": "1.2.2",
+ "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.2.2.tgz",
+ "integrity": "sha512-E85pfNzMQ9jpKkA7+TJAi4TJN+tBCuWh5rUcS/sv6cFi+1q9LYDwDI5dpUL0u/73EElyQ8d3TEaeW4sPedBqYA==",
"dev": true,
"funding": [
{
@@ -15391,9 +14477,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/aix-ppc64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.2.tgz",
- "integrity": "sha512-GZMB+a0mOMZs4MpDbj8RJp4cw+w1WV5NYD6xzgvzUJ5Ek2jerwfO2eADyI6ExDSUED+1X8aMbegahsJi+8mgpw==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.1.tgz",
+ "integrity": "sha512-HHB50pdsBX6k47S4u5g/CaLjqS3qwaOVE5ILsq64jyzgMhLuCuZ8rGzM9yhsAjfjkbgUPMzZEPa7DAp7yz6vuA==",
"cpu": [
"ppc64"
],
@@ -15408,9 +14494,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/android-arm": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.2.tgz",
- "integrity": "sha512-DVNI8jlPa7Ujbr1yjU2PfUSRtAUZPG9I1RwW4F4xFB1Imiu2on0ADiI/c3td+KmDtVKNbi+nffGDQMfcIMkwIA==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.1.tgz",
+ "integrity": "sha512-kFqa6/UcaTbGm/NncN9kzVOODjhZW8e+FRdSeypWe6j33gzclHtwlANs26JrupOntlcWmB0u8+8HZo8s7thHvg==",
"cpu": [
"arm"
],
@@ -15425,9 +14511,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/android-arm64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.2.tgz",
- "integrity": "sha512-pvz8ZZ7ot/RBphf8fv60ljmaoydPU12VuXHImtAs0XhLLw+EXBi2BLe3OYSBslR4rryHvweW5gmkKFwTiFy6KA==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.1.tgz",
+ "integrity": "sha512-45fuKmAJpxnQWixOGCrS+ro4Uvb4Re9+UTieUY2f8AEc+t7d4AaZ6eUJ3Hva7dtrxAAWHtlEFsXFMAgNnGU9uQ==",
"cpu": [
"arm64"
],
@@ -15442,9 +14528,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/android-x64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.2.tgz",
- "integrity": "sha512-z8Ank4Byh4TJJOh4wpz8g2vDy75zFL0TlZlkUkEwYXuPSgX8yzep596n6mT7905kA9uHZsf/o2OJZubl2l3M7A==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.1.tgz",
+ "integrity": "sha512-LBEpOz0BsgMEeHgenf5aqmn/lLNTFXVfoWMUox8CtWWYK9X4jmQzWjoGoNb8lmAYml/tQ/Ysvm8q7szu7BoxRQ==",
"cpu": [
"x64"
],
@@ -15459,9 +14545,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/darwin-arm64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.2.tgz",
- "integrity": "sha512-davCD2Zc80nzDVRwXTcQP/28fiJbcOwvdolL0sOiOsbwBa72kegmVU0Wrh1MYrbuCL98Omp5dVhQFWRKR2ZAlg==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.1.tgz",
+ "integrity": "sha512-veg7fL8eMSCVKL7IW4pxb54QERtedFDfY/ASrumK/SbFsXnRazxY4YykN/THYqFnFwJ0aVjiUrVG2PwcdAEqQQ==",
"cpu": [
"arm64"
],
@@ -15476,9 +14562,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/darwin-x64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.2.tgz",
- "integrity": "sha512-ZxtijOmlQCBWGwbVmwOF/UCzuGIbUkqB1faQRf5akQmxRJ1ujusWsb3CVfk/9iZKr2L5SMU5wPBi1UWbvL+VQA==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.1.tgz",
+ "integrity": "sha512-+3ELd+nTzhfWb07Vol7EZ+5PTbJ/u74nC6iv4/lwIU99Ip5uuY6QoIf0Hn4m2HoV0qcnRivN3KSqc+FyCHjoVQ==",
"cpu": [
"x64"
],
@@ -15493,9 +14579,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/freebsd-arm64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.2.tgz",
- "integrity": "sha512-lS/9CN+rgqQ9czogxlMcBMGd+l8Q3Nj1MFQwBZJyoEKI50XGxwuzznYdwcav6lpOGv5BqaZXqvBSiB/kJ5op+g==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.1.tgz",
+ "integrity": "sha512-/8Rfgns4XD9XOSXlzUDepG8PX+AVWHliYlUkFI3K3GB6tqbdjYqdhcb4BKRd7C0BhZSoaCxhv8kTcBrcZWP+xg==",
"cpu": [
"arm64"
],
@@ -15510,9 +14596,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/freebsd-x64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.2.tgz",
- "integrity": "sha512-tAfqtNYb4YgPnJlEFu4c212HYjQWSO/w/h/lQaBK7RbwGIkBOuNKQI9tqWzx7Wtp7bTPaGC6MJvWI608P3wXYA==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.1.tgz",
+ "integrity": "sha512-GITpD8dK9C+r+5yRT/UKVT36h/DQLOHdwGVwwoHidlnA168oD3uxA878XloXebK4Ul3gDBBIvEdL7go9gCUFzQ==",
"cpu": [
"x64"
],
@@ -15527,9 +14613,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/linux-arm": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.2.tgz",
- "integrity": "sha512-vWfq4GaIMP9AIe4yj1ZUW18RDhx6EPQKjwe7n8BbIecFtCQG4CfHGaHuh7fdfq+y3LIA2vGS/o9ZBGVxIDi9hw==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.1.tgz",
+ "integrity": "sha512-ieMID0JRZY/ZeCrsFQ3Y3NlHNCqIhTprJfDgSB3/lv5jJZ8FX3hqPyXWhe+gvS5ARMBJ242PM+VNz/ctNj//eA==",
"cpu": [
"arm"
],
@@ -15544,9 +14630,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/linux-arm64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.2.tgz",
- "integrity": "sha512-hYxN8pr66NsCCiRFkHUAsxylNOcAQaxSSkHMMjcpx0si13t1LHFphxJZUiGwojB1a/Hd5OiPIqDdXONia6bhTw==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.1.tgz",
+ "integrity": "sha512-W9//kCrh/6in9rWIBdKaMtuTTzNj6jSeG/haWBADqLLa9P8O5YSRDzgD5y9QBok4AYlzS6ARHifAb75V6G670Q==",
"cpu": [
"arm64"
],
@@ -15561,9 +14647,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/linux-ia32": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.2.tgz",
- "integrity": "sha512-MJt5BRRSScPDwG2hLelYhAAKh9imjHK5+NE/tvnRLbIqUWa+0E9N4WNMjmp/kXXPHZGqPLxggwVhz7QP8CTR8w==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.1.tgz",
+ "integrity": "sha512-VIUV4z8GD8rtSVMfAj1aXFahsi/+tcoXXNYmXgzISL+KB381vbSTNdeZHHHIYqFyXcoEhu9n5cT+05tRv13rlw==",
"cpu": [
"ia32"
],
@@ -15578,9 +14664,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/linux-loong64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.2.tgz",
- "integrity": "sha512-lugyF1atnAT463aO6KPshVCJK5NgRnU4yb3FUumyVz+cGvZbontBgzeGFO1nF+dPueHD367a2ZXe1NtUkAjOtg==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.1.tgz",
+ "integrity": "sha512-l4rfiiJRN7sTNI//ff65zJ9z8U+k6zcCg0LALU5iEWzY+a1mVZ8iWC1k5EsNKThZ7XCQ6YWtsZ8EWYm7r1UEsg==",
"cpu": [
"loong64"
],
@@ -15595,9 +14681,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/linux-mips64el": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.2.tgz",
- "integrity": "sha512-nlP2I6ArEBewvJ2gjrrkESEZkB5mIoaTswuqNFRv/WYd+ATtUpe9Y09RnJvgvdag7he0OWgEZWhviS1OTOKixw==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.1.tgz",
+ "integrity": "sha512-U0bEuAOLvO/DWFdygTHWY8C067FXz+UbzKgxYhXC0fDieFa0kDIra1FAhsAARRJbvEyso8aAqvPdNxzWuStBnA==",
"cpu": [
"mips64el"
],
@@ -15612,9 +14698,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/linux-ppc64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.2.tgz",
- "integrity": "sha512-C92gnpey7tUQONqg1n6dKVbx3vphKtTHJaNG2Ok9lGwbZil6DrfyecMsp9CrmXGQJmZ7iiVXvvZH6Ml5hL6XdQ==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.1.tgz",
+ "integrity": "sha512-NzdQ/Xwu6vPSf/GkdmRNsOfIeSGnh7muundsWItmBsVpMoNPVpM61qNzAVY3pZ1glzzAxLR40UyYM23eaDDbYQ==",
"cpu": [
"ppc64"
],
@@ -15629,9 +14715,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/linux-riscv64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.2.tgz",
- "integrity": "sha512-B5BOmojNtUyN8AXlK0QJyvjEZkWwy/FKvakkTDCziX95AowLZKR6aCDhG7LeF7uMCXEJqwa8Bejz5LTPYm8AvA==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.1.tgz",
+ "integrity": "sha512-7zlw8p3IApcsN7mFw0O1Z1PyEk6PlKMu18roImfl3iQHTnr/yAfYv6s4hXPidbDoI2Q0pW+5xeoM4eTCC0UdrQ==",
"cpu": [
"riscv64"
],
@@ -15646,9 +14732,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/linux-s390x": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.2.tgz",
- "integrity": "sha512-p4bm9+wsPwup5Z8f4EpfN63qNagQ47Ua2znaqGH6bqLlmJ4bx97Y9JdqxgGZ6Y8xVTixUnEkoKSHcpRlDnNr5w==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.1.tgz",
+ "integrity": "sha512-cGj5wli+G+nkVQdZo3+7FDKC25Uh4ZVwOAK6A06Hsvgr8WqBBuOy/1s+PUEd/6Je+vjfm6stX0kmib5b/O2Ykw==",
"cpu": [
"s390x"
],
@@ -15663,9 +14749,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/linux-x64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.2.tgz",
- "integrity": "sha512-uwp2Tip5aPmH+NRUwTcfLb+W32WXjpFejTIOWZFw/v7/KnpCDKG66u4DLcurQpiYTiYwQ9B7KOeMJvLCu/OvbA==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.1.tgz",
+ "integrity": "sha512-z3H/HYI9MM0HTv3hQZ81f+AKb+yEoCRlUby1F80vbQ5XdzEMyY/9iNlAmhqiBKw4MJXwfgsh7ERGEOhrM1niMA==",
"cpu": [
"x64"
],
@@ -15680,9 +14766,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/netbsd-arm64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.2.tgz",
- "integrity": "sha512-Kj6DiBlwXrPsCRDeRvGAUb/LNrBASrfqAIok+xB0LxK8CHqxZ037viF13ugfsIpePH93mX7xfJp97cyDuTZ3cw==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.1.tgz",
+ "integrity": "sha512-wzC24DxAvk8Em01YmVXyjl96Mr+ecTPyOuADAvjGg+fyBpGmxmcr2E5ttf7Im8D0sXZihpxzO1isus8MdjMCXQ==",
"cpu": [
"arm64"
],
@@ -15697,9 +14783,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/netbsd-x64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.2.tgz",
- "integrity": "sha512-HwGDZ0VLVBY3Y+Nw0JexZy9o/nUAWq9MlV7cahpaXKW6TOzfVno3y3/M8Ga8u8Yr7GldLOov27xiCnqRZf0tCA==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.1.tgz",
+ "integrity": "sha512-1YQ8ybGi2yIXswu6eNzJsrYIGFpnlzEWRl6iR5gMgmsrR0FcNoV1m9k9sc3PuP5rUBLshOZylc9nqSgymI+TYg==",
"cpu": [
"x64"
],
@@ -15714,9 +14800,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/openbsd-arm64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.2.tgz",
- "integrity": "sha512-DNIHH2BPQ5551A7oSHD0CKbwIA/Ox7+78/AWkbS5QoRzaqlev2uFayfSxq68EkonB+IKjiuxBFoV8ESJy8bOHA==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.1.tgz",
+ "integrity": "sha512-5Z+DzLCrq5wmU7RDaMDe2DVXMRm2tTDvX2KU14JJVBN2CT/qov7XVix85QoJqHltpvAOZUAc3ndU56HSMWrv8g==",
"cpu": [
"arm64"
],
@@ -15731,9 +14817,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/openbsd-x64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.2.tgz",
- "integrity": "sha512-/it7w9Nb7+0KFIzjalNJVR5bOzA9Vay+yIPLVHfIQYG/j+j9VTH84aNB8ExGKPU4AzfaEvN9/V4HV+F+vo8OEg==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.1.tgz",
+ "integrity": "sha512-Q73ENzIdPF5jap4wqLtsfh8YbYSZ8Q0wnxplOlZUOyZy7B4ZKW8DXGWgTCZmF8VWD7Tciwv5F4NsRf6vYlZtqg==",
"cpu": [
"x64"
],
@@ -15748,9 +14834,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/openharmony-arm64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.2.tgz",
- "integrity": "sha512-LRBbCmiU51IXfeXk59csuX/aSaToeG7w48nMwA6049Y4J4+VbWALAuXcs+qcD04rHDuSCSRKdmY63sruDS5qag==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.1.tgz",
+ "integrity": "sha512-ajbHrGM/XiK+sXM0JzEbJAen+0E+JMQZ2l4RR4VFwvV9JEERx+oxtgkpoKv1SevhjavK2z2ReHk32pjzktWbGg==",
"cpu": [
"arm64"
],
@@ -15765,9 +14851,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/sunos-x64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.2.tgz",
- "integrity": "sha512-kMtx1yqJHTmqaqHPAzKCAkDaKsffmXkPHThSfRwZGyuqyIeBvf08KSsYXl+abf5HDAPMJIPnbBfXvP2ZC2TfHg==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.1.tgz",
+ "integrity": "sha512-IPUW+y4VIjuDVn+OMzHc5FV4GubIwPnsz6ubkvN8cuhEqH81NovB53IUlrlBkPMEPxvNnf79MGBoz8rZ2iW8HA==",
"cpu": [
"x64"
],
@@ -15782,9 +14868,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/win32-arm64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.2.tgz",
- "integrity": "sha512-Yaf78O/B3Kkh+nKABUF++bvJv5Ijoy9AN1ww904rOXZFLWVc5OLOfL56W+C8F9xn5JQZa3UX6m+IktJnIb1Jjg==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.1.tgz",
+ "integrity": "sha512-RIVRWiljWA6CdVu8zkWcRmGP7iRRIIwvhDKem8UMBjPql2TXM5PkDVvvrzMtj1V+WFPB4K7zkIGM7VzRtFkjdg==",
"cpu": [
"arm64"
],
@@ -15799,9 +14885,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/win32-ia32": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.2.tgz",
- "integrity": "sha512-Iuws0kxo4yusk7sw70Xa2E2imZU5HoixzxfGCdxwBdhiDgt9vX9VUCBhqcwY7/uh//78A1hMkkROMJq9l27oLQ==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.1.tgz",
+ "integrity": "sha512-2BR5M8CPbptC1AK5JbJT1fWrHLvejwZidKx3UMSF0ecHMa+smhi16drIrCEggkgviBwLYd5nwrFLSl5Kho96RQ==",
"cpu": [
"ia32"
],
@@ -15816,9 +14902,9 @@
}
},
"node_modules/vite/node_modules/@esbuild/win32-x64": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.2.tgz",
- "integrity": "sha512-sRdU18mcKf7F+YgheI/zGf5alZatMUTKj/jNS6l744f9u3WFu4v7twcUI9vu4mknF4Y9aDlblIie0IM+5xxaqQ==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.1.tgz",
+ "integrity": "sha512-d5X6RMYv6taIymSk8JBP+nxv8DQAMY6A51GPgusqLdK9wBz5wWIXy1KjTck6HnjE9hqJzJRdk+1p/t5soSbCtw==",
"cpu": [
"x64"
],
@@ -15833,9 +14919,9 @@
}
},
"node_modules/vite/node_modules/esbuild": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.2.tgz",
- "integrity": "sha512-HyNQImnsOC7X9PMNaCIeAm4ISCQXs5a5YasTXVliKv4uuBo1dKrG0A+uQS8M5eXjVMnLg3WgXaKvprHlFJQffw==",
+ "version": "0.27.1",
+ "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.1.tgz",
+ "integrity": "sha512-yY35KZckJJuVVPXpvjgxiCuVEJT67F6zDeVTv4rizyPrfGBUpZQsvmxnN+C371c2esD/hNMjj4tpBhuueLN7aA==",
"dev": true,
"hasInstallScript": true,
"license": "MIT",
@@ -15846,50 +14932,32 @@
"node": ">=18"
},
"optionalDependencies": {
- "@esbuild/aix-ppc64": "0.27.2",
- "@esbuild/android-arm": "0.27.2",
- "@esbuild/android-arm64": "0.27.2",
- "@esbuild/android-x64": "0.27.2",
- "@esbuild/darwin-arm64": "0.27.2",
- "@esbuild/darwin-x64": "0.27.2",
- "@esbuild/freebsd-arm64": "0.27.2",
- "@esbuild/freebsd-x64": "0.27.2",
- "@esbuild/linux-arm": "0.27.2",
- "@esbuild/linux-arm64": "0.27.2",
- "@esbuild/linux-ia32": "0.27.2",
- "@esbuild/linux-loong64": "0.27.2",
- "@esbuild/linux-mips64el": "0.27.2",
- "@esbuild/linux-ppc64": "0.27.2",
- "@esbuild/linux-riscv64": "0.27.2",
- "@esbuild/linux-s390x": "0.27.2",
- "@esbuild/linux-x64": "0.27.2",
- "@esbuild/netbsd-arm64": "0.27.2",
- "@esbuild/netbsd-x64": "0.27.2",
- "@esbuild/openbsd-arm64": "0.27.2",
- "@esbuild/openbsd-x64": "0.27.2",
- "@esbuild/openharmony-arm64": "0.27.2",
- "@esbuild/sunos-x64": "0.27.2",
- "@esbuild/win32-arm64": "0.27.2",
- "@esbuild/win32-ia32": "0.27.2",
- "@esbuild/win32-x64": "0.27.2"
- }
- },
- "node_modules/vite/node_modules/fdir": {
- "version": "6.5.0",
- "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.5.0.tgz",
- "integrity": "sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">=12.0.0"
- },
- "peerDependencies": {
- "picomatch": "^3 || ^4"
- },
- "peerDependenciesMeta": {
- "picomatch": {
- "optional": true
- }
+ "@esbuild/aix-ppc64": "0.27.1",
+ "@esbuild/android-arm": "0.27.1",
+ "@esbuild/android-arm64": "0.27.1",
+ "@esbuild/android-x64": "0.27.1",
+ "@esbuild/darwin-arm64": "0.27.1",
+ "@esbuild/darwin-x64": "0.27.1",
+ "@esbuild/freebsd-arm64": "0.27.1",
+ "@esbuild/freebsd-x64": "0.27.1",
+ "@esbuild/linux-arm": "0.27.1",
+ "@esbuild/linux-arm64": "0.27.1",
+ "@esbuild/linux-ia32": "0.27.1",
+ "@esbuild/linux-loong64": "0.27.1",
+ "@esbuild/linux-mips64el": "0.27.1",
+ "@esbuild/linux-ppc64": "0.27.1",
+ "@esbuild/linux-riscv64": "0.27.1",
+ "@esbuild/linux-s390x": "0.27.1",
+ "@esbuild/linux-x64": "0.27.1",
+ "@esbuild/netbsd-arm64": "0.27.1",
+ "@esbuild/netbsd-x64": "0.27.1",
+ "@esbuild/openbsd-arm64": "0.27.1",
+ "@esbuild/openbsd-x64": "0.27.1",
+ "@esbuild/openharmony-arm64": "0.27.1",
+ "@esbuild/sunos-x64": "0.27.1",
+ "@esbuild/win32-arm64": "0.27.1",
+ "@esbuild/win32-ia32": "0.27.1",
+ "@esbuild/win32-x64": "0.27.1"
}
},
"node_modules/vite/node_modules/fsevents": {
@@ -15907,33 +14975,20 @@
"node": "^8.16.0 || ^10.6.0 || >=11.0.0"
}
},
- "node_modules/vite/node_modules/picomatch": {
- "version": "4.0.3",
- "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
- "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">=12"
- },
- "funding": {
- "url": "https://github.com/sponsors/jonschlinkert"
- }
- },
"node_modules/vitest": {
- "version": "4.0.16",
- "resolved": "https://registry.npmjs.org/vitest/-/vitest-4.0.16.tgz",
- "integrity": "sha512-E4t7DJ9pESL6E3I8nFjPa4xGUd3PmiWDLsDztS2qXSJWfHtbQnwAWylaBvSNY48I3vr8PTqIZlyK8TE3V3CA4Q==",
+ "version": "4.0.15",
+ "resolved": "https://registry.npmjs.org/vitest/-/vitest-4.0.15.tgz",
+ "integrity": "sha512-n1RxDp8UJm6N0IbJLQo+yzLZ2sQCDyl1o0LeugbPWf8+8Fttp29GghsQBjYJVmWq3gBFfe9Hs1spR44vovn2wA==",
"dev": true,
"license": "MIT",
"dependencies": {
- "@vitest/expect": "4.0.16",
- "@vitest/mocker": "4.0.16",
- "@vitest/pretty-format": "4.0.16",
- "@vitest/runner": "4.0.16",
- "@vitest/snapshot": "4.0.16",
- "@vitest/spy": "4.0.16",
- "@vitest/utils": "4.0.16",
+ "@vitest/expect": "4.0.15",
+ "@vitest/mocker": "4.0.15",
+ "@vitest/pretty-format": "4.0.15",
+ "@vitest/runner": "4.0.15",
+ "@vitest/snapshot": "4.0.15",
+ "@vitest/spy": "4.0.15",
+ "@vitest/utils": "4.0.15",
"es-module-lexer": "^1.7.0",
"expect-type": "^1.2.2",
"magic-string": "^0.30.21",
@@ -15961,10 +15016,10 @@
"@edge-runtime/vm": "*",
"@opentelemetry/api": "^1.9.0",
"@types/node": "^20.0.0 || ^22.0.0 || >=24.0.0",
- "@vitest/browser-playwright": "4.0.16",
- "@vitest/browser-preview": "4.0.16",
- "@vitest/browser-webdriverio": "4.0.16",
- "@vitest/ui": "4.0.16",
+ "@vitest/browser-playwright": "4.0.15",
+ "@vitest/browser-preview": "4.0.15",
+ "@vitest/browser-webdriverio": "4.0.15",
+ "@vitest/ui": "4.0.15",
"happy-dom": "*",
"jsdom": "*"
},
@@ -15998,19 +15053,6 @@
}
}
},
- "node_modules/vitest/node_modules/picomatch": {
- "version": "4.0.3",
- "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
- "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">=12"
- },
- "funding": {
- "url": "https://github.com/sponsors/jonschlinkert"
- }
- },
"node_modules/void-elements": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/void-elements/-/void-elements-3.1.0.tgz",
@@ -16044,13 +15086,26 @@
}
},
"node_modules/webidl-conversions": {
- "version": "8.0.0",
- "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-8.0.0.tgz",
- "integrity": "sha512-n4W4YFyz5JzOfQeA8oN7dUYpR+MBP3PIUsn2jLjWXwK5ASUzt0Jc/A5sAUZoCYFJRGF0FBKJ+1JjN43rNdsQzA==",
+ "version": "7.0.0",
+ "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-7.0.0.tgz",
+ "integrity": "sha512-VwddBukDzu71offAQR975unBIGqfKZpM+8ZX6ySk8nYhVoo5CYaZyzt3YBvYtRtO+aoGlqxPg/B87NGVZ/fu6g==",
"dev": true,
"license": "BSD-2-Clause",
"engines": {
- "node": ">=20"
+ "node": ">=12"
+ }
+ },
+ "node_modules/whatwg-encoding": {
+ "version": "3.1.1",
+ "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-3.1.1.tgz",
+ "integrity": "sha512-6qN4hJdMwfYBtE3YBTTHhoeuUrDBPZmbQaxWAqSALV/MeEnR5z1xd8UKud2RAkFoPkmB+hli1TZSnyi84xz1vQ==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "iconv-lite": "0.6.3"
+ },
+ "engines": {
+ "node": ">=18"
}
},
"node_modules/whatwg-mimetype": {
@@ -16064,17 +15119,17 @@
}
},
"node_modules/whatwg-url": {
- "version": "15.1.0",
- "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-15.1.0.tgz",
- "integrity": "sha512-2ytDk0kiEj/yu90JOAp44PVPUkO9+jVhyf+SybKlRHSDlvOOZhdPIrr7xTH64l4WixO2cP+wQIcgujkGBPPz6g==",
+ "version": "14.2.0",
+ "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-14.2.0.tgz",
+ "integrity": "sha512-De72GdQZzNTUBBChsXueQUnPKDkg/5A5zp7pFDuQAj5UFoENpiACU0wlCvzpAGnTkj++ihpKwKyYewn/XNUbKw==",
"dev": true,
"license": "MIT",
"dependencies": {
- "tr46": "^6.0.0",
- "webidl-conversions": "^8.0.0"
+ "tr46": "^5.1.0",
+ "webidl-conversions": "^7.0.0"
},
"engines": {
- "node": ">=20"
+ "node": ">=18"
}
},
"node_modules/which": {
@@ -16210,18 +15265,18 @@
}
},
"node_modules/wrap-ansi": {
- "version": "9.0.2",
- "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-9.0.2.tgz",
- "integrity": "sha512-42AtmgqjV+X1VpdOfyTGOYRi0/zsoLqtXQckTmqTeybT+BDIbM/Guxo7x3pE2vtpr1ok6xRqM9OpBe+Jyoqyww==",
+ "version": "7.0.0",
+ "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
+ "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
"dev": true,
"license": "MIT",
"dependencies": {
- "ansi-styles": "^6.2.1",
- "string-width": "^7.0.0",
- "strip-ansi": "^7.1.0"
+ "ansi-styles": "^4.0.0",
+ "string-width": "^4.1.0",
+ "strip-ansi": "^6.0.0"
},
"engines": {
- "node": ">=18"
+ "node": ">=10"
},
"funding": {
"url": "https://github.com/chalk/wrap-ansi?sponsor=1"
@@ -16246,57 +15301,6 @@
"url": "https://github.com/chalk/wrap-ansi?sponsor=1"
}
},
- "node_modules/wrap-ansi-cjs/node_modules/strip-ansi": {
- "version": "6.0.1",
- "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
- "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "ansi-regex": "^5.0.1"
- },
- "engines": {
- "node": ">=8"
- }
- },
- "node_modules/wrap-ansi/node_modules/ansi-styles": {
- "version": "6.2.3",
- "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.3.tgz",
- "integrity": "sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==",
- "dev": true,
- "license": "MIT",
- "engines": {
- "node": ">=12"
- },
- "funding": {
- "url": "https://github.com/chalk/ansi-styles?sponsor=1"
- }
- },
- "node_modules/wrap-ansi/node_modules/emoji-regex": {
- "version": "10.6.0",
- "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.6.0.tgz",
- "integrity": "sha512-toUI84YS5YmxW219erniWD0CIVOo46xGKColeNQRgOzDorgBi1v4D71/OFzgD9GO2UGKIv1C3Sp8DAn0+j5w7A==",
- "dev": true,
- "license": "MIT"
- },
- "node_modules/wrap-ansi/node_modules/string-width": {
- "version": "7.2.0",
- "resolved": "https://registry.npmjs.org/string-width/-/string-width-7.2.0.tgz",
- "integrity": "sha512-tsaTIkKW9b4N+AEj+SVA+WhJzV7/zMhcSu78mLKWSk7cXMOSHsBKFWUs0fWwq8QyK3MgJBQRX6Gbi4kYbdvGkQ==",
- "dev": true,
- "license": "MIT",
- "dependencies": {
- "emoji-regex": "^10.3.0",
- "get-east-asian-width": "^1.0.0",
- "strip-ansi": "^7.1.0"
- },
- "engines": {
- "node": ">=18"
- },
- "funding": {
- "url": "https://github.com/sponsors/sindresorhus"
- }
- },
"node_modules/wrappy": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
@@ -16440,9 +15444,10 @@
}
},
"node_modules/zod": {
- "version": "4.3.4",
- "resolved": "https://registry.npmjs.org/zod/-/zod-4.3.4.tgz",
- "integrity": "sha512-Zw/uYiiyF6pUT1qmKbZziChgNPRu+ZRneAsMUDU6IwmXdWt5JwcUfy2bvLOCUtz5UniaN/Zx5aFttZYbYc7O/A==",
+ "version": "4.2.0",
+ "resolved": "https://registry.npmjs.org/zod/-/zod-4.2.0.tgz",
+ "integrity": "sha512-Bd5fw9wlIhtqCCxotZgdTOMwGm1a0u75wARVEY9HMs1X17trvA/lMi4+MGK5EUfYkXVTbX8UDiDKW4OgzHVUZw==",
+ "dev": true,
"license": "MIT",
"funding": {
"url": "https://github.com/sponsors/colinhacks"
diff --git a/apps/frontend/package.json b/apps/frontend/package.json
index 1561b64046..3b9e8bda37 100644
--- a/apps/frontend/package.json
+++ b/apps/frontend/package.json
@@ -48,6 +48,7 @@
"typecheck": "tsc --noEmit"
},
"dependencies": {
+ "@anthropic-ai/sdk": "^0.71.2",
"@dnd-kit/core": "^6.3.1",
"@dnd-kit/sortable": "^10.0.0",
"@dnd-kit/utilities": "^3.2.2",
@@ -68,6 +69,7 @@
"@radix-ui/react-tabs": "^1.1.13",
"@radix-ui/react-toast": "^1.2.15",
"@radix-ui/react-tooltip": "^1.2.8",
+ "@sentry/electron": "^7.5.0",
"@tailwindcss/typography": "^0.5.19",
"@tanstack/react-virtual": "^3.13.13",
"@xterm/addon-fit": "^0.11.0",
@@ -78,11 +80,14 @@
"chokidar": "^5.0.0",
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
+ "dotenv": "^16.6.1",
"electron-log": "^5.4.3",
"electron-updater": "^6.6.2",
"i18next": "^25.7.3",
"lucide-react": "^0.562.0",
+ "minimatch": "^10.1.1",
"motion": "^12.23.26",
+ "proper-lockfile": "^4.1.2",
"react": "^19.2.3",
"react-dom": "^19.2.3",
"react-i18next": "^16.5.0",
@@ -102,7 +107,9 @@
"@eslint/js": "^9.39.1",
"@playwright/test": "^1.52.0",
"@tailwindcss/postcss": "^4.1.17",
+ "@testing-library/jest-dom": "^6.9.1",
"@testing-library/react": "^16.1.0",
+ "@types/minimatch": "^5.1.2",
"@types/node": "^25.0.0",
"@types/react": "^19.2.7",
"@types/react-dom": "^19.2.3",
@@ -111,7 +118,7 @@
"@vitejs/plugin-react": "^5.1.2",
"autoprefixer": "^10.4.22",
"cross-env": "^10.1.0",
- "electron": "^39.2.7",
+ "electron": "39.2.7",
"electron-builder": "^26.0.12",
"electron-vite": "^5.0.0",
"eslint": "^9.39.1",
@@ -207,7 +214,7 @@
]
},
"linux": {
- "icon": "resources/icon.png",
+ "icon": "resources/icons",
"target": [
"AppImage",
"deb",
diff --git a/apps/frontend/resources/icons/128x128.png b/apps/frontend/resources/icons/128x128.png
new file mode 100644
index 0000000000..7e694b434c
Binary files /dev/null and b/apps/frontend/resources/icons/128x128.png differ
diff --git a/apps/frontend/resources/icons/16x16.png b/apps/frontend/resources/icons/16x16.png
new file mode 100644
index 0000000000..bc533838b6
Binary files /dev/null and b/apps/frontend/resources/icons/16x16.png differ
diff --git a/apps/frontend/resources/icons/256x256.png b/apps/frontend/resources/icons/256x256.png
new file mode 100644
index 0000000000..555230d363
Binary files /dev/null and b/apps/frontend/resources/icons/256x256.png differ
diff --git a/apps/frontend/resources/icons/32x32.png b/apps/frontend/resources/icons/32x32.png
new file mode 100644
index 0000000000..227e6db694
Binary files /dev/null and b/apps/frontend/resources/icons/32x32.png differ
diff --git a/apps/frontend/resources/icons/48x48.png b/apps/frontend/resources/icons/48x48.png
new file mode 100644
index 0000000000..29e6b3bc03
Binary files /dev/null and b/apps/frontend/resources/icons/48x48.png differ
diff --git a/apps/frontend/resources/icons/512x512.png b/apps/frontend/resources/icons/512x512.png
new file mode 100644
index 0000000000..22d476ffc1
Binary files /dev/null and b/apps/frontend/resources/icons/512x512.png differ
diff --git a/apps/frontend/resources/icons/64x64.png b/apps/frontend/resources/icons/64x64.png
new file mode 100644
index 0000000000..0068c05929
Binary files /dev/null and b/apps/frontend/resources/icons/64x64.png differ
diff --git a/apps/frontend/scripts/download-python.cjs b/apps/frontend/scripts/download-python.cjs
index 215af7db3c..17f9abdf65 100644
--- a/apps/frontend/scripts/download-python.cjs
+++ b/apps/frontend/scripts/download-python.cjs
@@ -609,12 +609,14 @@ function installPackages(pythonBin, requirementsPath, targetSitePackages) {
// Install packages directly to target directory
// --no-compile: Don't create .pyc files (saves space, Python will work without them)
- // --no-cache-dir: Don't use pip cache
// --target: Install to specific directory
+ // --only-binary: Force binary wheels for pydantic (prevents silent source build failures)
+ // Note: We intentionally DO use pip's cache to preserve built wheels for packages
+ // like real_ladybug that must be compiled from source on Intel Mac (no PyPI wheel)
const pipArgs = [
'-m', 'pip', 'install',
'--no-compile',
- '--no-cache-dir',
+ '--only-binary', 'pydantic,pydantic-core',
'--target', targetSitePackages,
'-r', requirementsPath,
];
@@ -702,9 +704,32 @@ async function downloadPython(targetPlatform, targetArch, options = {}) {
try {
const version = verifyPythonBinary(pythonBin);
console.log(`[download-python] Verified: ${version}`);
- return { success: true, pythonPath: pythonBin, sitePackagesPath: sitePackagesDir };
- } catch {
- console.log(`[download-python] Existing installation is broken, re-downloading...`);
+
+ // Verify critical packages exist (fixes GitHub issue #416)
+ // Without this check, corrupted caches with missing packages would be accepted
+ // Note: Same list exists in python-env-manager.ts - keep them in sync
+ // This validation assumes traditional Python packages with __init__.py (not PEP 420 namespace packages)
+ const criticalPackages = ['claude_agent_sdk', 'dotenv', 'pydantic_core'];
+ const missingPackages = criticalPackages.filter(pkg => {
+ const pkgPath = path.join(sitePackagesDir, pkg);
+ // Check both directory and __init__.py for more robust validation
+ const initFile = path.join(pkgPath, '__init__.py');
+ return !fs.existsSync(pkgPath) || !fs.existsSync(initFile);
+ });
+
+ if (missingPackages.length > 0) {
+ console.log(`[download-python] Critical packages missing or incomplete: ${missingPackages.join(', ')}`);
+ console.log(`[download-python] Reinstalling packages...`);
+ // Remove site-packages to force reinstall, keep Python binary
+ // Flow continues below to re-install packages (skipPackages check at line 794)
+ fs.rmSync(sitePackagesDir, { recursive: true, force: true });
+ } else {
+ console.log(`[download-python] All critical packages verified`);
+ return { success: true, pythonPath: pythonBin, sitePackagesPath: sitePackagesDir };
+ }
+ } catch (err) {
+ const errorMsg = err instanceof Error ? err.message : String(err);
+ console.log(`[download-python] Existing installation is broken: ${errorMsg}`);
fs.rmSync(platformDir, { recursive: true, force: true });
}
}
@@ -784,6 +809,22 @@ async function downloadPython(targetPlatform, targetArch, options = {}) {
// Install packages
installPackages(pythonBin, requirementsPath, sitePackagesDir);
+ // Verify critical packages were installed before creating marker (fixes #416)
+ // Note: Same list exists in python-env-manager.ts - keep them in sync
+ // This validation assumes traditional Python packages with __init__.py (not PEP 420 namespace packages)
+ const criticalPackages = ['claude_agent_sdk', 'dotenv', 'pydantic_core'];
+ const postInstallMissing = criticalPackages.filter(pkg => {
+ const pkgPath = path.join(sitePackagesDir, pkg);
+ const initFile = path.join(pkgPath, '__init__.py');
+ return !fs.existsSync(pkgPath) || !fs.existsSync(initFile);
+ });
+
+ if (postInstallMissing.length > 0) {
+ throw new Error(`Package installation failed - missing critical packages: ${postInstallMissing.join(', ')}`);
+ }
+
+ console.log(`[download-python] All critical packages verified after installation`);
+
// Create marker file to indicate successful bundling
fs.writeFileSync(packagesMarker, JSON.stringify({
bundledAt: new Date().toISOString(),
diff --git a/apps/frontend/scripts/postinstall.cjs b/apps/frontend/scripts/postinstall.cjs
index 41a8ebe645..e4c02e6dee 100644
--- a/apps/frontend/scripts/postinstall.cjs
+++ b/apps/frontend/scripts/postinstall.cjs
@@ -42,13 +42,36 @@ To install:
================================================================================
`;
+/**
+ * Get electron version from package.json
+ */
+function getElectronVersion() {
+ const pkgPath = path.join(__dirname, '..', 'package.json');
+ const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
+ const electronVersion = pkg.devDependencies?.electron || pkg.dependencies?.electron;
+ if (!electronVersion) {
+ return null;
+ }
+ // Strip leading ^ or ~ from version
+ return electronVersion.replace(/^[\^~]/, '');
+}
+
/**
* Run electron-rebuild
*/
function runElectronRebuild() {
return new Promise((resolve, reject) => {
const npx = isWindows ? 'npx.cmd' : 'npx';
- const child = spawn(npx, ['electron-rebuild'], {
+ const electronVersion = getElectronVersion();
+ const args = ['electron-rebuild'];
+
+ // Explicitly pass electron version if detected
+ if (electronVersion) {
+ args.push('-v', electronVersion);
+ console.log(`[postinstall] Using Electron version: ${electronVersion}`);
+ }
+
+ const child = spawn(npx, args, {
stdio: 'inherit',
shell: isWindows,
cwd: path.join(__dirname, '..'),
@@ -70,12 +93,40 @@ function runElectronRebuild() {
* Check if node-pty is already built
*/
function isNodePtyBuilt() {
- const buildDir = path.join(__dirname, '..', 'node_modules', 'node-pty', 'build', 'Release');
- if (!fs.existsSync(buildDir)) return false;
+ // Check traditional node-pty build location (local node_modules)
+ const localBuildDir = path.join(__dirname, '..', 'node_modules', 'node-pty', 'build', 'Release');
+ if (fs.existsSync(localBuildDir)) {
+ const files = fs.readdirSync(localBuildDir);
+ if (files.some((f) => f.endsWith('.node'))) return true;
+ }
+
+ // Check root node_modules (for npm workspaces)
+ const rootBuildDir = path.join(__dirname, '..', '..', '..', 'node_modules', 'node-pty', 'build', 'Release');
+ if (fs.existsSync(rootBuildDir)) {
+ const files = fs.readdirSync(rootBuildDir);
+ if (files.some((f) => f.endsWith('.node'))) return true;
+ }
+
+ // Check for @lydell/node-pty with platform-specific prebuilts
+ const arch = os.arch();
+ const platform = os.platform();
+ const platformPkg = `@lydell/node-pty-${platform}-${arch}`;
+
+ // Check local node_modules
+ const localLydellDir = path.join(__dirname, '..', 'node_modules', platformPkg);
+ if (fs.existsSync(localLydellDir)) {
+ const files = fs.readdirSync(localLydellDir);
+ if (files.some((f) => f.endsWith('.node'))) return true;
+ }
+
+ // Check root node_modules (for npm workspaces)
+ const rootLydellDir = path.join(__dirname, '..', '..', '..', 'node_modules', platformPkg);
+ if (fs.existsSync(rootLydellDir)) {
+ const files = fs.readdirSync(rootLydellDir);
+ if (files.some((f) => f.endsWith('.node'))) return true;
+ }
- // Check for the main .node file
- const files = fs.readdirSync(buildDir);
- return files.some((f) => f.endsWith('.node'));
+ return false;
}
/**
diff --git a/apps/frontend/src/__mocks__/electron.ts b/apps/frontend/src/__mocks__/electron.ts
index 39f45801de..e5569f6893 100644
--- a/apps/frontend/src/__mocks__/electron.ts
+++ b/apps/frontend/src/__mocks__/electron.ts
@@ -56,7 +56,8 @@ export const ipcRenderer = {
on: vi.fn(),
once: vi.fn(),
removeListener: vi.fn(),
- removeAllListeners: vi.fn()
+ removeAllListeners: vi.fn(),
+ setMaxListeners: vi.fn()
};
// Mock BrowserWindow
@@ -125,6 +126,13 @@ export const nativeTheme = {
on: vi.fn()
};
+// Mock screen
+export const screen = {
+ getPrimaryDisplay: vi.fn(() => ({
+ workAreaSize: { width: 1920, height: 1080 }
+ }))
+};
+
export default {
app,
ipcMain,
@@ -133,5 +141,6 @@ export default {
dialog,
contextBridge,
shell,
- nativeTheme
+ nativeTheme,
+ screen
};
diff --git a/apps/frontend/src/__mocks__/sentry-electron-main.ts b/apps/frontend/src/__mocks__/sentry-electron-main.ts
new file mode 100644
index 0000000000..697d392257
--- /dev/null
+++ b/apps/frontend/src/__mocks__/sentry-electron-main.ts
@@ -0,0 +1 @@
+export * from './sentry-electron-shared';
diff --git a/apps/frontend/src/__mocks__/sentry-electron-renderer.ts b/apps/frontend/src/__mocks__/sentry-electron-renderer.ts
new file mode 100644
index 0000000000..697d392257
--- /dev/null
+++ b/apps/frontend/src/__mocks__/sentry-electron-renderer.ts
@@ -0,0 +1 @@
+export * from './sentry-electron-shared';
diff --git a/apps/frontend/src/__mocks__/sentry-electron-shared.ts b/apps/frontend/src/__mocks__/sentry-electron-shared.ts
new file mode 100644
index 0000000000..e2c97e98fe
--- /dev/null
+++ b/apps/frontend/src/__mocks__/sentry-electron-shared.ts
@@ -0,0 +1,26 @@
+export type SentryErrorEvent = Record;
+
+export type SentryScope = {
+ setContext: (key: string, value: Record) => void;
+};
+
+export type SentryInitOptions = {
+ beforeSend?: (event: SentryErrorEvent) => SentryErrorEvent | null;
+ tracesSampleRate?: number;
+ profilesSampleRate?: number;
+ dsn?: string;
+ environment?: string;
+ release?: string;
+ debug?: boolean;
+ enabled?: boolean;
+};
+
+export function init(_options: SentryInitOptions): void {}
+
+export function captureException(_error: Error): void {}
+
+export function withScope(callback: (scope: SentryScope) => void): void {
+ callback({
+ setContext: () => {}
+ });
+}
diff --git a/apps/frontend/src/__tests__/integration/ipc-bridge.test.ts b/apps/frontend/src/__tests__/integration/ipc-bridge.test.ts
index 641f8e968b..432c5f361d 100644
--- a/apps/frontend/src/__tests__/integration/ipc-bridge.test.ts
+++ b/apps/frontend/src/__tests__/integration/ipc-bridge.test.ts
@@ -11,7 +11,8 @@ const mockIpcRenderer = {
on: vi.fn(),
once: vi.fn(),
removeListener: vi.fn(),
- removeAllListeners: vi.fn()
+ removeAllListeners: vi.fn(),
+ setMaxListeners: vi.fn()
};
// Mock contextBridge
diff --git a/apps/frontend/src/__tests__/integration/subprocess-spawn.test.ts b/apps/frontend/src/__tests__/integration/subprocess-spawn.test.ts
index 1ef0da9ded..f3ca37d495 100644
--- a/apps/frontend/src/__tests__/integration/subprocess-spawn.test.ts
+++ b/apps/frontend/src/__tests__/integration/subprocess-spawn.test.ts
@@ -30,9 +30,13 @@ const mockProcess = Object.assign(new EventEmitter(), {
})
});
-vi.mock('child_process', () => ({
- spawn: vi.fn(() => mockProcess)
-}));
+vi.mock('child_process', async (importOriginal) => {
+ const actual = await importOriginal();
+ return {
+ ...actual,
+ spawn: vi.fn(() => mockProcess)
+ };
+});
// Mock claude-profile-manager to bypass auth checks in tests
vi.mock('../../main/claude-profile-manager', () => ({
@@ -107,7 +111,7 @@ describe('Subprocess Spawn Integration', () => {
const manager = new AgentManager();
manager.configure(undefined, AUTO_CLAUDE_SOURCE);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test task description');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test task description');
expect(spawn).toHaveBeenCalledWith(
EXPECTED_PYTHON_COMMAND,
@@ -132,7 +136,7 @@ describe('Subprocess Spawn Integration', () => {
const manager = new AgentManager();
manager.configure(undefined, AUTO_CLAUDE_SOURCE);
- manager.startTaskExecution('task-1', TEST_PROJECT_PATH, 'spec-001');
+ await manager.startTaskExecution('task-1', TEST_PROJECT_PATH, 'spec-001');
expect(spawn).toHaveBeenCalledWith(
EXPECTED_PYTHON_COMMAND,
@@ -154,7 +158,7 @@ describe('Subprocess Spawn Integration', () => {
const manager = new AgentManager();
manager.configure(undefined, AUTO_CLAUDE_SOURCE);
- manager.startQAProcess('task-1', TEST_PROJECT_PATH, 'spec-001');
+ await manager.startQAProcess('task-1', TEST_PROJECT_PATH, 'spec-001');
expect(spawn).toHaveBeenCalledWith(
EXPECTED_PYTHON_COMMAND,
@@ -178,7 +182,7 @@ describe('Subprocess Spawn Integration', () => {
const manager = new AgentManager();
manager.configure(undefined, AUTO_CLAUDE_SOURCE);
- manager.startTaskExecution('task-1', TEST_PROJECT_PATH, 'spec-001', {
+ await manager.startTaskExecution('task-1', TEST_PROJECT_PATH, 'spec-001', {
parallel: true,
workers: 4
});
@@ -204,7 +208,7 @@ describe('Subprocess Spawn Integration', () => {
const logHandler = vi.fn();
manager.on('log', logHandler);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
// Simulate stdout data (must include newline for buffered output processing)
mockStdout.emit('data', Buffer.from('Test log output\n'));
@@ -220,7 +224,7 @@ describe('Subprocess Spawn Integration', () => {
const logHandler = vi.fn();
manager.on('log', logHandler);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
// Simulate stderr data (must include newline for buffered output processing)
mockStderr.emit('data', Buffer.from('Progress: 50%\n'));
@@ -236,7 +240,7 @@ describe('Subprocess Spawn Integration', () => {
const exitHandler = vi.fn();
manager.on('exit', exitHandler);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
// Simulate process exit
mockProcess.emit('exit', 0);
@@ -253,7 +257,7 @@ describe('Subprocess Spawn Integration', () => {
const errorHandler = vi.fn();
manager.on('error', errorHandler);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
// Simulate process error
mockProcess.emit('error', new Error('Spawn failed'));
@@ -266,7 +270,7 @@ describe('Subprocess Spawn Integration', () => {
const manager = new AgentManager();
manager.configure(undefined, AUTO_CLAUDE_SOURCE);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
expect(manager.isRunning('task-1')).toBe(true);
@@ -293,12 +297,12 @@ describe('Subprocess Spawn Integration', () => {
manager.configure(undefined, AUTO_CLAUDE_SOURCE);
expect(manager.getRunningTasks()).toHaveLength(0);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test 1');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test 1');
expect(manager.getRunningTasks()).toContain('task-1');
- manager.startTaskExecution('task-2', TEST_PROJECT_PATH, 'spec-001');
+ await manager.startTaskExecution('task-2', TEST_PROJECT_PATH, 'spec-001');
expect(manager.getRunningTasks()).toHaveLength(2);
- });
+ }, 15000);
it('should use configured Python path', async () => {
const { spawn } = await import('child_process');
@@ -307,7 +311,7 @@ describe('Subprocess Spawn Integration', () => {
const manager = new AgentManager();
manager.configure('/custom/python3', AUTO_CLAUDE_SOURCE);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test');
expect(spawn).toHaveBeenCalledWith(
'/custom/python3',
@@ -321,8 +325,8 @@ describe('Subprocess Spawn Integration', () => {
const manager = new AgentManager();
manager.configure(undefined, AUTO_CLAUDE_SOURCE);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test 1');
- manager.startTaskExecution('task-2', TEST_PROJECT_PATH, 'spec-001');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test 1');
+ await manager.startTaskExecution('task-2', TEST_PROJECT_PATH, 'spec-001');
await manager.killAll();
@@ -334,10 +338,10 @@ describe('Subprocess Spawn Integration', () => {
const manager = new AgentManager();
manager.configure(undefined, AUTO_CLAUDE_SOURCE);
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test 1');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test 1');
// Start another process for same task
- manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test 2');
+ await manager.startSpecCreation('task-1', TEST_PROJECT_PATH, 'Test 2');
// Should have killed the first one
expect(mockProcess.kill).toHaveBeenCalled();
diff --git a/apps/frontend/src/__tests__/integration/task-lifecycle.test.ts b/apps/frontend/src/__tests__/integration/task-lifecycle.test.ts
new file mode 100644
index 0000000000..cf6641d0ec
--- /dev/null
+++ b/apps/frontend/src/__tests__/integration/task-lifecycle.test.ts
@@ -0,0 +1,382 @@
+/**
+ * Integration tests for task lifecycle
+ * Tests spec completion to subtask loading workflow (IPC communication)
+ */
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { mkdirSync, mkdtempSync, writeFileSync, rmSync, existsSync } from 'fs';
+import { tmpdir } from 'os';
+import path from 'path';
+
+// Test directories - created securely with mkdtempSync to prevent TOCTOU attacks
+let TEST_DIR: string;
+let TEST_PROJECT_PATH: string;
+let TEST_SPEC_DIR: string;
+
+// Mock ipcRenderer for renderer-side tests
+const mockIpcRenderer = {
+ invoke: vi.fn(),
+ send: vi.fn(),
+ on: vi.fn(),
+ once: vi.fn(),
+ removeListener: vi.fn(),
+ removeAllListeners: vi.fn(),
+ setMaxListeners: vi.fn()
+};
+
+// Mock contextBridge
+const exposedApis: Record = {};
+const mockContextBridge = {
+ exposeInMainWorld: vi.fn((name: string, api: unknown) => {
+ exposedApis[name] = api;
+ })
+};
+
+vi.mock('electron', () => ({
+ ipcRenderer: mockIpcRenderer,
+ contextBridge: mockContextBridge
+}));
+
+// Sample implementation plan with subtasks
+function createTestPlan(overrides: Record = {}): object {
+ return {
+ feature: 'Test Feature',
+ workflow_type: 'feature',
+ services_involved: ['frontend'],
+ phases: [
+ {
+ id: 'phase-1',
+ name: 'Implementation Phase',
+ type: 'implementation',
+ subtasks: [
+ {
+ id: 'subtask-1-1',
+ description: 'Implement feature A',
+ status: 'pending',
+ files_to_modify: ['file1.ts'],
+ files_to_create: [],
+ service: 'frontend'
+ },
+ {
+ id: 'subtask-1-2',
+ description: 'Add unit tests for feature A',
+ status: 'pending',
+ files_to_modify: [],
+ files_to_create: ['file1.test.ts'],
+ service: 'frontend'
+ }
+ ]
+ }
+ ],
+ status: 'in_progress',
+ planStatus: 'in_progress',
+ created_at: new Date().toISOString(),
+ updated_at: new Date().toISOString(),
+ ...overrides
+ };
+}
+
+// Sample implementation plan with empty phases (incomplete state)
+function createIncompletePlan(): object {
+ return {
+ feature: 'Test Feature',
+ workflow_type: 'feature',
+ services_involved: ['frontend'],
+ phases: [],
+ status: 'planning',
+ planStatus: 'planning',
+ created_at: new Date().toISOString(),
+ updated_at: new Date().toISOString()
+ };
+}
+
+// Setup test directories with secure temp directory
+function setupTestDirs(): void {
+ // Create secure temp directory with random suffix
+ TEST_DIR = mkdtempSync(path.join(tmpdir(), 'task-lifecycle-test-'));
+ TEST_PROJECT_PATH = path.join(TEST_DIR, 'test-project');
+ TEST_SPEC_DIR = path.join(TEST_PROJECT_PATH, '.auto-claude/specs/001-test-feature');
+ mkdirSync(TEST_SPEC_DIR, { recursive: true });
+}
+
+// Cleanup test directories
+function cleanupTestDirs(): void {
+ if (TEST_DIR && existsSync(TEST_DIR)) {
+ rmSync(TEST_DIR, { recursive: true, force: true });
+ }
+}
+
+describe('Task Lifecycle Integration', () => {
+ beforeEach(async () => {
+ cleanupTestDirs();
+ setupTestDirs();
+ vi.clearAllMocks();
+ vi.resetModules();
+ Object.keys(exposedApis).forEach((key) => delete exposedApis[key]);
+ });
+
+ afterEach(() => {
+ cleanupTestDirs();
+ vi.clearAllMocks();
+ });
+
+ describe('Spec completion to subtask loading', () => {
+ it('should load subtasks from implementation_plan.json after spec completion', async () => {
+ // Create implementation_plan.json with full subtask data
+ const planPath = path.join(TEST_SPEC_DIR, 'implementation_plan.json');
+ const plan = createTestPlan();
+ writeFileSync(planPath, JSON.stringify(plan, null, 2));
+
+ // Import preload script to get electronAPI
+ await import('../../preload/index');
+ const electronAPI = exposedApis['electronAPI'] as Record;
+
+ // Mock IPC response for getTasks (loads implementation_plan.json)
+ mockIpcRenderer.invoke.mockResolvedValueOnce({
+ success: true,
+ data: [
+ {
+ id: 'task-001',
+ name: 'Test Feature',
+ status: 'spec_complete',
+ specDir: TEST_SPEC_DIR,
+ plan: plan
+ }
+ ]
+ });
+
+ // Call getTasks to load plan data
+ const getTasks = electronAPI['getTasks'] as (projectId: string) => Promise;
+ const result = await getTasks('project-id');
+
+ // Verify IPC invocation
+ expect(mockIpcRenderer.invoke).toHaveBeenCalledWith('task:list', 'project-id');
+
+ // Verify task data includes plan with subtasks
+ expect(result).toMatchObject({
+ success: true,
+ data: expect.arrayContaining([
+ expect.objectContaining({
+ plan: expect.objectContaining({
+ phases: expect.arrayContaining([
+ expect.objectContaining({
+ subtasks: expect.arrayContaining([
+ expect.objectContaining({
+ id: 'subtask-1-1',
+ description: 'Implement feature A',
+ status: 'pending'
+ }),
+ expect.objectContaining({
+ id: 'subtask-1-2',
+ description: 'Add unit tests for feature A',
+ status: 'pending'
+ })
+ ])
+ })
+ ])
+ })
+ })
+ ])
+ });
+ });
+
+ it('should handle incomplete plan data with empty phases array', async () => {
+ // Create implementation_plan.json with incomplete data (empty phases)
+ const planPath = path.join(TEST_SPEC_DIR, 'implementation_plan.json');
+ const incompletePlan = createIncompletePlan();
+ writeFileSync(planPath, JSON.stringify(incompletePlan, null, 2));
+
+ await import('../../preload/index');
+ const electronAPI = exposedApis['electronAPI'] as Record;
+
+ // Mock IPC response for getTasks
+ mockIpcRenderer.invoke.mockResolvedValueOnce({
+ success: true,
+ data: [
+ {
+ id: 'task-001',
+ name: 'Test Feature',
+ status: 'planning',
+ specDir: TEST_SPEC_DIR,
+ plan: incompletePlan
+ }
+ ]
+ });
+
+ const getTasks = electronAPI['getTasks'] as (projectId: string) => Promise;
+ const result = await getTasks('project-id');
+
+ // Verify task data reflects incomplete state
+ expect(result).toMatchObject({
+ success: true,
+ data: expect.arrayContaining([
+ expect.objectContaining({
+ plan: expect.objectContaining({
+ phases: [],
+ status: 'planning'
+ })
+ })
+ ])
+ });
+ });
+
+ it('should emit task:statusChange event when task transitions from planning to spec_complete', async () => {
+ await import('../../preload/index');
+ const electronAPI = exposedApis['electronAPI'] as Record;
+
+ // Setup event listener
+ const callback = vi.fn();
+ const onTaskStatusChange = electronAPI['onTaskStatusChange'] as (cb: Function) => Function;
+ onTaskStatusChange(callback);
+
+ // Verify listener was registered
+ expect(mockIpcRenderer.on).toHaveBeenCalledWith(
+ 'task:statusChange',
+ expect.any(Function)
+ );
+
+ // Simulate status change event from main process
+ // The event handler signature is: (_event, taskId, status)
+ const eventHandler = mockIpcRenderer.on.mock.calls.find(
+ (call) => call[0] === 'task:statusChange'
+ )?.[1];
+
+ if (eventHandler) {
+ eventHandler({}, 'task-001', 'spec_complete');
+ }
+
+ // Verify callback was invoked with correct parameters (taskId, status, projectId)
+ // Note: projectId is optional and undefined when not provided
+ expect(callback).toHaveBeenCalledWith('task-001', 'spec_complete', undefined);
+ });
+
+ it('should emit task:progress event with updated plan during spec creation', async () => {
+ await import('../../preload/index');
+ const electronAPI = exposedApis['electronAPI'] as Record;
+
+ // Setup event listener
+ const callback = vi.fn();
+ const onTaskProgress = electronAPI['onTaskProgress'] as (cb: Function) => Function;
+ onTaskProgress(callback);
+
+ // Verify listener was registered
+ expect(mockIpcRenderer.on).toHaveBeenCalledWith(
+ 'task:progress',
+ expect.any(Function)
+ );
+
+ // Simulate progress event with plan update
+ // The event handler signature is: (_event, taskId, plan)
+ const eventHandler = mockIpcRenderer.on.mock.calls.find(
+ (call) => call[0] === 'task:progress'
+ )?.[1];
+
+ const plan = createTestPlan();
+ if (eventHandler) {
+ eventHandler({}, 'task-001', plan);
+ }
+
+ // Verify callback was invoked with correct parameters (taskId, plan, projectId)
+ // Note: projectId is optional and undefined when not provided
+ expect(callback).toHaveBeenCalledWith(
+ 'task-001',
+ expect.objectContaining({
+ phases: expect.arrayContaining([
+ expect.objectContaining({
+ subtasks: expect.any(Array)
+ })
+ ])
+ }),
+ undefined
+ );
+ });
+
+ it('should handle task resume by reloading implementation plan', async () => {
+ // Create implementation_plan.json
+ const planPath = path.join(TEST_SPEC_DIR, 'implementation_plan.json');
+ const plan = createTestPlan();
+ writeFileSync(planPath, JSON.stringify(plan, null, 2));
+
+ await import('../../preload/index');
+ const electronAPI = exposedApis['electronAPI'] as Record;
+
+ // Mock IPC response for task start (resume)
+ mockIpcRenderer.invoke.mockResolvedValueOnce({
+ success: true,
+ message: 'Task resumed'
+ });
+
+ // Call startTask (resume)
+ const startTask = electronAPI['startTask'] as (id: string, options?: object) => void;
+ startTask('task-001', { resume: true });
+
+ // Verify IPC send was called
+ expect(mockIpcRenderer.send).toHaveBeenCalledWith(
+ 'task:start',
+ 'task-001',
+ { resume: true }
+ );
+ });
+
+ it('should handle task update status IPC call', async () => {
+ await import('../../preload/index');
+ // Note: electronAPI is exposed but we test the IPC channel directly below
+
+ // Check if updateTaskStatus method exists (might be part of updateTask)
+ // Based on IPC_CHANNELS, we have TASK_UPDATE_STATUS
+ mockIpcRenderer.invoke.mockResolvedValueOnce({
+ success: true
+ });
+
+ // Since updateTaskStatus might not be directly exposed, we test the IPC channel directly
+ const result = await mockIpcRenderer.invoke('task:updateStatus', 'task-001', 'in_progress');
+
+ expect(mockIpcRenderer.invoke).toHaveBeenCalledWith(
+ 'task:updateStatus',
+ 'task-001',
+ 'in_progress'
+ );
+ expect(result).toMatchObject({ success: true });
+ });
+ });
+
+ describe('Event listener cleanup', () => {
+ it('should cleanup task:progress listener when cleanup function is called', async () => {
+ await import('../../preload/index');
+ const electronAPI = exposedApis['electronAPI'] as Record;
+
+ const callback = vi.fn();
+ const onTaskProgress = electronAPI['onTaskProgress'] as (cb: Function) => Function;
+ const cleanup = onTaskProgress(callback);
+
+ expect(typeof cleanup).toBe('function');
+
+ // Call cleanup
+ cleanup();
+
+ expect(mockIpcRenderer.removeListener).toHaveBeenCalledWith(
+ 'task:progress',
+ expect.any(Function)
+ );
+ });
+
+ it('should cleanup task:statusChange listener when cleanup function is called', async () => {
+ await import('../../preload/index');
+ const electronAPI = exposedApis['electronAPI'] as Record;
+
+ const callback = vi.fn();
+ const onTaskStatusChange = electronAPI['onTaskStatusChange'] as (cb: Function) => Function;
+ const cleanup = onTaskStatusChange(callback);
+
+ expect(typeof cleanup).toBe('function');
+
+ // Call cleanup
+ cleanup();
+
+ expect(mockIpcRenderer.removeListener).toHaveBeenCalledWith(
+ 'task:statusChange',
+ expect.any(Function)
+ );
+ });
+ });
+
+});
\ No newline at end of file
diff --git a/apps/frontend/src/__tests__/integration/terminal-copy-paste.test.ts b/apps/frontend/src/__tests__/integration/terminal-copy-paste.test.ts
new file mode 100644
index 0000000000..ea4cec57d3
--- /dev/null
+++ b/apps/frontend/src/__tests__/integration/terminal-copy-paste.test.ts
@@ -0,0 +1,728 @@
+/**
+ * @vitest-environment jsdom
+ */
+
+/**
+ * Integration tests for terminal copy/paste functionality
+ * Tests xterm.js selection API integration with clipboard operations
+ */
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { render, act } from '@testing-library/react';
+import React from 'react';
+import type { Mock } from 'vitest';
+import { Terminal as XTerm } from '@xterm/xterm';
+import { FitAddon } from '@xterm/addon-fit';
+import { WebLinksAddon } from '@xterm/addon-web-links';
+import { SerializeAddon } from '@xterm/addon-serialize';
+
+// Mock xterm.js and its addons
+vi.mock('@xterm/xterm', () => ({
+ Terminal: vi.fn().mockImplementation(function() {
+ return {
+ open: vi.fn(),
+ loadAddon: vi.fn(),
+ attachCustomKeyEventHandler: vi.fn(),
+ hasSelection: vi.fn(function() { return false; }),
+ getSelection: vi.fn(function() { return ''; }),
+ paste: vi.fn(),
+ input: vi.fn(),
+ onData: vi.fn(),
+ onResize: vi.fn(),
+ dispose: vi.fn(),
+ write: vi.fn(),
+ cols: 80,
+ rows: 24
+ };
+ })
+}));
+
+vi.mock('@xterm/addon-fit', () => ({
+ FitAddon: vi.fn().mockImplementation(function() {
+ return {
+ fit: vi.fn()
+ };
+ })
+}));
+
+vi.mock('@xterm/addon-web-links', () => ({
+ WebLinksAddon: vi.fn().mockImplementation(function() {
+ return {};
+ })
+}));
+
+vi.mock('@xterm/addon-serialize', () => ({
+ SerializeAddon: vi.fn().mockImplementation(function() {
+ return {
+ serialize: vi.fn(function() { return ''; }),
+ dispose: vi.fn()
+ };
+ })
+}));
+
+describe('Terminal copy/paste integration', () => {
+ let mockClipboard: {
+ writeText: Mock;
+ readText: Mock;
+ };
+
+ beforeEach(() => {
+ vi.clearAllMocks();
+
+ // Mock ResizeObserver
+ global.ResizeObserver = vi.fn().mockImplementation(function() {
+ return {
+ observe: vi.fn(),
+ unobserve: vi.fn(),
+ disconnect: vi.fn()
+ };
+ });
+
+ // Mock navigator.clipboard
+ mockClipboard = {
+ writeText: vi.fn().mockResolvedValue(undefined),
+ readText: vi.fn().mockResolvedValue('clipboard content')
+ };
+
+ Object.defineProperty(global.navigator, 'clipboard', {
+ value: mockClipboard,
+ writable: true
+ });
+
+ // Mock window.electronAPI
+ (window as unknown as { electronAPI: unknown }).electronAPI = {
+ sendTerminalInput: vi.fn()
+ };
+ });
+
+ afterEach(() => {
+ vi.restoreAllMocks();
+ });
+
+ describe('xterm.js selection API integration with clipboard write', () => {
+ it('should integrate xterm.hasSelection() with clipboard write', async () => {
+ const { useXterm } = await import('../../renderer/components/terminal/useXterm');
+
+ let keyEventHandler: ((event: KeyboardEvent) => boolean) | null = null;
+ const mockHasSelection = vi.fn(function() { return true; });
+ const mockGetSelection = vi.fn(function() { return 'selected terminal text'; });
+
+ // Override XTerm mock to be constructable
+ (XTerm as unknown as Mock).mockImplementation(function() {
+ return {
+ open: vi.fn(),
+ loadAddon: vi.fn(),
+ attachCustomKeyEventHandler: vi.fn(function(handler: (event: KeyboardEvent) => boolean) {
+ keyEventHandler = handler;
+ }),
+ hasSelection: mockHasSelection,
+ getSelection: mockGetSelection,
+ paste: vi.fn(),
+ input: vi.fn(),
+ onData: vi.fn(),
+ onResize: vi.fn(),
+ dispose: vi.fn(),
+ write: vi.fn(),
+ cols: 80,
+ rows: 24
+ };
+ });
+
+ // Need to also override the addon mocks to be constructable
+ (FitAddon as unknown as Mock).mockImplementation(function() {
+ return { fit: vi.fn() };
+ });
+
+ (WebLinksAddon as unknown as Mock).mockImplementation(function() {
+ return {};
+ });
+
+ (SerializeAddon as unknown as Mock).mockImplementation(function() {
+ return {
+ serialize: vi.fn(function() { return ''; }),
+ dispose: vi.fn()
+ };
+ });
+
+ // Create a test wrapper component that provides the DOM element
+ const TestWrapper = () => {
+ const { terminalRef } = useXterm({ terminalId: 'test-terminal' });
+ return React.createElement('div', { ref: terminalRef });
+ };
+
+ render(React.createElement(TestWrapper));
+
+ await act(async () => {
+ // Simulate copy operation
+ const event = new KeyboardEvent('keydown', {
+ key: 'c',
+ ctrlKey: true
+ });
+
+ if (keyEventHandler) {
+ keyEventHandler(event);
+ // Wait for clipboard write
+ await new Promise(resolve => setTimeout(resolve, 0));
+ }
+ });
+
+ // Verify integration: hasSelection() called
+ expect(mockHasSelection).toHaveBeenCalled();
+
+ // Verify integration: getSelection() called when hasSelection returns true
+ expect(mockGetSelection).toHaveBeenCalled();
+
+ // Verify integration: clipboard.writeText() called with selection
+ expect(mockClipboard.writeText).toHaveBeenCalledWith('selected terminal text');
+ });
+
+ it('should not call getSelection when hasSelection returns false', async () => {
+ const { useXterm } = await import('../../renderer/components/terminal/useXterm');
+
+ let keyEventHandler: ((event: KeyboardEvent) => boolean) | null = null;
+ const mockHasSelection = vi.fn(function() { return false; });
+ const mockGetSelection = vi.fn(function() { return ''; });
+
+ // Override XTerm mock to be constructable
+ (XTerm as unknown as Mock).mockImplementation(function() {
+ return {
+ open: vi.fn(),
+ loadAddon: vi.fn(),
+ attachCustomKeyEventHandler: vi.fn(function(handler: (event: KeyboardEvent) => boolean) {
+ keyEventHandler = handler;
+ }),
+ hasSelection: mockHasSelection,
+ getSelection: mockGetSelection,
+ paste: vi.fn(),
+ input: vi.fn(),
+ onData: vi.fn(),
+ onResize: vi.fn(),
+ dispose: vi.fn(),
+ write: vi.fn(),
+ cols: 80,
+ rows: 24
+ };
+ });
+
+ // Need to also override the addon mocks to be constructable
+ (FitAddon as unknown as Mock).mockImplementation(function() {
+ return { fit: vi.fn() };
+ });
+
+ (WebLinksAddon as unknown as Mock).mockImplementation(function() {
+ return {};
+ });
+
+ (SerializeAddon as unknown as Mock).mockImplementation(function() {
+ return {
+ serialize: vi.fn(function() { return ''; }),
+ dispose: vi.fn()
+ };
+ });
+
+ // Create a test wrapper component that provides the DOM element
+ const TestWrapper = () => {
+ const { terminalRef } = useXterm({ terminalId: 'test-terminal' });
+ return React.createElement('div', { ref: terminalRef });
+ };
+
+ render(React.createElement(TestWrapper));
+
+ await act(async () => {
+ const event = new KeyboardEvent('keydown', {
+ key: 'c',
+ ctrlKey: true
+ });
+
+ if (keyEventHandler) {
+ keyEventHandler(event);
+ }
+ });
+
+ // Verify hasSelection was called
+ expect(mockHasSelection).toHaveBeenCalled();
+
+ // Verify getSelection was NOT called (no selection)
+ expect(mockGetSelection).not.toHaveBeenCalled();
+
+ // Verify clipboard was NOT written to
+ expect(mockClipboard.writeText).not.toHaveBeenCalled();
+ });
+ });
+
+ describe('clipboard read with xterm paste integration', () => {
+ let originalNavigatorPlatform: string;
+
+ beforeEach(() => {
+ // Capture original navigator.platform
+ originalNavigatorPlatform = navigator.platform;
+ });
+
+ afterEach(() => {
+ // Restore navigator.platform
+ Object.defineProperty(navigator, 'platform', {
+ value: originalNavigatorPlatform,
+ writable: true
+ });
+ });
+
+ it('should integrate clipboard.readText() with xterm.paste()', async () => {
+ const { useXterm } = await import('../../renderer/components/terminal/useXterm');
+
+ // Mock Windows platform
+ Object.defineProperty(navigator, 'platform', {
+ value: 'Win32',
+ writable: true
+ });
+
+ let keyEventHandler: ((event: KeyboardEvent) => boolean) | null = null;
+ const mockPaste = vi.fn();
+
+ // Override XTerm mock to be constructable
+ (XTerm as unknown as Mock).mockImplementation(function() {
+ return {
+ open: vi.fn(),
+ loadAddon: vi.fn(),
+ attachCustomKeyEventHandler: vi.fn(function(handler: (event: KeyboardEvent) => boolean) {
+ keyEventHandler = handler;
+ }),
+ hasSelection: vi.fn(),
+ getSelection: vi.fn(),
+ paste: mockPaste,
+ input: vi.fn(),
+ onData: vi.fn(),
+ onResize: vi.fn(),
+ dispose: vi.fn(),
+ write: vi.fn(),
+ cols: 80,
+ rows: 24
+ };
+ });
+
+ // Need to also override the addon mocks to be constructable
+ (FitAddon as unknown as Mock).mockImplementation(function() {
+ return { fit: vi.fn() };
+ });
+
+ (WebLinksAddon as unknown as Mock).mockImplementation(function() {
+ return {};
+ });
+
+ (SerializeAddon as unknown as Mock).mockImplementation(function() {
+ return {
+ serialize: vi.fn(function() { return ''; }),
+ dispose: vi.fn()
+ };
+ });
+
+ mockClipboard.readText.mockResolvedValue('pasted text');
+
+ // Create a test wrapper component that provides the DOM element
+ const TestWrapper = () => {
+ const { terminalRef } = useXterm({ terminalId: 'test-terminal' });
+ return React.createElement('div', { ref: terminalRef });
+ };
+
+ render(React.createElement(TestWrapper));
+
+ await act(async () => {
+ const event = new KeyboardEvent('keydown', {
+ key: 'v',
+ ctrlKey: true
+ });
+
+ if (keyEventHandler) {
+ keyEventHandler(event);
+ // Wait for clipboard read and paste
+ await new Promise(resolve => setTimeout(resolve, 0));
+ }
+ });
+
+ // Verify integration: clipboard.readText() called
+ expect(mockClipboard.readText).toHaveBeenCalled();
+
+ // Verify integration: xterm.paste() called with clipboard content
+ expect(mockPaste).toHaveBeenCalledWith('pasted text');
+ });
+
+ it('should not paste when clipboard is empty', async () => {
+ const { useXterm } = await import('../../renderer/components/terminal/useXterm');
+
+ // Mock Linux platform
+ Object.defineProperty(navigator, 'platform', {
+ value: 'Linux',
+ writable: true
+ });
+
+ let keyEventHandler: ((event: KeyboardEvent) => boolean) | null = null;
+ const mockPaste = vi.fn();
+
+ // Override XTerm mock to be constructable
+ (XTerm as unknown as Mock).mockImplementation(function() {
+ return {
+ open: vi.fn(),
+ loadAddon: vi.fn(),
+ attachCustomKeyEventHandler: vi.fn(function(handler: (event: KeyboardEvent) => boolean) {
+ keyEventHandler = handler;
+ }),
+ hasSelection: vi.fn(),
+ getSelection: vi.fn(),
+ paste: mockPaste,
+ input: vi.fn(),
+ onData: vi.fn(),
+ onResize: vi.fn(),
+ dispose: vi.fn(),
+ write: vi.fn(),
+ cols: 80,
+ rows: 24
+ };
+ });
+
+ // Need to also override the addon mocks to be constructable
+ (FitAddon as unknown as Mock).mockImplementation(function() {
+ return { fit: vi.fn() };
+ });
+
+ (WebLinksAddon as unknown as Mock).mockImplementation(function() {
+ return {};
+ });
+
+ (SerializeAddon as unknown as Mock).mockImplementation(function() {
+ return {
+ serialize: vi.fn(function() { return ''; }),
+ dispose: vi.fn()
+ };
+ });
+
+ // Mock empty clipboard
+ mockClipboard.readText.mockResolvedValue('');
+
+ // Create a test wrapper component that provides the DOM element
+ const TestWrapper = () => {
+ const { terminalRef } = useXterm({ terminalId: 'test-terminal' });
+ return React.createElement('div', { ref: terminalRef });
+ };
+
+ render(React.createElement(TestWrapper));
+
+ await act(async () => {
+ const event = new KeyboardEvent('keydown', {
+ key: 'v',
+ ctrlKey: true
+ });
+
+ if (keyEventHandler) {
+ keyEventHandler(event);
+ // Wait for clipboard read
+ await new Promise(resolve => setTimeout(resolve, 0));
+ }
+ });
+
+ // Verify clipboard was read
+ expect(mockClipboard.readText).toHaveBeenCalled();
+
+ // Verify paste was NOT called for empty clipboard
+ expect(mockPaste).not.toHaveBeenCalled();
+ });
+ });
+
+ describe('keyboard event propagation', () => {
+ it('should prevent copy/paste events from interfering with other shortcuts', async () => {
+ const { useXterm } = await import('../../renderer/components/terminal/useXterm');
+
+ let keyEventHandler: ((event: KeyboardEvent) => boolean) | null = null;
+ let eventCallOrder: string[] = [];
+
+ // Override XTerm mock to be constructable
+ (XTerm as unknown as Mock).mockImplementation(function() {
+ return {
+ open: vi.fn(),
+ loadAddon: vi.fn(),
+ attachCustomKeyEventHandler: vi.fn(function(handler: (event: KeyboardEvent) => boolean) {
+ keyEventHandler = handler;
+ }),
+ hasSelection: vi.fn(function() { return true; }),
+ getSelection: vi.fn(function() { return 'selection'; }),
+ paste: vi.fn(),
+ input: vi.fn(function(data: string) {
+ eventCallOrder.push(`input:${data}`);
+ }),
+ onData: vi.fn(),
+ onResize: vi.fn(),
+ dispose: vi.fn(),
+ write: vi.fn(),
+ cols: 80,
+ rows: 24
+ };
+ });
+
+ // Need to also override the addon mocks to be constructable
+ (FitAddon as unknown as Mock).mockImplementation(function() {
+ return { fit: vi.fn() };
+ });
+
+ (WebLinksAddon as unknown as Mock).mockImplementation(function() {
+ return {};
+ });
+
+ (SerializeAddon as unknown as Mock).mockImplementation(function() {
+ return {
+ serialize: vi.fn(function() { return ''; }),
+ dispose: vi.fn()
+ };
+ });
+
+ // Create a test wrapper component that provides the DOM element
+ const TestWrapper = () => {
+ const { terminalRef } = useXterm({ terminalId: 'test-terminal' });
+ return React.createElement('div', { ref: terminalRef });
+ };
+
+ render(React.createElement(TestWrapper));
+
+ await act(async () => {
+ // Test SHIFT+Enter (should work independently of copy/paste)
+ const shiftEnterEvent = new KeyboardEvent('keydown', {
+ key: 'Enter',
+ shiftKey: true,
+ ctrlKey: false,
+ metaKey: false
+ });
+
+ if (keyEventHandler) {
+ keyEventHandler(shiftEnterEvent);
+ }
+
+ // Verify SHIFT+Enter still works (sends newline)
+ expect(eventCallOrder.some(s => s.includes('\x1b\n'))).toBe(true);
+
+ // Test CTRL+C with selection (should not interfere)
+ eventCallOrder = [];
+ const copyEvent = new KeyboardEvent('keydown', {
+ key: 'c',
+ ctrlKey: true
+ });
+
+ if (keyEventHandler) {
+ keyEventHandler(copyEvent);
+ // Wait for clipboard write
+ await new Promise(resolve => setTimeout(resolve, 0));
+ }
+
+ // Copy should not send input to terminal
+ expect(eventCallOrder).toHaveLength(0);
+
+ // Test CTRL+V (should not interfere)
+ const pasteEvent = new KeyboardEvent('keydown', {
+ key: 'v',
+ ctrlKey: true
+ });
+
+ if (keyEventHandler) {
+ keyEventHandler(pasteEvent);
+ // Wait for clipboard read
+ await new Promise(resolve => setTimeout(resolve, 0));
+ }
+
+ // Paste should use xterm.paste(), not xterm.input()
+ // The input() should not be called directly
+ expect(eventCallOrder).toHaveLength(0);
+ });
+ });
+
+ it('should maintain correct handler ordering for existing shortcuts', async () => {
+ const { useXterm } = await import('../../renderer/components/terminal/useXterm');
+
+ let keyEventHandler: ((event: KeyboardEvent) => boolean) | null = null;
+ let handlerResults: { key: string; handled: boolean }[] = [];
+ const mockHasSelection = vi.fn(function() { return false; });
+
+ // Override XTerm mock to be constructable
+ (XTerm as unknown as Mock).mockImplementation(function() {
+ return {
+ open: vi.fn(),
+ loadAddon: vi.fn(),
+ attachCustomKeyEventHandler: vi.fn(function(handler: (event: KeyboardEvent) => boolean) {
+ keyEventHandler = handler;
+ }),
+ hasSelection: mockHasSelection,
+ getSelection: vi.fn(),
+ paste: vi.fn(),
+ input: vi.fn(),
+ onData: vi.fn(),
+ onResize: vi.fn(),
+ dispose: vi.fn(),
+ write: vi.fn(),
+ cols: 80,
+ rows: 24
+ };
+ });
+
+ // Need to also override the addon mocks to be constructable
+ (FitAddon as unknown as Mock).mockImplementation(function() {
+ return { fit: vi.fn() };
+ });
+
+ (WebLinksAddon as unknown as Mock).mockImplementation(function() {
+ return {};
+ });
+
+ (SerializeAddon as unknown as Mock).mockImplementation(function() {
+ return {
+ serialize: vi.fn(function() { return ''; }),
+ dispose: vi.fn()
+ };
+ });
+
+ // Create a test wrapper component that provides the DOM element
+ const TestWrapper = () => {
+ const { terminalRef } = useXterm({ terminalId: 'test-terminal' });
+ return React.createElement('div', { ref: terminalRef });
+ };
+
+ render(React.createElement(TestWrapper));
+
+ // Helper to test key handling
+ const testKey = (key: string, ctrl: boolean, meta: boolean, shift: boolean) => {
+ const event = new KeyboardEvent('keydown', {
+ key,
+ ctrlKey: ctrl,
+ metaKey: meta,
+ shiftKey: shift
+ });
+
+ if (keyEventHandler) {
+ const handled = keyEventHandler(event);
+ handlerResults.push({ key, handled });
+ }
+ };
+
+ await act(async () => {
+ // Test existing shortcuts (should return false to bubble up)
+ testKey('1', true, false, false); // Ctrl+1
+ testKey('Tab', true, false, false); // Ctrl+Tab
+ testKey('t', true, false, false); // Ctrl+T
+ testKey('w', true, false, false); // Ctrl+W
+
+ // Verify these return false (bubble to window handler)
+ expect(handlerResults.filter(r => !r.handled)).toHaveLength(4);
+
+ // Test copy/paste WITHOUT selection (should pass through to send ^C)
+ handlerResults = [];
+ mockHasSelection.mockReturnValue(false);
+ testKey('c', true, false, false); // Ctrl+C without selection
+
+ // Should return true (let ^C pass through to terminal for interrupt signal)
+ expect(handlerResults[0].handled).toBe(true);
+ });
+ });
+ });
+
+ describe('clipboard error handling without breaking terminal', () => {
+ it('should continue terminal operation after clipboard error', async () => {
+ const { useXterm } = await import('../../renderer/components/terminal/useXterm');
+
+ // Mock Windows platform to enable custom paste handler
+ Object.defineProperty(navigator, 'platform', {
+ value: 'Win32',
+ writable: true
+ });
+
+ let keyEventHandler: ((event: KeyboardEvent) => boolean) | null = null;
+ const mockPaste = vi.fn();
+ const mockInput = vi.fn();
+ const mockSendTerminalInput = vi.fn();
+ let onDataCallback: ((data: string) => void) | undefined;
+ let errorLogged = false;
+
+ const consoleErrorSpy = vi.spyOn(console, 'error').mockImplementation(function(...args: unknown[]) {
+ if (String(args[0]).includes('[useXterm]')) {
+ errorLogged = true;
+ }
+ });
+
+ // Mock clipboard error
+ mockClipboard.readText = vi.fn().mockRejectedValue(new Error('Clipboard denied'));
+
+ // Mock window.electronAPI with sendTerminalInput
+ (window as unknown as { electronAPI: { sendTerminalInput: Mock } }).electronAPI = {
+ sendTerminalInput: mockSendTerminalInput
+ };
+
+ // Override XTerm mock to be constructable
+ (XTerm as unknown as Mock).mockImplementation(function() {
+ return {
+ open: vi.fn(),
+ loadAddon: vi.fn(),
+ attachCustomKeyEventHandler: vi.fn(function(handler: (event: KeyboardEvent) => boolean) {
+ keyEventHandler = handler;
+ }),
+ hasSelection: vi.fn(),
+ getSelection: vi.fn(),
+ paste: mockPaste,
+ input: mockInput,
+ onData: vi.fn(function(callback: (data: string) => void) {
+ onDataCallback = callback;
+ }),
+ onResize: vi.fn(),
+ dispose: vi.fn(),
+ write: vi.fn(),
+ cols: 80,
+ rows: 24
+ };
+ });
+
+ // Need to also override the addon mocks to be constructable
+ (FitAddon as unknown as Mock).mockImplementation(function() {
+ return { fit: vi.fn() };
+ });
+
+ (WebLinksAddon as unknown as Mock).mockImplementation(function() {
+ return {};
+ });
+
+ (SerializeAddon as unknown as Mock).mockImplementation(function() {
+ return {
+ serialize: vi.fn(function() { return ''; }),
+ dispose: vi.fn()
+ };
+ });
+
+ // Create a test wrapper component that provides the DOM element
+ const TestWrapper = () => {
+ const { terminalRef } = useXterm({ terminalId: 'test-terminal' });
+ return React.createElement('div', { ref: terminalRef });
+ };
+
+ render(React.createElement(TestWrapper));
+
+ await act(async () => {
+ // Try to paste (will fail)
+ const pasteEvent = new KeyboardEvent('keydown', {
+ key: 'v',
+ ctrlKey: true
+ });
+
+ if (keyEventHandler) {
+ keyEventHandler(pasteEvent);
+ // Wait for clipboard error
+ await new Promise(resolve => setTimeout(resolve, 0));
+ }
+ });
+
+ // Verify error was logged
+ expect(errorLogged).toBe(true);
+
+ // Verify terminal still works (can accept input through onData callback)
+ const inputData = 'test command';
+
+ if (onDataCallback) {
+ onDataCallback(inputData);
+ }
+
+ // Verify input was sent to electronAPI (terminal still functional)
+ expect(mockSendTerminalInput).toHaveBeenCalledWith('test-terminal', 'test command');
+
+ consoleErrorSpy.mockRestore();
+ });
+ });
+});
diff --git a/apps/frontend/src/__tests__/setup.ts b/apps/frontend/src/__tests__/setup.ts
index 34f7a6465f..27643a4800 100644
--- a/apps/frontend/src/__tests__/setup.ts
+++ b/apps/frontend/src/__tests__/setup.ts
@@ -28,6 +28,25 @@ Object.defineProperty(global, 'localStorage', {
value: localStorageMock
});
+// Mock scrollIntoView for Radix Select in jsdom
+if (typeof HTMLElement !== 'undefined' && !HTMLElement.prototype.scrollIntoView) {
+ Object.defineProperty(HTMLElement.prototype, 'scrollIntoView', {
+ value: vi.fn(),
+ writable: true
+ });
+}
+
+// Mock requestAnimationFrame/cancelAnimationFrame for jsdom
+// Required by useXterm.ts which uses requestAnimationFrame for initial fit
+if (typeof global.requestAnimationFrame === 'undefined') {
+ global.requestAnimationFrame = vi.fn((callback: FrameRequestCallback) => {
+ return setTimeout(() => callback(Date.now()), 0) as unknown as number;
+ });
+ global.cancelAnimationFrame = vi.fn((id: number) => {
+ clearTimeout(id);
+ });
+}
+
// Test data directory for isolated file operations
export const TEST_DATA_DIR = '/tmp/auto-claude-ui-tests';
@@ -88,7 +107,14 @@ if (typeof window !== 'undefined') {
success: true,
data: { openProjectIds: [], activeProjectId: null, tabOrder: [] }
}),
- saveTabState: vi.fn().mockResolvedValue({ success: true })
+ saveTabState: vi.fn().mockResolvedValue({ success: true }),
+ // Profile-related API methods (API Profile feature)
+ getAPIProfiles: vi.fn(),
+ saveAPIProfile: vi.fn(),
+ updateAPIProfile: vi.fn(),
+ deleteAPIProfile: vi.fn(),
+ setActiveAPIProfile: vi.fn(),
+ testConnection: vi.fn()
};
}
diff --git a/apps/frontend/src/main/__tests__/claude-cli-utils.test.ts b/apps/frontend/src/main/__tests__/claude-cli-utils.test.ts
new file mode 100644
index 0000000000..42bd919b3b
--- /dev/null
+++ b/apps/frontend/src/main/__tests__/claude-cli-utils.test.ts
@@ -0,0 +1,126 @@
+import path from 'path';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+
+const mockGetToolPath = vi.fn<() => string>();
+const mockGetAugmentedEnv = vi.fn<() => Record>();
+
+vi.mock('../cli-tool-manager', () => ({
+ getToolPath: mockGetToolPath,
+}));
+
+vi.mock('../env-utils', () => ({
+ getAugmentedEnv: mockGetAugmentedEnv,
+}));
+
+describe('claude-cli-utils', () => {
+ beforeEach(() => {
+ mockGetToolPath.mockReset();
+ mockGetAugmentedEnv.mockReset();
+ vi.resetModules();
+ });
+
+ it('prepends the CLI directory to PATH when the command is absolute', async () => {
+ const command = process.platform === 'win32'
+ ? 'C:\\Tools\\claude\\claude.exe'
+ : '/opt/claude/bin/claude';
+ const env = {
+ PATH: process.platform === 'win32'
+ ? 'C:\\Windows\\System32'
+ : '/usr/bin',
+ HOME: '/tmp',
+ };
+ mockGetToolPath.mockReturnValue(command);
+ mockGetAugmentedEnv.mockReturnValue(env);
+
+ const { getClaudeCliInvocation } = await import('../claude-cli-utils');
+ const result = getClaudeCliInvocation();
+
+ const separator = process.platform === 'win32' ? ';' : ':';
+ expect(result.command).toBe(command);
+ expect(result.env.PATH.split(separator)[0]).toBe(path.dirname(command));
+ expect(result.env.HOME).toBe(env.HOME);
+ });
+
+ it('sets PATH to the command directory when PATH is empty', async () => {
+ const command = process.platform === 'win32'
+ ? 'C:\\Tools\\claude\\claude.exe'
+ : '/opt/claude/bin/claude';
+ const env = { PATH: '' };
+ mockGetToolPath.mockReturnValue(command);
+ mockGetAugmentedEnv.mockReturnValue(env);
+
+ const { getClaudeCliInvocation } = await import('../claude-cli-utils');
+ const result = getClaudeCliInvocation();
+
+ expect(result.env.PATH).toBe(path.dirname(command));
+ });
+
+ it('sets PATH to the command directory when PATH is missing', async () => {
+ const command = process.platform === 'win32'
+ ? 'C:\\Tools\\claude\\claude.exe'
+ : '/opt/claude/bin/claude';
+ const env = {};
+ mockGetToolPath.mockReturnValue(command);
+ mockGetAugmentedEnv.mockReturnValue(env);
+
+ const { getClaudeCliInvocation } = await import('../claude-cli-utils');
+ const result = getClaudeCliInvocation();
+
+ expect(result.env.PATH).toBe(path.dirname(command));
+ });
+
+ it('keeps PATH unchanged when the command is not absolute', async () => {
+ const env = {
+ PATH: process.platform === 'win32'
+ ? 'C:\\Windows;C:\\Windows\\System32'
+ : '/usr/bin:/bin',
+ };
+ mockGetToolPath.mockReturnValue('claude');
+ mockGetAugmentedEnv.mockReturnValue(env);
+
+ const { getClaudeCliInvocation } = await import('../claude-cli-utils');
+ const result = getClaudeCliInvocation();
+
+ expect(result.command).toBe('claude');
+ expect(result.env.PATH).toBe(env.PATH);
+ });
+
+ it('does not duplicate the command directory in PATH', async () => {
+ const command = process.platform === 'win32'
+ ? 'C:\\Tools\\claude\\claude.exe'
+ : '/opt/claude/bin/claude';
+ const commandDir = path.dirname(command);
+ const separator = process.platform === 'win32' ? ';' : ':';
+ const env = { PATH: `${commandDir}${separator}/usr/bin` };
+
+ mockGetToolPath.mockReturnValue(command);
+ mockGetAugmentedEnv.mockReturnValue(env);
+
+ const { getClaudeCliInvocation } = await import('../claude-cli-utils');
+ const result = getClaudeCliInvocation();
+
+ expect(result.env.PATH).toBe(env.PATH);
+ });
+
+ it('treats PATH entries case-insensitively on Windows', async () => {
+ const originalPlatform = Object.getOwnPropertyDescriptor(process, 'platform');
+ Object.defineProperty(process, 'platform', { value: 'win32' });
+
+ try {
+ const command = 'C:\\Tools\\claude\\claude.exe';
+ const env = { PATH: 'c:\\tools\\claude;C:\\Windows' };
+
+ mockGetToolPath.mockReturnValue(command);
+ mockGetAugmentedEnv.mockReturnValue(env);
+
+ const { getClaudeCliInvocation } = await import('../claude-cli-utils');
+ const result = getClaudeCliInvocation();
+
+ expect(result.env.PATH).toBe(env.PATH);
+ } finally {
+ if (originalPlatform) {
+ Object.defineProperty(process, 'platform', originalPlatform);
+ }
+ }
+ });
+});
diff --git a/apps/frontend/src/main/__tests__/cli-tool-manager.test.ts b/apps/frontend/src/main/__tests__/cli-tool-manager.test.ts
new file mode 100644
index 0000000000..5222690779
--- /dev/null
+++ b/apps/frontend/src/main/__tests__/cli-tool-manager.test.ts
@@ -0,0 +1,723 @@
+/**
+ * Unit tests for cli-tool-manager
+ * Tests CLI tool detection with focus on NVM path detection
+ */
+
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { existsSync, readdirSync } from 'fs';
+import os from 'os';
+import { execFileSync } from 'child_process';
+import {
+ getToolInfo,
+ getToolPathAsync,
+ clearToolCache,
+ getClaudeDetectionPaths,
+ sortNvmVersionDirs,
+ buildClaudeDetectionResult
+} from '../cli-tool-manager';
+import {
+ findWindowsExecutableViaWhere,
+ findWindowsExecutableViaWhereAsync
+} from '../utils/windows-paths';
+import { findExecutable, findExecutableAsync } from '../env-utils';
+
+// Mock Electron app
+vi.mock('electron', () => ({
+ app: {
+ isPackaged: false,
+ getPath: vi.fn()
+ }
+}));
+
+// Mock os module
+vi.mock('os', () => ({
+ default: {
+ homedir: vi.fn(() => '/mock/home')
+ }
+}));
+
+// Mock fs module - need to mock both sync and promises
+vi.mock('fs', () => ({
+ existsSync: vi.fn(),
+ readdirSync: vi.fn(),
+ promises: {}
+}));
+
+// Mock child_process for execFileSync, execFile, execSync, and exec (used in validation)
+// execFile and exec need to be promisify-compatible
+// IMPORTANT: execSync and execFileSync share the same mock so tests that set one will affect both
+// This is because validateClaude() uses execSync for .cmd files and execFileSync for others
+vi.mock('child_process', () => {
+ // Shared mock for sync execution - both execFileSync and execSync use this
+ // so when tests call vi.mocked(execFileSync).mockReturnValue(), it affects execSync too
+ const sharedSyncMock = vi.fn();
+
+ const mockExecFile = vi.fn((cmd: any, args: any, options: any, callback: any) => {
+ // Return a minimal ChildProcess-like object
+ const childProcess = {
+ stdout: { on: vi.fn() },
+ stderr: { on: vi.fn() },
+ on: vi.fn()
+ };
+
+ // If callback is provided, call it asynchronously
+ if (typeof callback === 'function') {
+ setImmediate(() => callback(null, 'claude-code version 1.0.0\n', ''));
+ }
+
+ return childProcess as any;
+ });
+
+ const mockExec = vi.fn((cmd: any, options: any, callback: any) => {
+ // Return a minimal ChildProcess-like object
+ const childProcess = {
+ stdout: { on: vi.fn() },
+ stderr: { on: vi.fn() },
+ on: vi.fn()
+ };
+
+ // If callback is provided, call it asynchronously
+ if (typeof callback === 'function') {
+ setImmediate(() => callback(null, 'claude-code version 1.0.0\n', ''));
+ }
+
+ return childProcess as any;
+ });
+
+ return {
+ execFileSync: sharedSyncMock,
+ execFile: mockExecFile,
+ execSync: sharedSyncMock, // Share with execFileSync so tests work for both
+ exec: mockExec
+ };
+});
+
+// Mock env-utils to avoid PATH augmentation complexity
+vi.mock('../env-utils', () => ({
+ findExecutable: vi.fn(() => null), // Return null to force platform-specific path checking
+ findExecutableAsync: vi.fn(() => Promise.resolve(null)),
+ getAugmentedEnv: vi.fn(() => ({ PATH: '' })),
+ getAugmentedEnvAsync: vi.fn(() => Promise.resolve({ PATH: '' })),
+ shouldUseShell: vi.fn((command: string) => {
+ // Mock shouldUseShell to match actual behavior
+ if (process.platform !== 'win32') {
+ return false;
+ }
+ return /\.(cmd|bat)$/i.test(command);
+ }),
+ getSpawnOptions: vi.fn((command: string, baseOptions?: any) => ({
+ ...baseOptions,
+ shell: /\.(cmd|bat)$/i.test(command) && process.platform === 'win32'
+ })),
+ existsAsync: vi.fn(() => Promise.resolve(false))
+}));
+
+// Mock homebrew-python utility
+vi.mock('../utils/homebrew-python', () => ({
+ findHomebrewPython: vi.fn(() => null)
+}));
+
+// Mock windows-paths utility
+vi.mock('../utils/windows-paths', () => ({
+ findWindowsExecutableViaWhere: vi.fn(() => null),
+ findWindowsExecutableViaWhereAsync: vi.fn(() => Promise.resolve(null))
+}));
+
+describe('cli-tool-manager - Claude CLI NVM detection', () => {
+ beforeEach(() => {
+ vi.clearAllMocks();
+ // Set default platform to Linux
+ Object.defineProperty(process, 'platform', {
+ value: 'linux',
+ writable: true
+ });
+ });
+
+ afterEach(() => {
+ clearToolCache();
+ });
+
+ const mockHomeDir = '/mock/home';
+
+ describe('NVM path detection on Unix/Linux/macOS', () => {
+ it('should detect Claude CLI in NVM directory when multiple Node versions exist', () => {
+ // Mock home directory
+ vi.mocked(os.homedir).mockReturnValue(mockHomeDir);
+
+ // Mock NVM directory exists
+ vi.mocked(existsSync).mockImplementation((filePath) => {
+ const pathStr = String(filePath);
+ // NVM versions directory exists
+ if (pathStr.includes('.nvm/versions/node') || pathStr.includes('.nvm\\versions\\node')) {
+ return true;
+ }
+ // Claude CLI exists in v22.17.0
+ if (pathStr.includes('v22.17.0/bin/claude') || pathStr.includes('v22.17.0\\bin\\claude')) {
+ return true;
+ }
+ return false;
+ });
+
+ // Mock Node.js version directories (three versions)
+ const mockDirents = [
+ { name: 'v20.0.0', isDirectory: () => true },
+ { name: 'v22.17.0', isDirectory: () => true },
+ { name: 'v18.20.0', isDirectory: () => true },
+ ];
+ vi.mocked(readdirSync).mockReturnValue(mockDirents as any);
+
+ // Mock execFileSync to simulate successful version check
+ vi.mocked(execFileSync).mockReturnValue('claude-code version 1.0.0\n');
+
+ const result = getToolInfo('claude');
+
+ expect(result.found).toBe(true);
+ // Path should contain version and claude (works with both / and \ separators)
+ expect(result.path).toMatch(/v22\.17\.0[/\\]bin[/\\]claude/);
+ expect(result.version).toBe('1.0.0');
+ expect(result.source).toBe('nvm');
+ expect(result.message).toContain('Using NVM Claude CLI');
+ });
+
+ it('should skip NVM path detection on Windows', () => {
+ // Set platform to Windows
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true
+ });
+
+ vi.mocked(os.homedir).mockReturnValue('C:\\Users\\test');
+ vi.mocked(existsSync).mockReturnValue(false);
+ vi.mocked(readdirSync).mockReturnValue([]);
+
+ const result = getToolInfo('claude');
+
+ // readdirSync should not be called for NVM on Windows
+ expect(readdirSync).not.toHaveBeenCalled();
+ expect(result.source).toBe('fallback'); // Should fallback since no other paths exist
+ });
+
+ it('should handle missing NVM directory gracefully', () => {
+ vi.mocked(os.homedir).mockReturnValue(mockHomeDir);
+
+ // NVM directory doesn't exist
+ vi.mocked(existsSync).mockReturnValue(false);
+
+ const result = getToolInfo('claude');
+
+ // Should not crash, should continue to platform paths
+ expect(result).toBeDefined();
+ expect(result.found).toBe(false);
+ });
+
+ it('should try next version if Claude not found in newest Node version', () => {
+ vi.mocked(os.homedir).mockReturnValue(mockHomeDir);
+
+ // NVM directory exists, but Claude only exists in v20.0.0
+ vi.mocked(existsSync).mockImplementation((filePath) => {
+ const pathStr = String(filePath);
+ // Check for claude binary paths first (more specific)
+ if (pathStr.includes('claude')) {
+ // Claude only exists in v20.0.0, not in v22.17.0
+ return pathStr.includes('v20.0.0');
+ }
+ // NVM versions directory exists
+ if (pathStr.includes('.nvm')) {
+ return true;
+ }
+ return false;
+ });
+
+ const mockDirents = [
+ { name: 'v22.17.0', isDirectory: () => true },
+ { name: 'v20.0.0', isDirectory: () => true },
+ ];
+ vi.mocked(readdirSync).mockReturnValue(mockDirents as any);
+ vi.mocked(execFileSync).mockReturnValue('claude-code version 1.5.0\n');
+
+ const result = getToolInfo('claude');
+
+ expect(result.found).toBe(true);
+ expect(result.path).toMatch(/v20\.0\.0[/\\]bin[/\\]claude/);
+ });
+
+ it('should validate Claude CLI before returning NVM path', () => {
+ vi.mocked(os.homedir).mockReturnValue(mockHomeDir);
+
+ vi.mocked(existsSync).mockImplementation((filePath) => {
+ const pathStr = String(filePath);
+ // Check for claude binary paths first
+ if (pathStr.includes('claude')) {
+ return pathStr.includes('v22.17.0');
+ }
+ // NVM directory exists
+ if (pathStr.includes('.nvm')) return true;
+ return false;
+ });
+
+ const mockDirents = [
+ { name: 'v22.17.0', isDirectory: () => true },
+ ];
+ vi.mocked(readdirSync).mockReturnValue(mockDirents as any);
+
+ // Mock validation failure
+ vi.mocked(execFileSync).mockImplementation(() => {
+ throw new Error('Command not found or invalid');
+ });
+
+ const result = getToolInfo('claude');
+
+ // Should not return invalid Claude path, should continue to platform paths
+ expect(result.found).toBe(false);
+ expect(result.source).toBe('fallback');
+ });
+
+ it('should use version sorting to prioritize newest Node version', () => {
+ vi.mocked(os.homedir).mockReturnValue(mockHomeDir);
+
+ vi.mocked(existsSync).mockImplementation((filePath) => {
+ const pathStr = String(filePath);
+ if (pathStr.includes('.nvm/versions/node') || pathStr.includes('.nvm\\versions\\node')) return true;
+ // Claude exists in all versions
+ if (pathStr.includes('/bin/claude') || pathStr.includes('\\bin\\claude')) return true;
+ return false;
+ });
+
+ // Versions in random order
+ const mockDirents = [
+ { name: 'v18.20.0', isDirectory: () => true },
+ { name: 'v22.17.0', isDirectory: () => true },
+ { name: 'v20.5.0', isDirectory: () => true },
+ ];
+ vi.mocked(readdirSync).mockReturnValue(mockDirents as any);
+ vi.mocked(execFileSync).mockReturnValue('claude-code version 1.0.0\n');
+
+ const result = getToolInfo('claude');
+
+ expect(result.found).toBe(true);
+ expect(result.path).toContain('v22.17.0'); // Highest version
+ });
+ });
+
+ describe('Platform-specific path detection', () => {
+ it('should detect Claude CLI in Windows AppData npm global path', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true
+ });
+
+ vi.mocked(os.homedir).mockReturnValue('C:\\Users\\test');
+
+ vi.mocked(existsSync).mockImplementation((filePath) => {
+ const pathStr = String(filePath);
+ // Check path components (path.join uses host OS separator)
+ if (pathStr.includes('AppData') &&
+ pathStr.includes('npm') &&
+ pathStr.includes('claude.cmd')) {
+ return true;
+ }
+ return false;
+ });
+
+ vi.mocked(execFileSync).mockReturnValue('claude-code version 1.0.0\n');
+
+ const result = getToolInfo('claude');
+
+ expect(result.found).toBe(true);
+ expect(result.path).toMatch(/AppData[/\\]Roaming[/\\]npm[/\\]claude\.cmd/);
+ expect(result.source).toBe('system-path');
+ });
+
+ it('should detect Claude CLI in Unix .local/bin path', () => {
+ vi.mocked(os.homedir).mockReturnValue('/home/user');
+
+ vi.mocked(existsSync).mockImplementation((filePath) => {
+ const pathStr = String(filePath);
+ if (pathStr.includes('.local/bin/claude') || pathStr.includes('.local\\bin\\claude')) {
+ return true;
+ }
+ return false;
+ });
+
+ vi.mocked(execFileSync).mockReturnValue('claude-code version 2.0.0\n');
+
+ const result = getToolInfo('claude');
+
+ expect(result.found).toBe(true);
+ expect(result.path).toMatch(/\.local[/\\]bin[/\\]claude/);
+ expect(result.version).toBe('2.0.0');
+ });
+
+ it('should return fallback when Claude CLI not found anywhere', () => {
+ vi.mocked(os.homedir).mockReturnValue('/home/user');
+ vi.mocked(existsSync).mockReturnValue(false);
+
+ const result = getToolInfo('claude');
+
+ expect(result.found).toBe(false);
+ expect(result.source).toBe('fallback');
+ expect(result.message).toContain('Claude CLI not found');
+ });
+ });
+
+});
+
+/**
+ * Unit tests for helper functions
+ */
+describe('cli-tool-manager - Helper Functions', () => {
+ describe('getClaudeDetectionPaths', () => {
+ it('should return homebrew paths on macOS', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'darwin',
+ writable: true
+ });
+
+ const paths = getClaudeDetectionPaths('/Users/test');
+
+ expect(paths.homebrewPaths).toContain('/opt/homebrew/bin/claude');
+ expect(paths.homebrewPaths).toContain('/usr/local/bin/claude');
+ });
+
+ it('should return Windows paths on win32', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true
+ });
+
+ const paths = getClaudeDetectionPaths('C:\\Users\\test');
+
+ // Windows paths should include AppData and Program Files
+ expect(paths.platformPaths.some(p => p.includes('AppData'))).toBe(true);
+ expect(paths.platformPaths.some(p => p.includes('Program Files'))).toBe(true);
+ });
+
+ it('should return Unix paths on Linux', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'linux',
+ writable: true
+ });
+
+ const paths = getClaudeDetectionPaths('/home/test');
+
+ // Check for paths containing the expected components (works with both / and \ separators)
+ expect(paths.platformPaths.some(p => p.includes('.local') && p.includes('bin') && p.includes('claude'))).toBe(true);
+ expect(paths.platformPaths.some(p => p.includes('bin') && p.includes('claude'))).toBe(true);
+ });
+
+ it('should return correct NVM versions directory', () => {
+ const paths = getClaudeDetectionPaths('/home/test');
+
+ // Check path components exist (works with both / and \ separators)
+ expect(paths.nvmVersionsDir).toContain('.nvm');
+ expect(paths.nvmVersionsDir).toContain('versions');
+ expect(paths.nvmVersionsDir).toContain('node');
+ });
+ });
+
+ describe('sortNvmVersionDirs', () => {
+ it('should sort versions in descending order (newest first)', () => {
+ const entries = [
+ { name: 'v18.20.0', isDirectory: () => true },
+ { name: 'v22.17.0', isDirectory: () => true },
+ { name: 'v20.5.0', isDirectory: () => true },
+ ];
+
+ const sorted = sortNvmVersionDirs(entries);
+
+ expect(sorted).toEqual(['v22.17.0', 'v20.5.0', 'v18.20.0']);
+ });
+
+ it('should filter out non-version directories', () => {
+ const entries = [
+ { name: 'v20.0.0', isDirectory: () => true },
+ { name: 'current', isDirectory: () => true },
+ { name: '.DS_Store', isDirectory: () => false },
+ { name: 'system', isDirectory: () => true },
+ ];
+
+ const sorted = sortNvmVersionDirs(entries);
+
+ expect(sorted).toEqual(['v20.0.0']);
+ expect(sorted).not.toContain('current');
+ expect(sorted).not.toContain('system');
+ });
+
+ it('should handle malformed version strings', () => {
+ const entries = [
+ { name: 'v22.17.0', isDirectory: () => true },
+ { name: 'v20.abc.1', isDirectory: () => true }, // Invalid version
+ { name: 'v18.20.0', isDirectory: () => true },
+ ];
+
+ const sorted = sortNvmVersionDirs(entries);
+
+ // Should filter out malformed versions
+ expect(sorted).toContain('v22.17.0');
+ expect(sorted).toContain('v18.20.0');
+ expect(sorted).not.toContain('v20.abc.1');
+ });
+
+ it('should handle patch version comparison correctly', () => {
+ const entries = [
+ { name: 'v20.0.1', isDirectory: () => true },
+ { name: 'v20.0.10', isDirectory: () => true },
+ { name: 'v20.0.2', isDirectory: () => true },
+ ];
+
+ const sorted = sortNvmVersionDirs(entries);
+
+ expect(sorted).toEqual(['v20.0.10', 'v20.0.2', 'v20.0.1']);
+ });
+ });
+
+ describe('buildClaudeDetectionResult', () => {
+ it('should return null when validation fails', () => {
+ const result = buildClaudeDetectionResult(
+ '/path/to/claude',
+ { valid: false, message: 'Not valid' },
+ 'nvm',
+ 'Found via NVM'
+ );
+
+ expect(result).toBeNull();
+ });
+
+ it('should return proper result when validation succeeds', () => {
+ const result = buildClaudeDetectionResult(
+ '/path/to/claude',
+ { valid: true, version: '1.0.0', message: 'Valid' },
+ 'nvm',
+ 'Found via NVM'
+ );
+
+ expect(result).not.toBeNull();
+ expect(result?.found).toBe(true);
+ expect(result?.path).toBe('/path/to/claude');
+ expect(result?.version).toBe('1.0.0');
+ expect(result?.source).toBe('nvm');
+ expect(result?.message).toContain('Found via NVM');
+ expect(result?.message).toContain('/path/to/claude');
+ });
+
+ it('should include path in message', () => {
+ const result = buildClaudeDetectionResult(
+ '/home/user/.nvm/versions/node/v22.17.0/bin/claude',
+ { valid: true, version: '2.0.0', message: 'OK' },
+ 'nvm',
+ 'Detected Claude CLI'
+ );
+
+ expect(result?.message).toContain('Detected Claude CLI');
+ expect(result?.message).toContain('/home/user/.nvm/versions/node/v22.17.0/bin/claude');
+ });
+ });
+});
+
+/**
+ * Unit tests for Claude CLI Windows where.exe detection
+ */
+describe('cli-tool-manager - Claude CLI Windows where.exe detection', () => {
+ beforeEach(() => {
+ vi.clearAllMocks();
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true
+ });
+ });
+
+ afterEach(() => {
+ clearToolCache();
+ });
+
+ it('should detect Claude CLI via where.exe when not in PATH', () => {
+ vi.mocked(os.homedir).mockReturnValue('C:\\Users\\test');
+
+ // Mock findExecutable returns null (not in PATH)
+ vi.mocked(findExecutable).mockReturnValue(null);
+
+ // Mock where.exe finds it in nvm-windows location
+ vi.mocked(findWindowsExecutableViaWhere).mockReturnValue(
+ 'D:\\Program Files\\nvm4w\\nodejs\\claude.cmd'
+ );
+
+ // Mock file system checks
+ vi.mocked(existsSync).mockImplementation((filePath) => {
+ const pathStr = String(filePath);
+ if (pathStr.includes('nvm4w') && pathStr.includes('claude.cmd')) {
+ return true;
+ }
+ return false;
+ });
+
+ // Mock validation success
+ vi.mocked(execFileSync).mockReturnValue('claude-code version 1.0.0\n');
+
+ const result = getToolInfo('claude');
+
+ expect(result.found).toBe(true);
+ expect(result.path).toContain('nvm4w');
+ expect(result.path).toContain('claude.cmd');
+ expect(result.source).toBe('system-path');
+ expect(result.message).toContain('Using Windows Claude CLI');
+ });
+
+ it('should skip where.exe on non-Windows platforms', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'darwin',
+ writable: true
+ });
+
+ vi.mocked(findWindowsExecutableViaWhere).mockReturnValue(null);
+
+ // Mock other detection methods to fail
+ vi.mocked(existsSync).mockReturnValue(false);
+
+ getToolInfo('claude');
+
+ // where.exe should not be called on macOS
+ expect(findWindowsExecutableViaWhere).not.toHaveBeenCalled();
+ });
+
+ it('should validate Claude CLI before returning where.exe path', () => {
+ vi.mocked(os.homedir).mockReturnValue('C:\\Users\\test');
+
+ vi.mocked(findExecutable).mockReturnValue(null);
+
+ vi.mocked(findWindowsExecutableViaWhere).mockReturnValue(
+ 'D:\\Tools\\claude.cmd'
+ );
+
+ // Mock file system to return false for all paths except where.exe result
+ vi.mocked(existsSync).mockImplementation((filePath) => {
+ const pathStr = String(filePath);
+ if (pathStr.includes('Tools') && pathStr.includes('claude.cmd')) {
+ return true;
+ }
+ return false;
+ });
+
+ // Mock validation failure (executable doesn't respond correctly)
+ vi.mocked(execFileSync).mockImplementation(() => {
+ throw new Error('Command failed');
+ });
+
+ const result = getToolInfo('claude');
+
+ // Should not return the unvalidated path, fallback to not found
+ expect(result.found).toBe(false);
+ expect(result.source).toBe('fallback');
+ });
+
+ it('should fallback to platform paths if where.exe fails', () => {
+ vi.mocked(os.homedir).mockReturnValue('C:\\Users\\test');
+
+ vi.mocked(findExecutable).mockReturnValue(null);
+
+ vi.mocked(findWindowsExecutableViaWhere).mockReturnValue(null);
+
+ // Mock platform path exists (AppData npm global)
+ vi.mocked(existsSync).mockImplementation((filePath) => {
+ const pathStr = String(filePath);
+ if (pathStr.includes('AppData') && pathStr.includes('npm') && pathStr.includes('claude.cmd')) {
+ return true;
+ }
+ return false;
+ });
+
+ vi.mocked(execFileSync).mockReturnValue('claude-code version 1.0.0\n');
+
+ const result = getToolInfo('claude');
+
+ expect(result.found).toBe(true);
+ expect(result.path).toContain('AppData');
+ expect(result.path).toContain('npm');
+ expect(result.path).toContain('claude.cmd');
+ });
+
+ it('should prefer .cmd/.exe paths when where.exe returns multiple results', () => {
+ vi.mocked(os.homedir).mockReturnValue('C:\\Users\\test');
+
+ vi.mocked(findExecutable).mockReturnValue(null);
+
+ // Simulate where.exe returning path with .cmd extension (preferred over no extension)
+ vi.mocked(findWindowsExecutableViaWhere).mockReturnValue(
+ 'D:\\Program Files\\nvm4w\\nodejs\\claude.cmd'
+ );
+
+ vi.mocked(existsSync).mockReturnValue(true);
+ vi.mocked(execFileSync).mockReturnValue('claude-code version 1.0.0\n');
+
+ const result = getToolInfo('claude');
+
+ expect(result.found).toBe(true);
+ expect(result.path).toBe('D:\\Program Files\\nvm4w\\nodejs\\claude.cmd');
+ expect(result.path).toMatch(/\.(cmd|exe)$/i);
+ });
+
+ it('should handle where.exe execution errors gracefully', () => {
+ vi.mocked(os.homedir).mockReturnValue('C:\\Users\\test');
+
+ vi.mocked(findExecutable).mockReturnValue(null);
+
+ // Simulate where.exe error (returns null as designed)
+ vi.mocked(findWindowsExecutableViaWhere).mockReturnValue(null);
+
+ vi.mocked(existsSync).mockReturnValue(false);
+
+ // Should not crash, should continue to next detection method
+ const result = getToolInfo('claude');
+
+ expect(result).toBeDefined();
+ expect(result.found).toBe(false);
+ expect(result.source).toBe('fallback');
+ });
+});
+
+/**
+ * Unit tests for async Claude CLI Windows where.exe detection
+ */
+describe('cli-tool-manager - Claude CLI async Windows where.exe detection', () => {
+ beforeEach(() => {
+ vi.clearAllMocks();
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true
+ });
+ });
+
+ afterEach(() => {
+ clearToolCache();
+ });
+
+ it('should detect Claude CLI via where.exe asynchronously', async () => {
+ vi.mocked(os.homedir).mockReturnValue('C:\\Users\\test');
+
+ vi.mocked(findExecutableAsync).mockResolvedValue(null);
+
+ vi.mocked(findWindowsExecutableViaWhereAsync).mockResolvedValue(null);
+
+ // Mock file system - no platform paths exist
+ vi.mocked(existsSync).mockReturnValue(false);
+
+ await getToolPathAsync('claude');
+
+ // Verify where.exe was called on Windows
+ expect(findWindowsExecutableViaWhereAsync).toHaveBeenCalledWith('claude', '[Claude CLI]');
+ });
+
+ it('should handle async where.exe errors gracefully', async () => {
+ vi.mocked(os.homedir).mockReturnValue('C:\\Users\\test');
+
+ vi.mocked(findExecutableAsync).mockResolvedValue(null);
+
+ vi.mocked(findWindowsExecutableViaWhereAsync).mockResolvedValue(null);
+
+ vi.mocked(existsSync).mockReturnValue(false);
+
+ // Should not crash
+ const result = await getToolPathAsync('claude');
+
+ expect(result).toBe('claude'); // Fallback
+ });
+});
diff --git a/apps/frontend/src/main/__tests__/env-handlers-claude-cli.test.ts b/apps/frontend/src/main/__tests__/env-handlers-claude-cli.test.ts
new file mode 100644
index 0000000000..3f310d5dea
--- /dev/null
+++ b/apps/frontend/src/main/__tests__/env-handlers-claude-cli.test.ts
@@ -0,0 +1,252 @@
+import { EventEmitter } from 'events';
+import path from 'path';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { IPC_CHANNELS } from '../../shared/constants';
+const {
+ mockGetClaudeCliInvocation,
+ mockGetClaudeCliInvocationAsync,
+ mockGetProject,
+ spawnMock,
+ mockIpcMain,
+} = vi.hoisted(() => {
+ const ipcMain = new (class {
+ handlers = new Map();
+
+ handle(channel: string, handler: Function): void {
+ this.handlers.set(channel, handler);
+ }
+
+ getHandler(channel: string): Function | undefined {
+ return this.handlers.get(channel);
+ }
+ })();
+
+ return {
+ mockGetClaudeCliInvocation: vi.fn(),
+ mockGetClaudeCliInvocationAsync: vi.fn(),
+ mockGetProject: vi.fn(),
+ spawnMock: vi.fn(),
+ mockIpcMain: ipcMain,
+ };
+});
+
+vi.mock('../claude-cli-utils', () => ({
+ getClaudeCliInvocation: mockGetClaudeCliInvocation,
+ getClaudeCliInvocationAsync: mockGetClaudeCliInvocationAsync,
+}));
+
+vi.mock('../project-store', () => ({
+ projectStore: {
+ getProject: mockGetProject,
+ },
+}));
+
+vi.mock('child_process', () => {
+ const mockExecFile = vi.fn((cmd: any, args: any, options: any, callback: any) => {
+ // Return a minimal ChildProcess-like object
+ const childProcess = {
+ stdout: { on: vi.fn() },
+ stderr: { on: vi.fn() },
+ on: vi.fn()
+ };
+
+ // If callback is provided, call it asynchronously
+ if (typeof callback === 'function') {
+ setImmediate(() => callback(null, '', ''));
+ }
+
+ return childProcess as any;
+ });
+
+ return {
+ spawn: spawnMock,
+ execFileSync: vi.fn(),
+ execFile: mockExecFile
+ };
+});
+
+vi.mock('electron', () => ({
+ app: {
+ getPath: vi.fn((name: string) => {
+ if (name === 'userData') return path.join('/tmp', 'userData');
+ return '/tmp';
+ }),
+ },
+ ipcMain: mockIpcMain,
+}));
+
+import { registerEnvHandlers } from '../ipc-handlers/env-handlers';
+
+function createProc(): EventEmitter & { stdout?: EventEmitter; stderr?: EventEmitter } {
+ const proc = new EventEmitter() as EventEmitter & {
+ stdout?: EventEmitter;
+ stderr?: EventEmitter;
+ };
+ proc.stdout = new EventEmitter();
+ proc.stderr = new EventEmitter();
+ return proc;
+}
+
+// Helper to flush all pending promises (needed for async mock resolution)
+function flushPromises(): Promise {
+ return new Promise(resolve => setTimeout(resolve, 0));
+}
+
+describe('env-handlers Claude CLI usage', () => {
+ beforeEach(() => {
+ mockGetClaudeCliInvocation.mockReset();
+ mockGetClaudeCliInvocationAsync.mockReset();
+ mockGetProject.mockReset();
+ spawnMock.mockReset();
+ });
+
+ it('uses resolved Claude CLI path/env for auth checks', async () => {
+ const claudeEnv = { PATH: '/opt/claude/bin:/usr/bin' };
+ const command = '/opt/claude/bin/claude';
+ mockGetClaudeCliInvocationAsync.mockResolvedValue({
+ command,
+ env: claudeEnv,
+ });
+ mockGetProject.mockReturnValue({ id: 'p1', path: '/tmp/project' });
+
+ const procs: ReturnType[] = [];
+ spawnMock.mockImplementation(() => {
+ const proc = createProc();
+ procs.push(proc);
+ return proc;
+ });
+
+ registerEnvHandlers(() => null);
+ const handler = mockIpcMain.getHandler(IPC_CHANNELS.ENV_CHECK_CLAUDE_AUTH);
+ if (!handler) {
+ throw new Error('ENV_CHECK_CLAUDE_AUTH handler not registered');
+ }
+
+ const resultPromise = handler({}, 'p1');
+ // Wait for async CLI resolution before checking spawn
+ await flushPromises();
+ expect(spawnMock).toHaveBeenCalledTimes(1);
+ expect(spawnMock).toHaveBeenCalledWith(
+ command,
+ ['--version'],
+ expect.objectContaining({ cwd: '/tmp/project', env: claudeEnv, shell: false })
+ );
+
+ procs[0].emit('close', 0);
+ await Promise.resolve();
+
+ expect(spawnMock).toHaveBeenCalledTimes(2);
+ expect(spawnMock).toHaveBeenCalledWith(
+ command,
+ ['api', '--help'],
+ expect.objectContaining({ cwd: '/tmp/project', env: claudeEnv, shell: false })
+ );
+
+ procs[1].emit('close', 0);
+
+ const result = await resultPromise;
+ expect(result).toEqual({ success: true, data: { success: true, authenticated: true } });
+ });
+
+ it('uses resolved Claude CLI path/env for setup-token', async () => {
+ const claudeEnv = { PATH: '/opt/claude/bin:/usr/bin' };
+ const command = '/opt/claude/bin/claude';
+ mockGetClaudeCliInvocationAsync.mockResolvedValue({
+ command,
+ env: claudeEnv,
+ });
+ mockGetProject.mockReturnValue({ id: 'p2', path: '/tmp/project' });
+
+ const proc = createProc();
+ spawnMock.mockReturnValue(proc);
+
+ registerEnvHandlers(() => null);
+ const handler = mockIpcMain.getHandler(IPC_CHANNELS.ENV_INVOKE_CLAUDE_SETUP);
+ if (!handler) {
+ throw new Error('ENV_INVOKE_CLAUDE_SETUP handler not registered');
+ }
+
+ const resultPromise = handler({}, 'p2');
+ // Wait for async CLI resolution before checking spawn
+ await flushPromises();
+ expect(spawnMock).toHaveBeenCalledWith(
+ command,
+ ['setup-token'],
+ expect.objectContaining({
+ cwd: '/tmp/project',
+ env: claudeEnv,
+ shell: false,
+ stdio: 'inherit'
+ })
+ );
+
+ proc.emit('close', 0);
+ const result = await resultPromise;
+ expect(result).toEqual({ success: true, data: { success: true, authenticated: true } });
+ });
+
+ it('returns an error when Claude CLI resolution throws', async () => {
+ mockGetClaudeCliInvocationAsync.mockRejectedValue(new Error('Claude CLI exploded'));
+ mockGetProject.mockReturnValue({ id: 'p3', path: '/tmp/project' });
+
+ registerEnvHandlers(() => null);
+ const handler = mockIpcMain.getHandler(IPC_CHANNELS.ENV_CHECK_CLAUDE_AUTH);
+ if (!handler) {
+ throw new Error('ENV_CHECK_CLAUDE_AUTH handler not registered');
+ }
+
+ const result = await handler({}, 'p3');
+ expect(result.success).toBe(false);
+ expect(result.error).toContain('Claude CLI exploded');
+ expect(spawnMock).not.toHaveBeenCalled();
+ });
+
+ it('returns an error when Claude CLI command is missing', async () => {
+ mockGetClaudeCliInvocationAsync.mockResolvedValue({ command: '', env: {} });
+ mockGetProject.mockReturnValue({ id: 'p4', path: '/tmp/project' });
+
+ registerEnvHandlers(() => null);
+ const handler = mockIpcMain.getHandler(IPC_CHANNELS.ENV_CHECK_CLAUDE_AUTH);
+ if (!handler) {
+ throw new Error('ENV_CHECK_CLAUDE_AUTH handler not registered');
+ }
+
+ const result = await handler({}, 'p4');
+ expect(result.success).toBe(false);
+ expect(result.error).toContain('Claude CLI path not resolved');
+ expect(spawnMock).not.toHaveBeenCalled();
+ });
+
+ it('returns an error when Claude CLI exits with a non-zero code', async () => {
+ const claudeEnv = { PATH: '/opt/claude/bin:/usr/bin' };
+ const command = '/opt/claude/bin/claude';
+ mockGetClaudeCliInvocationAsync.mockResolvedValue({
+ command,
+ env: claudeEnv,
+ });
+ mockGetProject.mockReturnValue({ id: 'p5', path: '/tmp/project' });
+
+ const proc = createProc();
+ spawnMock.mockReturnValue(proc);
+
+ registerEnvHandlers(() => null);
+ const handler = mockIpcMain.getHandler(IPC_CHANNELS.ENV_CHECK_CLAUDE_AUTH);
+ if (!handler) {
+ throw new Error('ENV_CHECK_CLAUDE_AUTH handler not registered');
+ }
+
+ const resultPromise = handler({}, 'p5');
+ // Wait for async CLI resolution before checking spawn
+ await flushPromises();
+ expect(spawnMock).toHaveBeenCalledWith(
+ command,
+ ['--version'],
+ expect.objectContaining({ cwd: '/tmp/project', env: claudeEnv, shell: false })
+ );
+ proc.emit('close', 1);
+
+ const result = await resultPromise;
+ expect(result.success).toBe(false);
+ expect(result.error).toContain('Claude CLI not found');
+ });
+});
diff --git a/apps/frontend/src/main/__tests__/env-utils.test.ts b/apps/frontend/src/main/__tests__/env-utils.test.ts
new file mode 100644
index 0000000000..cc0ee17c72
--- /dev/null
+++ b/apps/frontend/src/main/__tests__/env-utils.test.ts
@@ -0,0 +1,200 @@
+import { describe, expect, it, beforeEach, afterEach } from 'vitest';
+import { shouldUseShell, getSpawnOptions } from '../env-utils';
+
+describe('shouldUseShell', () => {
+ const originalPlatform = process.platform;
+
+ afterEach(() => {
+ // Restore original platform after each test
+ Object.defineProperty(process, 'platform', {
+ value: originalPlatform,
+ writable: true,
+ configurable: true,
+ });
+ });
+
+ describe('Windows platform', () => {
+ beforeEach(() => {
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true,
+ configurable: true,
+ });
+ });
+
+ it('should return true for .cmd files', () => {
+ expect(shouldUseShell('D:\\Program Files\\nodejs\\claude.cmd')).toBe(true);
+ expect(shouldUseShell('C:\\Users\\admin\\AppData\\Roaming\\npm\\claude.cmd')).toBe(true);
+ });
+
+ it('should return true for .bat files', () => {
+ expect(shouldUseShell('C:\\batch\\script.bat')).toBe(true);
+ });
+
+ it('should return true for .CMD (uppercase)', () => {
+ expect(shouldUseShell('D:\\Tools\\CLAUDE.CMD')).toBe(true);
+ });
+
+ it('should return true for .BAT (uppercase)', () => {
+ expect(shouldUseShell('C:\\Scripts\\SETUP.BAT')).toBe(true);
+ });
+
+ it('should return false for .exe files', () => {
+ expect(shouldUseShell('C:\\Windows\\System32\\git.exe')).toBe(false);
+ });
+
+ it('should return false for extensionless files', () => {
+ expect(shouldUseShell('D:\\Git\\bin\\bash')).toBe(false);
+ });
+
+ it('should handle paths with spaces and special characters', () => {
+ expect(shouldUseShell('D:\\Program Files (x86)\\tool.cmd')).toBe(true);
+ expect(shouldUseShell('D:\\Path&Name\\tool.cmd')).toBe(true);
+ expect(shouldUseShell('D:\\Program Files (x86)\\tool.exe')).toBe(false);
+ });
+ });
+
+ describe('Non-Windows platforms', () => {
+ it('should return false on macOS', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'darwin',
+ writable: true,
+ configurable: true,
+ });
+ expect(shouldUseShell('/usr/local/bin/claude')).toBe(false);
+ expect(shouldUseShell('/opt/homebrew/bin/claude.cmd')).toBe(false);
+ });
+
+ it('should return false on Linux', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'linux',
+ writable: true,
+ configurable: true,
+ });
+ expect(shouldUseShell('/usr/bin/claude')).toBe(false);
+ expect(shouldUseShell('/home/user/.local/bin/claude.bat')).toBe(false);
+ });
+ });
+});
+
+describe('getSpawnOptions', () => {
+ const originalPlatform = process.platform;
+
+ afterEach(() => {
+ // Restore original platform after each test
+ Object.defineProperty(process, 'platform', {
+ value: originalPlatform,
+ writable: true,
+ configurable: true,
+ });
+ });
+
+ it('should set shell: true for .cmd files on Windows', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true,
+ configurable: true,
+ });
+
+ const opts = getSpawnOptions('D:\\nodejs\\claude.cmd', {
+ cwd: 'D:\\project',
+ env: { PATH: 'C:\\Windows' },
+ });
+
+ expect(opts).toEqual({
+ cwd: 'D:\\project',
+ env: { PATH: 'C:\\Windows' },
+ shell: true,
+ });
+ });
+
+ it('should set shell: false for .exe files on Windows', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true,
+ configurable: true,
+ });
+
+ const opts = getSpawnOptions('C:\\Windows\\git.exe', {
+ cwd: 'D:\\project',
+ });
+
+ expect(opts).toEqual({
+ cwd: 'D:\\project',
+ shell: false,
+ });
+ });
+
+ it('should preserve all base options including stdio', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true,
+ configurable: true,
+ });
+
+ const opts = getSpawnOptions('D:\\tool.cmd', {
+ cwd: 'D:\\project',
+ env: { FOO: 'bar' },
+ timeout: 5000,
+ windowsHide: true,
+ stdio: 'inherit',
+ });
+
+ expect(opts).toEqual({
+ cwd: 'D:\\project',
+ env: { FOO: 'bar' },
+ timeout: 5000,
+ windowsHide: true,
+ stdio: 'inherit',
+ shell: true,
+ });
+ });
+
+ it('should handle empty base options', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true,
+ configurable: true,
+ });
+
+ const opts = getSpawnOptions('D:\\tool.cmd');
+
+ expect(opts).toEqual({
+ shell: true,
+ });
+ });
+
+ it('should set shell: false on non-Windows platforms', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'darwin',
+ writable: true,
+ configurable: true,
+ });
+
+ const opts = getSpawnOptions('/usr/local/bin/claude', {
+ cwd: '/project',
+ });
+
+ expect(opts).toEqual({
+ cwd: '/project',
+ shell: false,
+ });
+ });
+
+ it('should handle .bat files on Windows', () => {
+ Object.defineProperty(process, 'platform', {
+ value: 'win32',
+ writable: true,
+ configurable: true,
+ });
+
+ const opts = getSpawnOptions('C:\\scripts\\setup.bat', {
+ cwd: 'D:\\project',
+ });
+
+ expect(opts).toEqual({
+ cwd: 'D:\\project',
+ shell: true,
+ });
+ });
+});
diff --git a/apps/frontend/src/main/__tests__/insights-config.test.ts b/apps/frontend/src/main/__tests__/insights-config.test.ts
new file mode 100644
index 0000000000..5775d65ab0
--- /dev/null
+++ b/apps/frontend/src/main/__tests__/insights-config.test.ts
@@ -0,0 +1,99 @@
+/**
+ * @vitest-environment node
+ */
+import path from 'path';
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { InsightsConfig } from '../insights/config';
+
+vi.mock('electron', () => ({
+ app: {
+ getAppPath: () => '/app',
+ getPath: () => '/tmp',
+ isPackaged: false
+ }
+}));
+
+vi.mock('../rate-limit-detector', () => ({
+ getProfileEnv: () => ({ CLAUDE_CODE_OAUTH_TOKEN: 'oauth-token' })
+}));
+
+const mockGetApiProfileEnv = vi.fn();
+vi.mock('../services/profile', () => ({
+ getAPIProfileEnv: (...args: unknown[]) => mockGetApiProfileEnv(...args)
+}));
+
+const mockGetPythonEnv = vi.fn();
+vi.mock('../python-env-manager', () => ({
+ pythonEnvManager: {
+ getPythonEnv: () => mockGetPythonEnv()
+ }
+}));
+
+describe('InsightsConfig', () => {
+ const originalEnv = { ...process.env };
+
+ beforeEach(() => {
+ process.env = { ...originalEnv, TEST_ENV: 'ok' };
+ mockGetApiProfileEnv.mockResolvedValue({
+ ANTHROPIC_BASE_URL: 'https://api.z.ai',
+ ANTHROPIC_AUTH_TOKEN: 'key'
+ });
+ mockGetPythonEnv.mockReturnValue({ PYTHONPATH: '/site-packages' });
+ });
+
+ afterEach(() => {
+ process.env = { ...originalEnv };
+ vi.clearAllMocks();
+ vi.restoreAllMocks();
+ });
+
+ it('should build process env with python and profile settings', async () => {
+ const config = new InsightsConfig();
+ vi.spyOn(config, 'loadAutoBuildEnv').mockReturnValue({ CUSTOM_ENV: '1' });
+ vi.spyOn(config, 'getAutoBuildSourcePath').mockReturnValue('/backend');
+
+ const env = await config.getProcessEnv();
+
+ expect(env.TEST_ENV).toBe('ok');
+ expect(env.CUSTOM_ENV).toBe('1');
+ expect(env.CLAUDE_CODE_OAUTH_TOKEN).toBe('oauth-token');
+ expect(env.ANTHROPIC_BASE_URL).toBe('https://api.z.ai');
+ expect(env.ANTHROPIC_AUTH_TOKEN).toBe('key');
+ expect(env.PYTHONPATH).toBe(['/site-packages', '/backend'].join(path.delimiter));
+ });
+
+ it('should clear ANTHROPIC env vars in OAuth mode when no API profile is set', async () => {
+ const config = new InsightsConfig();
+ mockGetApiProfileEnv.mockResolvedValue({});
+ process.env = {
+ ...originalEnv,
+ ANTHROPIC_AUTH_TOKEN: 'stale-token',
+ ANTHROPIC_BASE_URL: 'https://stale.example'
+ };
+
+ const env = await config.getProcessEnv();
+
+ expect(env.ANTHROPIC_AUTH_TOKEN).toBe('');
+ expect(env.ANTHROPIC_BASE_URL).toBe('');
+ });
+
+ it('should set PYTHONPATH only to auto-build path when python env has none', async () => {
+ const config = new InsightsConfig();
+ mockGetPythonEnv.mockReturnValue({});
+ vi.spyOn(config, 'getAutoBuildSourcePath').mockReturnValue('/backend');
+
+ const env = await config.getProcessEnv();
+
+ expect(env.PYTHONPATH).toBe('/backend');
+ });
+
+ it('should keep PYTHONPATH from python env when auto-build path is missing', async () => {
+ const config = new InsightsConfig();
+ mockGetPythonEnv.mockReturnValue({ PYTHONPATH: '/site-packages' });
+ vi.spyOn(config, 'getAutoBuildSourcePath').mockReturnValue(null);
+
+ const env = await config.getProcessEnv();
+
+ expect(env.PYTHONPATH).toBe('/site-packages');
+ });
+});
diff --git a/apps/frontend/src/main/__tests__/ipc-handlers.test.ts b/apps/frontend/src/main/__tests__/ipc-handlers.test.ts
index 86699e5c7c..c969ca335a 100644
--- a/apps/frontend/src/main/__tests__/ipc-handlers.test.ts
+++ b/apps/frontend/src/main/__tests__/ipc-handlers.test.ts
@@ -139,7 +139,8 @@ function cleanupTestDirs(): void {
}
}
-describe('IPC Handlers', () => {
+// Increase timeout for all tests in this file due to dynamic imports and setup overhead
+describe('IPC Handlers', { timeout: 15000 }, () => {
let ipcMain: EventEmitter & {
handlers: Map;
invokeHandler: (channel: string, event: unknown, ...args: unknown[]) => Promise;
@@ -519,7 +520,8 @@ describe('IPC Handlers', () => {
expect(mockMainWindow.webContents.send).toHaveBeenCalledWith(
'task:log',
'task-1',
- 'Test log message'
+ 'Test log message',
+ undefined // projectId is undefined when task not found
);
});
@@ -532,7 +534,8 @@ describe('IPC Handlers', () => {
expect(mockMainWindow.webContents.send).toHaveBeenCalledWith(
'task:error',
'task-1',
- 'Test error message'
+ 'Test error message',
+ undefined // projectId is undefined when task not found
);
});
@@ -556,7 +559,8 @@ describe('IPC Handlers', () => {
expect(mockMainWindow.webContents.send).toHaveBeenCalledWith(
'task:statusChange',
'task-1',
- 'human_review'
+ 'human_review',
+ expect.any(String) // projectId for multi-project filtering
);
});
});
diff --git a/apps/frontend/src/main/agent/agent-events.ts b/apps/frontend/src/main/agent/agent-events.ts
index 99dd9d6b9f..da7493e401 100644
--- a/apps/frontend/src/main/agent/agent-events.ts
+++ b/apps/frontend/src/main/agent/agent-events.ts
@@ -176,19 +176,35 @@ export class AgentEvents {
let phase = currentPhase;
let progress = currentProgress;
+ // Phase section headers (primary detection)
if (log.includes('PROJECT ANALYSIS')) {
phase = 'analyzing';
- progress = 20;
+ progress = 15;
} else if (log.includes('PROJECT DISCOVERY')) {
phase = 'discovering';
- progress = 40;
+ progress = 30;
+ } else if (log.includes('COMPETITOR ANALYSIS')) {
+ phase = 'competitors';
+ progress = 45;
+ } else if (log.includes('PERSONA GENERATION')) {
+ phase = 'personas';
+ progress = 60;
} else if (log.includes('FEATURE GENERATION')) {
phase = 'generating';
- progress = 70;
+ progress = 75;
} else if (log.includes('ROADMAP GENERATED')) {
phase = 'complete';
progress = 100;
}
+ // Skip/reuse detection - show completion and advance progress
+ else if (currentPhase === 'competitors' &&
+ (log.includes('not enabled, skipping') || log.includes('already exists'))) {
+ progress = 55; // Mark competitor phase as done
+ }
+ else if (currentPhase === 'personas' &&
+ (log.includes('not enabled, skipping') || log.includes('existing personas'))) {
+ progress = 70; // Mark persona phase as done
+ }
return { phase, progress };
}
diff --git a/apps/frontend/src/main/agent/agent-manager.ts b/apps/frontend/src/main/agent/agent-manager.ts
index a0d65d1fae..b0d42fd66f 100644
--- a/apps/frontend/src/main/agent/agent-manager.ts
+++ b/apps/frontend/src/main/agent/agent-manager.ts
@@ -9,9 +9,10 @@ import { getClaudeProfileManager } from '../claude-profile-manager';
import {
SpecCreationMetadata,
TaskExecutionOptions,
- RoadmapConfig
+ RoadmapConfig,
+ PersonaConfig
} from './types';
-import type { IdeationConfig } from '../../shared/types';
+import type { IdeationConfig, PersonaEnrichmentInput, Persona } from '../../shared/types';
/**
* Main AgentManager - orchestrates agent process lifecycle
@@ -87,14 +88,14 @@ export class AgentManager extends EventEmitter {
/**
* Start spec creation process
*/
- startSpecCreation(
+ async startSpecCreation(
taskId: string,
projectPath: string,
taskDescription: string,
specDir?: string,
metadata?: SpecCreationMetadata,
baseBranch?: string
- ): void {
+ ): Promise {
// Pre-flight auth check: Verify active profile has valid authentication
const profileManager = getClaudeProfileManager();
if (!profileManager.hasValidAuth()) {
@@ -152,22 +153,27 @@ export class AgentManager extends EventEmitter {
}
}
+ // Workspace mode: --direct skips worktree isolation (default is isolated for safety)
+ if (metadata?.useWorktree === false) {
+ args.push('--direct');
+ }
+
// Store context for potential restart
this.storeTaskContext(taskId, projectPath, '', {}, true, taskDescription, specDir, metadata, baseBranch);
// Note: This is spec-creation but it chains to task-execution via run.py
- this.processManager.spawnProcess(taskId, autoBuildSource, args, combinedEnv, 'task-execution');
+ await this.processManager.spawnProcess(taskId, autoBuildSource, args, combinedEnv, 'task-execution');
}
/**
* Start task execution (run.py)
*/
- startTaskExecution(
+ async startTaskExecution(
taskId: string,
projectPath: string,
specId: string,
options: TaskExecutionOptions = {}
- ): void {
+ ): Promise {
// Pre-flight auth check: Verify active profile has valid authentication
const profileManager = getClaudeProfileManager();
if (!profileManager.hasValidAuth()) {
@@ -200,6 +206,11 @@ export class AgentManager extends EventEmitter {
// Force: When user starts a task from the UI, that IS their approval
args.push('--force');
+ // Workspace mode: --direct skips worktree isolation (default is isolated for safety)
+ if (options.useWorktree === false) {
+ args.push('--direct');
+ }
+
// Pass base branch if specified (ensures worktrees are created from the correct branch)
if (options.baseBranch) {
args.push('--base-branch', options.baseBranch);
@@ -213,17 +224,17 @@ export class AgentManager extends EventEmitter {
// Store context for potential restart
this.storeTaskContext(taskId, projectPath, specId, options, false);
- this.processManager.spawnProcess(taskId, autoBuildSource, args, combinedEnv, 'task-execution');
+ await this.processManager.spawnProcess(taskId, autoBuildSource, args, combinedEnv, 'task-execution');
}
/**
* Start QA process
*/
- startQAProcess(
+ async startQAProcess(
taskId: string,
projectPath: string,
specId: string
- ): void {
+ ): Promise {
const autoBuildSource = this.processManager.getAutoBuildSourcePath();
if (!autoBuildSource) {
@@ -243,7 +254,7 @@ export class AgentManager extends EventEmitter {
const args = [runPath, '--spec', specId, '--project-dir', projectPath, '--qa'];
- this.processManager.spawnProcess(taskId, autoBuildSource, args, combinedEnv, 'qa-process');
+ await this.processManager.spawnProcess(taskId, autoBuildSource, args, combinedEnv, 'qa-process');
}
/**
@@ -255,9 +266,11 @@ export class AgentManager extends EventEmitter {
refresh: boolean = false,
enableCompetitorAnalysis: boolean = false,
refreshCompetitorAnalysis: boolean = false,
- config?: RoadmapConfig
+ config?: RoadmapConfig,
+ enablePersonaGeneration: boolean = false,
+ refreshPersonas: boolean = false
): void {
- this.queueManager.startRoadmapGeneration(projectId, projectPath, refresh, enableCompetitorAnalysis, refreshCompetitorAnalysis, config);
+ this.queueManager.startRoadmapGeneration(projectId, projectPath, refresh, enableCompetitorAnalysis, refreshCompetitorAnalysis, config, enablePersonaGeneration, refreshPersonas);
}
/**
@@ -307,6 +320,57 @@ export class AgentManager extends EventEmitter {
return this.queueManager.isRoadmapRunning(projectId);
}
+ /**
+ * Start persona generation process
+ */
+ startPersonaGeneration(
+ projectId: string,
+ projectPath: string,
+ refresh: boolean = false,
+ config?: PersonaConfig
+ ): void {
+ this.queueManager.startPersonaGeneration(projectId, projectPath, refresh, config);
+ }
+
+ /**
+ * Stop persona generation for a project
+ */
+ stopPersonas(projectId: string): boolean {
+ return this.queueManager.stopPersonas(projectId);
+ }
+
+ /**
+ * Check if persona generation is running for a project
+ */
+ isPersonaRunning(projectId: string): boolean {
+ return this.queueManager.isPersonaRunning(projectId);
+ }
+
+ /**
+ * Start persona enrichment for a new persona (AI-assisted creation)
+ */
+ startPersonaEnrichment(
+ projectId: string,
+ projectPath: string,
+ input: PersonaEnrichmentInput,
+ config?: PersonaConfig
+ ): void {
+ this.queueManager.startPersonaEnrichment(projectId, projectPath, input, config);
+ }
+
+ /**
+ * Start persona enrichment for an existing persona
+ */
+ startPersonaEnrichmentExisting(
+ projectId: string,
+ projectPath: string,
+ personaId: string,
+ persona: Persona,
+ config?: PersonaConfig
+ ): void {
+ this.queueManager.startPersonaEnrichmentExisting(projectId, projectPath, personaId, persona, config);
+ }
+
/**
* Kill all running processes
*/
diff --git a/apps/frontend/src/main/agent/agent-process.test.ts b/apps/frontend/src/main/agent/agent-process.test.ts
new file mode 100644
index 0000000000..c06b8f6824
--- /dev/null
+++ b/apps/frontend/src/main/agent/agent-process.test.ts
@@ -0,0 +1,494 @@
+/**
+ * Integration tests for AgentProcessManager
+ * Tests API profile environment variable injection into spawnProcess
+ *
+ * Story 2.3: Env Var Injection - AC1, AC2, AC3, AC4
+ */
+
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { EventEmitter } from 'events';
+
+// Create a mock process object that will be returned by spawn
+function createMockProcess() {
+ return {
+ stdout: { on: vi.fn() },
+ stderr: { on: vi.fn() },
+ on: vi.fn((event: string, callback: any) => {
+ if (event === 'exit') {
+ // Simulate immediate exit with code 0
+ setTimeout(() => callback(0), 10);
+ }
+ }),
+ kill: vi.fn()
+ };
+}
+
+// Mock child_process - must be BEFORE imports of modules that use it
+const spawnCalls: Array<{ command: string; args: string[]; options: { env: Record; cwd?: string; [key: string]: unknown } }> = [];
+
+vi.mock('child_process', async (importOriginal) => {
+ const actual = await importOriginal();
+ const mockSpawn = vi.fn((command: string, args: string[], options: { env: Record; cwd?: string; [key: string]: unknown }) => {
+ // Record the call for test assertions
+ spawnCalls.push({ command, args, options });
+ return createMockProcess();
+ });
+
+ return {
+ ...actual,
+ spawn: mockSpawn,
+ execSync: vi.fn((command: string) => {
+ if (command.includes('git')) {
+ return '/fake/path';
+ }
+ return '';
+ })
+ };
+});
+
+// Mock project-initializer to avoid child_process.execSync issues
+vi.mock('../project-initializer', () => ({
+ getAutoBuildPath: vi.fn(() => '/fake/auto-build'),
+ isInitialized: vi.fn(() => true),
+ initializeProject: vi.fn(),
+ getProjectStorePath: vi.fn(() => '/fake/store/path')
+}));
+
+// Mock project-store BEFORE agent-process imports it
+vi.mock('../project-store', () => ({
+ projectStore: {
+ getProject: vi.fn(),
+ listProjects: vi.fn(),
+ createProject: vi.fn(),
+ updateProject: vi.fn(),
+ deleteProject: vi.fn(),
+ getProjectSettings: vi.fn(),
+ updateProjectSettings: vi.fn()
+ }
+}));
+
+// Mock claude-profile-manager
+vi.mock('../claude-profile-manager', () => ({
+ getClaudeProfileManager: vi.fn(() => ({
+ getProfilePath: vi.fn(() => '/fake/profile/path'),
+ ensureProfileDir: vi.fn(),
+ readProfile: vi.fn(),
+ writeProfile: vi.fn(),
+ deleteProfile: vi.fn()
+ }))
+}));
+
+// Mock dependencies
+vi.mock('../services/profile', () => ({
+ getAPIProfileEnv: vi.fn()
+}));
+
+vi.mock('../rate-limit-detector', () => ({
+ getProfileEnv: vi.fn(() => ({})),
+ detectRateLimit: vi.fn(() => ({ isRateLimited: false })),
+ createSDKRateLimitInfo: vi.fn(),
+ detectAuthFailure: vi.fn(() => ({ isAuthFailure: false }))
+}));
+
+vi.mock('../python-detector', () => ({
+ findPythonCommand: vi.fn(() => 'python'),
+ parsePythonCommand: vi.fn(() => ['python', []])
+}));
+
+vi.mock('electron', () => ({
+ app: {
+ getAppPath: vi.fn(() => '/fake/app/path')
+ }
+}));
+
+// Import AFTER all mocks are set up
+import { AgentProcessManager } from './agent-process';
+import { AgentState } from './agent-state';
+import { AgentEvents } from './agent-events';
+import * as profileService from '../services/profile';
+import * as rateLimitDetector from '../rate-limit-detector';
+
+describe('AgentProcessManager - API Profile Env Injection (Story 2.3)', () => {
+ let processManager: AgentProcessManager;
+ let state: AgentState;
+ let events: AgentEvents;
+ let emitter: EventEmitter;
+
+ beforeEach(() => {
+ // Reset all mocks and spawn calls
+ vi.clearAllMocks();
+ spawnCalls.length = 0;
+
+ // Clear environment variables that could interfere with tests
+ delete process.env.ANTHROPIC_AUTH_TOKEN;
+ delete process.env.ANTHROPIC_BASE_URL;
+ delete process.env.CLAUDE_CODE_OAUTH_TOKEN;
+
+ // Initialize components
+ state = new AgentState();
+ events = new AgentEvents();
+ emitter = new EventEmitter();
+ processManager = new AgentProcessManager(state, events, emitter);
+ });
+
+ afterEach(() => {
+ processManager.killAllProcesses();
+ });
+
+ describe('AC1: API Profile Env Var Injection', () => {
+ it('should inject ANTHROPIC_BASE_URL when active profile has baseUrl', async () => {
+ const mockApiProfileEnv = {
+ ANTHROPIC_BASE_URL: 'https://custom.api.com',
+ ANTHROPIC_AUTH_TOKEN: 'sk-test-key'
+ };
+
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue(mockApiProfileEnv);
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ expect(spawnCalls).toHaveLength(1);
+ expect(spawnCalls[0].command).toBe('python');
+ expect(spawnCalls[0].args).toContain('run.py');
+ expect(spawnCalls[0].options.env).toMatchObject({
+ ANTHROPIC_BASE_URL: 'https://custom.api.com',
+ ANTHROPIC_AUTH_TOKEN: 'sk-test-key'
+ });
+ });
+
+ it('should inject ANTHROPIC_AUTH_TOKEN when active profile has apiKey', async () => {
+ const mockApiProfileEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-custom-key-12345678'
+ };
+
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue(mockApiProfileEnv);
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ expect(spawnCalls).toHaveLength(1);
+ expect(spawnCalls[0].options.env.ANTHROPIC_AUTH_TOKEN).toBe('sk-custom-key-12345678');
+ });
+
+ it('should inject model env vars when active profile has models configured', async () => {
+ const mockApiProfileEnv = {
+ ANTHROPIC_MODEL: 'claude-3-5-sonnet-20241022',
+ ANTHROPIC_DEFAULT_HAIKU_MODEL: 'claude-3-5-haiku-20241022',
+ ANTHROPIC_DEFAULT_SONNET_MODEL: 'claude-3-5-sonnet-20241022',
+ ANTHROPIC_DEFAULT_OPUS_MODEL: 'claude-3-5-opus-20241022'
+ };
+
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue(mockApiProfileEnv);
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ expect(spawnCalls).toHaveLength(1);
+ expect(spawnCalls[0].options.env).toMatchObject({
+ ANTHROPIC_MODEL: 'claude-3-5-sonnet-20241022',
+ ANTHROPIC_DEFAULT_HAIKU_MODEL: 'claude-3-5-haiku-20241022',
+ ANTHROPIC_DEFAULT_SONNET_MODEL: 'claude-3-5-sonnet-20241022',
+ ANTHROPIC_DEFAULT_OPUS_MODEL: 'claude-3-5-opus-20241022'
+ });
+ });
+
+ it('should give API profile env vars highest precedence over extraEnv', async () => {
+ const extraEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-extra-token',
+ ANTHROPIC_BASE_URL: 'https://extra.com'
+ };
+
+ const mockApiProfileEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-profile-token',
+ ANTHROPIC_BASE_URL: 'https://profile.com'
+ };
+
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue(mockApiProfileEnv);
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], extraEnv, 'task-execution');
+
+ expect(spawnCalls).toHaveLength(1);
+ // API profile should override extraEnv
+ expect(spawnCalls[0].options.env.ANTHROPIC_AUTH_TOKEN).toBe('sk-profile-token');
+ expect(spawnCalls[0].options.env.ANTHROPIC_BASE_URL).toBe('https://profile.com');
+ });
+ });
+
+ describe('AC2: OAuth Mode (No Active Profile)', () => {
+ let originalEnv: NodeJS.ProcessEnv;
+
+ beforeEach(() => {
+ // Save original environment before each test
+ originalEnv = { ...process.env };
+ });
+
+ afterEach(() => {
+ // Restore original environment after each test
+ process.env = originalEnv;
+ });
+
+ it('should NOT set ANTHROPIC_AUTH_TOKEN when no active profile (OAuth mode)', async () => {
+ // Return empty object = OAuth mode
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue({});
+
+ // Set OAuth token via getProfileEnv (existing flow)
+ vi.mocked(rateLimitDetector.getProfileEnv).mockReturnValue({
+ CLAUDE_CODE_OAUTH_TOKEN: 'oauth-token-123'
+ });
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ expect(spawnCalls).toHaveLength(1);
+ const envArg = spawnCalls[0].options.env as Record;
+ expect(envArg.CLAUDE_CODE_OAUTH_TOKEN).toBe('oauth-token-123');
+ // OAuth mode clears ANTHROPIC_AUTH_TOKEN with empty string (not undefined)
+ expect(envArg.ANTHROPIC_AUTH_TOKEN).toBe('');
+ });
+
+ it('should return empty object from getAPIProfileEnv when activeProfileId is null', async () => {
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue({});
+
+ const result = await profileService.getAPIProfileEnv();
+ expect(result).toEqual({});
+ });
+
+ it('should clear stale ANTHROPIC_AUTH_TOKEN from process.env when switching to OAuth mode', async () => {
+ // Simulate process.env having stale ANTHROPIC_* vars from previous session
+ process.env = {
+ ...originalEnv,
+ ANTHROPIC_AUTH_TOKEN: 'stale-token-from-env',
+ ANTHROPIC_BASE_URL: 'https://stale.example.com'
+ };
+
+ // OAuth mode - no active API profile
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue({});
+
+ // Set OAuth token
+ vi.mocked(rateLimitDetector.getProfileEnv).mockReturnValue({
+ CLAUDE_CODE_OAUTH_TOKEN: 'oauth-token-456'
+ });
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ const envArg = spawnCalls[0].options.env as Record;
+
+ // OAuth token should be present
+ expect(envArg.CLAUDE_CODE_OAUTH_TOKEN).toBe('oauth-token-456');
+
+ // Stale ANTHROPIC_* vars should be cleared (empty string overrides process.env)
+ expect(envArg.ANTHROPIC_AUTH_TOKEN).toBe('');
+ expect(envArg.ANTHROPIC_BASE_URL).toBe('');
+ });
+
+ it('should clear stale ANTHROPIC_BASE_URL when switching to OAuth mode', async () => {
+ process.env = {
+ ...originalEnv,
+ ANTHROPIC_BASE_URL: 'https://old-custom-endpoint.com'
+ };
+
+ // OAuth mode
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue({});
+ vi.mocked(rateLimitDetector.getProfileEnv).mockReturnValue({
+ CLAUDE_CODE_OAUTH_TOKEN: 'oauth-token-789'
+ });
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ const envArg = spawnCalls[0].options.env as Record;
+
+ // Should clear the base URL (so Python uses default api.anthropic.com)
+ expect(envArg.ANTHROPIC_BASE_URL).toBe('');
+ expect(envArg.CLAUDE_CODE_OAUTH_TOKEN).toBe('oauth-token-789');
+ });
+
+ it('should NOT clear ANTHROPIC_* vars when API Profile is active', async () => {
+ process.env = {
+ ...originalEnv,
+ ANTHROPIC_AUTH_TOKEN: 'old-token-in-env'
+ };
+
+ // API Profile mode - active profile
+ const mockApiProfileEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-profile-active',
+ ANTHROPIC_BASE_URL: 'https://active-profile.com'
+ };
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue(mockApiProfileEnv);
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ const envArg = spawnCalls[0].options.env as Record;
+
+ // Should use API profile vars, NOT clear them
+ expect(envArg.ANTHROPIC_AUTH_TOKEN).toBe('sk-profile-active');
+ expect(envArg.ANTHROPIC_BASE_URL).toBe('https://active-profile.com');
+ });
+ });
+
+ describe('AC4: No API Key Logging', () => {
+ it('should never log full API keys in spawn env vars', async () => {
+ const mockApiProfileEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-sensitive-api-key-12345678',
+ ANTHROPIC_BASE_URL: 'https://api.example.com'
+ };
+
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue(mockApiProfileEnv);
+
+ // Mock ALL console methods to capture any debug/error output
+ const consoleLogSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
+ const consoleErrorSpy = vi.spyOn(console, 'error').mockImplementation(() => {});
+ const consoleWarnSpy = vi.spyOn(console, 'warn').mockImplementation(() => {});
+ const consoleDebugSpy = vi.spyOn(console, 'debug').mockImplementation(() => {});
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ // Get the env object passed to spawn
+ const envArg = spawnCalls[0].options.env as Record;
+
+ // Verify the full API key is in the env (for Python subprocess)
+ expect(envArg.ANTHROPIC_AUTH_TOKEN).toBe('sk-sensitive-api-key-12345678');
+
+ // Collect ALL console output from all methods
+ const allLogCalls = [
+ ...consoleLogSpy.mock.calls,
+ ...consoleErrorSpy.mock.calls,
+ ...consoleWarnSpy.mock.calls,
+ ...consoleDebugSpy.mock.calls
+ ].flatMap(call => call.map(String));
+ const logString = JSON.stringify(allLogCalls);
+
+ // The full API key should NOT appear in any logs (AC4 compliance)
+ expect(logString).not.toContain('sk-sensitive-api-key-12345678');
+
+ // Restore all spies
+ consoleLogSpy.mockRestore();
+ consoleErrorSpy.mockRestore();
+ consoleWarnSpy.mockRestore();
+ consoleDebugSpy.mockRestore();
+ });
+
+ it('should not log API key even in error scenarios', async () => {
+ const mockApiProfileEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-secret-key-for-error-test',
+ ANTHROPIC_BASE_URL: 'https://api.example.com'
+ };
+
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue(mockApiProfileEnv);
+
+ // Mock console methods
+ const consoleErrorSpy = vi.spyOn(console, 'error').mockImplementation(() => {});
+ const consoleLogSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ // Collect all error and log output
+ const allOutput = [
+ ...consoleErrorSpy.mock.calls,
+ ...consoleLogSpy.mock.calls
+ ].flatMap(call => call.map(arg => typeof arg === 'object' ? JSON.stringify(arg) : String(arg)));
+ const outputString = allOutput.join(' ');
+
+ // Verify API key is never exposed in logs
+ expect(outputString).not.toContain('sk-secret-key-for-error-test');
+
+ consoleErrorSpy.mockRestore();
+ consoleLogSpy.mockRestore();
+ });
+ });
+
+ describe('AC3: Profile Switching Between Builds', () => {
+ it('should allow different profiles for different spawn calls', async () => {
+ // First spawn with Profile A
+ const profileAEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-profile-a',
+ ANTHROPIC_BASE_URL: 'https://api-a.com'
+ };
+
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValueOnce(profileAEnv);
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ const firstEnv = spawnCalls[0].options.env as Record;
+ expect(firstEnv.ANTHROPIC_AUTH_TOKEN).toBe('sk-profile-a');
+
+ // Second spawn with Profile B (user switched active profile)
+ const profileBEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-profile-b',
+ ANTHROPIC_BASE_URL: 'https://api-b.com'
+ };
+
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValueOnce(profileBEnv);
+
+ await processManager.spawnProcess('task-2', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ const secondEnv = spawnCalls[1].options.env as Record;
+ expect(secondEnv.ANTHROPIC_AUTH_TOKEN).toBe('sk-profile-b');
+
+ // Verify first spawn's env is NOT affected by second spawn
+ expect(firstEnv.ANTHROPIC_AUTH_TOKEN).toBe('sk-profile-a');
+ });
+ });
+
+ describe('Integration: Combined env precedence', () => {
+ it('should merge env vars in correct precedence order', async () => {
+ const extraEnv = {
+ CUSTOM_VAR: 'from-extra'
+ };
+
+ const profileEnv = {
+ CLAUDE_CONFIG_DIR: '/custom/config'
+ };
+
+ const apiProfileEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-api-profile',
+ ANTHROPIC_BASE_URL: 'https://api-profile.com'
+ };
+
+ vi.mocked(rateLimitDetector.getProfileEnv).mockReturnValue(profileEnv);
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue(apiProfileEnv);
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], extraEnv, 'task-execution');
+
+ const envArg = spawnCalls[0].options.env as Record;
+
+ // Verify all sources are included
+ expect(envArg.CUSTOM_VAR).toBe('from-extra'); // From extraEnv
+ expect(envArg.CLAUDE_CONFIG_DIR).toBe('/custom/config'); // From profileEnv
+ expect(envArg.ANTHROPIC_AUTH_TOKEN).toBe('sk-api-profile'); // From apiProfileEnv (highest for ANTHROPIC_*)
+
+ // Verify standard Python env vars
+ expect(envArg.PYTHONUNBUFFERED).toBe('1');
+ expect(envArg.PYTHONIOENCODING).toBe('utf-8');
+ expect(envArg.PYTHONUTF8).toBe('1');
+ });
+
+ it('should call getOAuthModeClearVars and apply clearing when in OAuth mode', async () => {
+ // OAuth mode - empty API profile
+ vi.mocked(profileService.getAPIProfileEnv).mockResolvedValue({});
+
+ await processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution');
+
+ const envArg = spawnCalls[0].options.env as Record;
+
+ // Verify clearing vars are applied (empty strings for ANTHROPIC_* vars)
+ expect(envArg.ANTHROPIC_AUTH_TOKEN).toBe('');
+ expect(envArg.ANTHROPIC_BASE_URL).toBe('');
+ expect(envArg.ANTHROPIC_MODEL).toBe('');
+ expect(envArg.ANTHROPIC_DEFAULT_HAIKU_MODEL).toBe('');
+ expect(envArg.ANTHROPIC_DEFAULT_SONNET_MODEL).toBe('');
+ expect(envArg.ANTHROPIC_DEFAULT_OPUS_MODEL).toBe('');
+ });
+
+ it('should handle getAPIProfileEnv errors gracefully', async () => {
+ // Simulate service error
+ vi.mocked(profileService.getAPIProfileEnv).mockRejectedValue(new Error('Service unavailable'));
+
+ // Should not throw - should fall back to OAuth mode
+ await expect(
+ processManager.spawnProcess('task-1', '/fake/cwd', ['run.py'], {}, 'task-execution')
+ ).resolves.not.toThrow();
+
+ const envArg = spawnCalls[0].options.env as Record;
+
+ // Should have clearing vars (falls back to OAuth mode on error)
+ expect(envArg.ANTHROPIC_AUTH_TOKEN).toBe('');
+ expect(envArg.ANTHROPIC_BASE_URL).toBe('');
+ });
+ });
+});
diff --git a/apps/frontend/src/main/agent/agent-process.ts b/apps/frontend/src/main/agent/agent-process.ts
index ef045555c0..03010bf959 100644
--- a/apps/frontend/src/main/agent/agent-process.ts
+++ b/apps/frontend/src/main/agent/agent-process.ts
@@ -7,6 +7,7 @@ import { AgentState } from './agent-state';
import { AgentEvents } from './agent-events';
import { ProcessType, ExecutionProgressData } from './types';
import { detectRateLimit, createSDKRateLimitInfo, getProfileEnv, detectAuthFailure } from '../rate-limit-detector';
+import { getAPIProfileEnv } from '../services/profile';
import { projectStore } from '../project-store';
import { getClaudeProfileManager } from '../claude-profile-manager';
import { parsePythonCommand, validatePythonPath } from '../python-detector';
@@ -14,6 +15,64 @@ import { pythonEnvManager, getConfiguredPythonPath } from '../python-env-manager
import { buildMemoryEnvVars } from '../memory-env-builder';
import { readSettingsFile } from '../settings-utils';
import type { AppSettings } from '../../shared/types/settings';
+import { getOAuthModeClearVars } from './env-utils';
+import { getAugmentedEnv } from '../env-utils';
+import { getToolInfo } from '../cli-tool-manager';
+
+
+function deriveGitBashPath(gitExePath: string): string | null {
+ if (process.platform !== 'win32') {
+ return null;
+ }
+
+ try {
+ const gitDir = path.dirname(gitExePath); // e.g., D:\...\Git\mingw64\bin
+ const gitDirName = path.basename(gitDir).toLowerCase();
+
+ // Find Git installation root
+ let gitRoot: string;
+
+ if (gitDirName === 'cmd') {
+ // .../Git/cmd/git.exe -> .../Git
+ gitRoot = path.dirname(gitDir);
+ } else if (gitDirName === 'bin') {
+ // Could be .../Git/bin/git.exe OR .../Git/mingw64/bin/git.exe
+ const parent = path.dirname(gitDir);
+ const parentName = path.basename(parent).toLowerCase();
+ if (parentName === 'mingw64' || parentName === 'mingw32') {
+ // .../Git/mingw64/bin/git.exe -> .../Git
+ gitRoot = path.dirname(parent);
+ } else {
+ // .../Git/bin/git.exe -> .../Git
+ gitRoot = parent;
+ }
+ } else {
+ // Unknown structure - try to find 'bin' sibling
+ gitRoot = path.dirname(gitDir);
+ }
+
+ // Bash.exe is in Git/bin/bash.exe
+ const bashPath = path.join(gitRoot, 'bin', 'bash.exe');
+
+ if (existsSync(bashPath)) {
+ console.log('[AgentProcess] Derived git-bash path:', bashPath);
+ return bashPath;
+ }
+
+ // Fallback: check one level up if gitRoot didn't work
+ const altBashPath = path.join(path.dirname(gitRoot), 'bin', 'bash.exe');
+ if (existsSync(altBashPath)) {
+ console.log('[AgentProcess] Found git-bash at alternate path:', altBashPath);
+ return altBashPath;
+ }
+
+ console.warn('[AgentProcess] Could not find bash.exe from git path:', gitExePath);
+ return null;
+ } catch (error) {
+ console.error('[AgentProcess] Error deriving git-bash path:', error);
+ return null;
+ }
+}
/**
* Process spawning and lifecycle management
@@ -53,8 +112,31 @@ export class AgentProcessManager {
extraEnv: Record
): NodeJS.ProcessEnv {
const profileEnv = getProfileEnv();
+ // Use getAugmentedEnv() to ensure common tool paths (dotnet, homebrew, etc.)
+ // are available even when app is launched from Finder/Dock
+ const augmentedEnv = getAugmentedEnv();
+
+ // On Windows, detect and pass git-bash path for Claude Code CLI
+ // Electron can detect git via where.exe, but Python subprocess may not have the same PATH
+ const gitBashEnv: Record = {};
+ if (process.platform === 'win32' && !process.env.CLAUDE_CODE_GIT_BASH_PATH) {
+ try {
+ const gitInfo = getToolInfo('git');
+ if (gitInfo.found && gitInfo.path) {
+ const bashPath = deriveGitBashPath(gitInfo.path);
+ if (bashPath) {
+ gitBashEnv['CLAUDE_CODE_GIT_BASH_PATH'] = bashPath;
+ console.log('[AgentProcess] Setting CLAUDE_CODE_GIT_BASH_PATH:', bashPath);
+ }
+ }
+ } catch (error) {
+ console.warn('[AgentProcess] Failed to detect git-bash path:', error);
+ }
+ }
+
return {
- ...process.env,
+ ...augmentedEnv,
+ ...gitBashEnv,
...extraEnv,
...profileEnv,
PYTHONUNBUFFERED: '1',
@@ -195,6 +277,8 @@ export class AgentProcessManager {
// Auto-detect from app location (configured path was invalid or not set)
const possiblePaths = [
+ // Packaged app: backend is in extraResources (process.resourcesPath/backend)
+ ...(app.isPackaged ? [path.join(process.resourcesPath, 'backend')] : []),
// Dev mode: from dist/main -> ../../backend (apps/frontend/out/main -> apps/backend)
path.resolve(__dirname, '..', '..', '..', 'backend'),
// Alternative: from app root -> apps/backend
@@ -238,19 +322,10 @@ export class AgentProcessManager {
}
/**
- * Load environment variables from project's .auto-claude/.env file
- * This contains frontend-configured settings like memory/Graphiti configuration
+ * Parse environment variables from a .env file content.
+ * Filters out empty values to prevent overriding valid tokens from profiles.
*/
- private loadProjectEnv(projectPath: string): Record {
- // Find project by path to get autoBuildPath
- const projects = projectStore.getProjects();
- const project = projects.find((p) => p.path === projectPath);
-
- if (!project?.autoBuildPath) {
- return {};
- }
-
- const envPath = path.join(projectPath, project.autoBuildPath, '.env');
+ private parseEnvFile(envPath: string): Record {
if (!existsSync(envPath)) {
return {};
}
@@ -274,11 +349,14 @@ export class AgentProcessManager {
// Remove quotes if present
if ((value.startsWith('"') && value.endsWith('"')) ||
- (value.startsWith("'") && value.endsWith("'"))) {
+ (value.startsWith("'") && value.endsWith("'"))) {
value = value.slice(1, -1);
}
- envVars[key] = value;
+ // Skip empty values to prevent overriding valid values from other sources
+ if (value) {
+ envVars[key] = value;
+ }
}
}
@@ -288,6 +366,23 @@ export class AgentProcessManager {
}
}
+ /**
+ * Load environment variables from project's .auto-claude/.env file
+ * This contains frontend-configured settings like memory/Graphiti configuration
+ */
+ private loadProjectEnv(projectPath: string): Record {
+ // Find project by path to get autoBuildPath
+ const projects = projectStore.getProjects();
+ const project = projects.find((p) => p.path === projectPath);
+
+ if (!project?.autoBuildPath) {
+ return {};
+ }
+
+ const envPath = path.join(projectPath, project.autoBuildPath, '.env');
+ return this.parseEnvFile(envPath);
+ }
+
/**
* Load environment variables from auto-claude .env file
*/
@@ -298,50 +393,19 @@ export class AgentProcessManager {
}
const envPath = path.join(autoBuildSource, '.env');
- if (!existsSync(envPath)) {
- return {};
- }
-
- try {
- const envContent = readFileSync(envPath, 'utf-8');
- const envVars: Record = {};
-
- // Handle both Unix (\n) and Windows (\r\n) line endings
- for (const line of envContent.split(/\r?\n/)) {
- const trimmed = line.trim();
- // Skip comments and empty lines
- if (!trimmed || trimmed.startsWith('#')) {
- continue;
- }
-
- const eqIndex = trimmed.indexOf('=');
- if (eqIndex > 0) {
- const key = trimmed.substring(0, eqIndex).trim();
- let value = trimmed.substring(eqIndex + 1).trim();
-
- // Remove quotes if present
- if ((value.startsWith('"') && value.endsWith('"')) ||
- (value.startsWith("'") && value.endsWith("'"))) {
- value = value.slice(1, -1);
- }
-
- envVars[key] = value;
- }
- }
-
- return envVars;
- } catch {
- return {};
- }
+ return this.parseEnvFile(envPath);
}
- spawnProcess(
+ /**
+ * Spawn a Python process for task execution
+ */
+ async spawnProcess(
taskId: string,
cwd: string,
args: string[],
extraEnv: Record = {},
processType: ProcessType = 'task-execution'
- ): void {
+ ): Promise {
const isSpecRunner = processType === 'spec-creation';
this.killProcess(taskId);
@@ -351,13 +415,27 @@ export class AgentProcessManager {
// Get Python environment (PYTHONPATH for bundled packages, etc.)
const pythonEnv = pythonEnvManager.getPythonEnv();
- // Parse Python command to handle space-separated commands like "py -3"
+ // Get active API profile environment variables
+ let apiProfileEnv: Record = {};
+ try {
+ apiProfileEnv = await getAPIProfileEnv();
+ } catch (error) {
+ console.error('[Agent Process] Failed to get API profile env:', error);
+ // Continue with empty profile env (falls back to OAuth mode)
+ }
+
+ // Get OAuth mode clearing vars (clears stale ANTHROPIC_* vars when in OAuth mode)
+ const oauthModeClearVars = getOAuthModeClearVars(apiProfileEnv);
+
+ // Parse Python commandto handle space-separated commands like "py -3"
const [pythonCommand, pythonBaseArgs] = parsePythonCommand(this.getPythonPath());
const childProcess = spawn(pythonCommand, [...pythonBaseArgs, ...args], {
cwd,
env: {
...env, // Already includes process.env, extraEnv, profileEnv, PYTHONUNBUFFERED, PYTHONUTF8
- ...pythonEnv // Include Python environment (PYTHONPATH for bundled packages)
+ ...pythonEnv, // Include Python environment (PYTHONPATH for bundled packages)
+ ...oauthModeClearVars, // Clear stale ANTHROPIC_* vars when in OAuth mode
+ ...apiProfileEnv // Include active API profile config (highest priority for ANTHROPIC_* vars)
}
});
diff --git a/apps/frontend/src/main/agent/agent-queue.ts b/apps/frontend/src/main/agent/agent-queue.ts
index 913290b35c..ccea07d898 100644
--- a/apps/frontend/src/main/agent/agent-queue.ts
+++ b/apps/frontend/src/main/agent/agent-queue.ts
@@ -5,10 +5,11 @@ import { EventEmitter } from 'events';
import { AgentState } from './agent-state';
import { AgentEvents } from './agent-events';
import { AgentProcessManager } from './agent-process';
-import { RoadmapConfig } from './types';
-import type { IdeationConfig, Idea } from '../../shared/types';
-import { MODEL_ID_MAP } from '../../shared/constants';
+import { RoadmapConfig, PersonaConfig } from './types';
+import type { IdeationConfig, Idea, PersonasConfig, PersonaEnrichmentInput, Persona } from '../../shared/types';
import { detectRateLimit, createSDKRateLimitInfo, getProfileEnv } from '../rate-limit-detector';
+import { getAPIProfileEnv } from '../services/profile';
+import { getOAuthModeClearVars } from './env-utils';
import { debugLog, debugError } from '../../shared/utils/debug-logger';
import { parsePythonCommand } from '../python-detector';
import { pythonEnvManager } from '../python-env-manager';
@@ -37,27 +38,67 @@ export class AgentQueueManager {
this.emitter = emitter;
}
+ /**
+ * Ensure Python environment is ready before spawning processes.
+ * Prevents the race condition where generation starts before dependencies are installed,
+ * which would cause it to fall back to system Python and fail with ModuleNotFoundError.
+ *
+ * @param projectId - The project ID for error event emission
+ * @param eventType - The error event type to emit on failure
+ * @returns true if environment is ready, false if initialization failed (error already emitted)
+ */
+ private async ensurePythonEnvReady(
+ projectId: string,
+ eventType: 'ideation-error' | 'roadmap-error' | 'persona-error'
+ ): Promise {
+ const autoBuildSource = this.processManager.getAutoBuildSourcePath();
+
+ if (!pythonEnvManager.isEnvReady()) {
+ debugLog('[Agent Queue] Python environment not ready, waiting for initialization...');
+ if (autoBuildSource) {
+ const status = await pythonEnvManager.initialize(autoBuildSource);
+ if (!status.ready) {
+ debugError('[Agent Queue] Python environment initialization failed:', status.error);
+ this.emitter.emit(eventType, projectId, `Python environment not ready: ${status.error || 'initialization failed'}`);
+ return false;
+ }
+ debugLog('[Agent Queue] Python environment now ready');
+ } else {
+ debugError('[Agent Queue] Cannot initialize Python - auto-build source not found');
+ this.emitter.emit(eventType, projectId, 'Python environment not ready: auto-build source not found');
+ return false;
+ }
+ }
+ return true;
+ }
+
/**
* Start roadmap generation process
*
* @param refreshCompetitorAnalysis - Force refresh competitor analysis even if it exists.
* This allows refreshing competitor data independently of the general roadmap refresh.
* Use when user explicitly wants new competitor research.
+ * @param enablePersonaGeneration - Generate user personas as part of roadmap generation
+ * @param refreshPersonas - Force regenerate personas even if they exist
*/
- startRoadmapGeneration(
+ async startRoadmapGeneration(
projectId: string,
projectPath: string,
refresh: boolean = false,
enableCompetitorAnalysis: boolean = false,
refreshCompetitorAnalysis: boolean = false,
- config?: RoadmapConfig
- ): void {
+ config?: RoadmapConfig,
+ enablePersonaGeneration: boolean = false,
+ refreshPersonas: boolean = false
+ ): Promise {
debugLog('[Agent Queue] Starting roadmap generation:', {
projectId,
projectPath,
refresh,
enableCompetitorAnalysis,
refreshCompetitorAnalysis,
+ enablePersonaGeneration,
+ refreshPersonas,
config
});
@@ -93,10 +134,19 @@ export class AgentQueueManager {
args.push('--refresh-competitor-analysis');
}
+ // Add persona generation flags
+ if (enablePersonaGeneration) {
+ args.push('--persona-generation');
+ }
+
+ if (refreshPersonas) {
+ args.push('--refresh-personas');
+ }
+
// Add model and thinking level from config
+ // Pass shorthand (opus/sonnet/haiku) - backend resolves using API profile env vars
if (config?.model) {
- const modelId = MODEL_ID_MAP[config.model] || MODEL_ID_MAP['opus'];
- args.push('--model', modelId);
+ args.push('--model', config.model);
}
if (config?.thinkingLevel) {
args.push('--thinking-level', config.thinkingLevel);
@@ -105,18 +155,18 @@ export class AgentQueueManager {
debugLog('[Agent Queue] Spawning roadmap process with args:', args);
// Use projectId as taskId for roadmap operations
- this.spawnRoadmapProcess(projectId, projectPath, args);
+ await this.spawnRoadmapProcess(projectId, projectPath, args);
}
/**
* Start ideation generation process
*/
- startIdeationGeneration(
+ async startIdeationGeneration(
projectId: string,
projectPath: string,
config: IdeationConfig,
refresh: boolean = false
- ): void {
+ ): Promise {
debugLog('[Agent Queue] Starting ideation generation:', {
projectId,
projectPath,
@@ -170,9 +220,9 @@ export class AgentQueueManager {
}
// Add model and thinking level from config
+ // Pass shorthand (opus/sonnet/haiku) - backend resolves using API profile env vars
if (config.model) {
- const modelId = MODEL_ID_MAP[config.model] || MODEL_ID_MAP['opus'];
- args.push('--model', modelId);
+ args.push('--model', config.model);
}
if (config.thinkingLevel) {
args.push('--thinking-level', config.thinkingLevel);
@@ -181,19 +231,28 @@ export class AgentQueueManager {
debugLog('[Agent Queue] Spawning ideation process with args:', args);
// Use projectId as taskId for ideation operations
- this.spawnIdeationProcess(projectId, projectPath, args);
+ await this.spawnIdeationProcess(projectId, projectPath, args);
}
/**
* Spawn a Python process for ideation generation
*/
- private spawnIdeationProcess(
+ private async spawnIdeationProcess(
projectId: string,
projectPath: string,
args: string[]
- ): void {
+ ): Promise {
debugLog('[Agent Queue] Spawning ideation process:', { projectId, projectPath });
+ // Run from auto-claude source directory so imports work correctly
+ const autoBuildSource = this.processManager.getAutoBuildSourcePath();
+ const cwd = autoBuildSource || process.cwd();
+
+ // Ensure Python environment is ready before spawning
+ if (!await this.ensurePythonEnvReady(projectId, 'ideation-error')) {
+ return;
+ }
+
// Kill existing process for this project if any
const wasKilled = this.processManager.killProcess(projectId);
if (wasKilled) {
@@ -204,9 +263,6 @@ export class AgentQueueManager {
const spawnId = this.state.generateSpawnId();
debugLog('[Agent Queue] Generated spawn ID:', spawnId);
- // Run from auto-claude source directory so imports work correctly
- const autoBuildSource = this.processManager.getAutoBuildSourcePath();
- const cwd = autoBuildSource || process.cwd();
// Get combined environment variables
const combinedEnv = this.processManager.getCombinedEnv(projectPath);
@@ -214,6 +270,12 @@ export class AgentQueueManager {
// Get active Claude profile environment (CLAUDE_CODE_OAUTH_TOKEN if not default)
const profileEnv = getProfileEnv();
+ // Get active API profile environment variables
+ const apiProfileEnv = await getAPIProfileEnv();
+
+ // Get OAuth mode clearing vars (clears stale ANTHROPIC_* vars when in OAuth mode)
+ const oauthModeClearVars = getOAuthModeClearVars(apiProfileEnv);
+
// Get Python path from process manager (uses venv if configured)
const pythonPath = this.processManager.getPythonPath();
@@ -234,28 +296,30 @@ export class AgentQueueManager {
// 1. process.env (system)
// 2. pythonEnv (bundled packages environment)
// 3. combinedEnv (auto-claude/.env for CLI usage)
- // 4. profileEnv (Electron app OAuth token - highest priority)
- // 5. Our specific overrides
+ // 4. oauthModeClearVars (clear stale ANTHROPIC_* vars when in OAuth mode)
+ // 5. profileEnv (Electron app OAuth token)
+ // 6. apiProfileEnv (Active API profile config - highest priority for ANTHROPIC_* vars)
+ // 7. Our specific overrides
const finalEnv = {
...process.env,
...pythonEnv,
...combinedEnv,
+ ...oauthModeClearVars,
...profileEnv,
+ ...apiProfileEnv,
PYTHONPATH: combinedPythonPath,
PYTHONUNBUFFERED: '1',
PYTHONUTF8: '1'
};
- // Debug: Show OAuth token source
+ // Debug: Show OAuth token source (token values intentionally omitted for security - AC4)
const tokenSource = profileEnv['CLAUDE_CODE_OAUTH_TOKEN']
? 'Electron app profile'
: (combinedEnv['CLAUDE_CODE_OAUTH_TOKEN'] ? 'auto-claude/.env' : 'not found');
- const oauthToken = (finalEnv as Record)['CLAUDE_CODE_OAUTH_TOKEN'];
- const hasToken = !!oauthToken;
+ const hasToken = !!(finalEnv as Record)['CLAUDE_CODE_OAUTH_TOKEN'];
debugLog('[Agent Queue] OAuth token status:', {
source: tokenSource,
- hasToken,
- tokenPreview: hasToken ? oauthToken?.substring(0, 20) + '...' : 'none'
+ hasToken
});
// Parse Python command to handle space-separated commands like "py -3"
@@ -500,13 +564,22 @@ export class AgentQueueManager {
/**
* Spawn a Python process for roadmap generation
*/
- private spawnRoadmapProcess(
+ private async spawnRoadmapProcess(
projectId: string,
projectPath: string,
args: string[]
- ): void {
+ ): Promise {
debugLog('[Agent Queue] Spawning roadmap process:', { projectId, projectPath });
+ // Run from auto-claude source directory so imports work correctly
+ const autoBuildSource = this.processManager.getAutoBuildSourcePath();
+ const cwd = autoBuildSource || process.cwd();
+
+ // Ensure Python environment is ready before spawning
+ if (!await this.ensurePythonEnvReady(projectId, 'roadmap-error')) {
+ return;
+ }
+
// Kill existing process for this project if any
const wasKilled = this.processManager.killProcess(projectId);
if (wasKilled) {
@@ -517,9 +590,6 @@ export class AgentQueueManager {
const spawnId = this.state.generateSpawnId();
debugLog('[Agent Queue] Generated roadmap spawn ID:', spawnId);
- // Run from auto-claude source directory so imports work correctly
- const autoBuildSource = this.processManager.getAutoBuildSourcePath();
- const cwd = autoBuildSource || process.cwd();
// Get combined environment variables
const combinedEnv = this.processManager.getCombinedEnv(projectPath);
@@ -527,6 +597,12 @@ export class AgentQueueManager {
// Get active Claude profile environment (CLAUDE_CODE_OAUTH_TOKEN if not default)
const profileEnv = getProfileEnv();
+ // Get active API profile environment variables
+ const apiProfileEnv = await getAPIProfileEnv();
+
+ // Get OAuth mode clearing vars (clears stale ANTHROPIC_* vars when in OAuth mode)
+ const oauthModeClearVars = getOAuthModeClearVars(apiProfileEnv);
+
// Get Python path from process manager (uses venv if configured)
const pythonPath = this.processManager.getPythonPath();
@@ -547,28 +623,30 @@ export class AgentQueueManager {
// 1. process.env (system)
// 2. pythonEnv (bundled packages environment)
// 3. combinedEnv (auto-claude/.env for CLI usage)
- // 4. profileEnv (Electron app OAuth token - highest priority)
- // 5. Our specific overrides
+ // 4. oauthModeClearVars (clear stale ANTHROPIC_* vars when in OAuth mode)
+ // 5. profileEnv (Electron app OAuth token)
+ // 6. apiProfileEnv (Active API profile config - highest priority for ANTHROPIC_* vars)
+ // 7. Our specific overrides
const finalEnv = {
...process.env,
...pythonEnv,
...combinedEnv,
+ ...oauthModeClearVars,
...profileEnv,
+ ...apiProfileEnv,
PYTHONPATH: combinedPythonPath,
PYTHONUNBUFFERED: '1',
PYTHONUTF8: '1'
};
- // Debug: Show OAuth token source
+ // Debug: Show OAuth token source (token values intentionally omitted for security - AC4)
const tokenSource = profileEnv['CLAUDE_CODE_OAUTH_TOKEN']
? 'Electron app profile'
: (combinedEnv['CLAUDE_CODE_OAUTH_TOKEN'] ? 'auto-claude/.env' : 'not found');
- const oauthToken = (finalEnv as Record)['CLAUDE_CODE_OAUTH_TOKEN'];
- const hasToken = !!oauthToken;
+ const hasToken = !!(finalEnv as Record)['CLAUDE_CODE_OAUTH_TOKEN'];
debugLog('[Agent Queue] OAuth token status:', {
source: tokenSource,
- hasToken,
- tokenPreview: hasToken ? oauthToken?.substring(0, 20) + '...' : 'none'
+ hasToken
});
// Parse Python command to handle space-separated commands like "py -3"
@@ -793,4 +871,627 @@ export class AgentQueueManager {
const processInfo = this.state.getProcess(projectId);
return processInfo?.queueProcessType === 'roadmap';
}
+
+ /**
+ * Start persona generation process
+ */
+ async startPersonaGeneration(
+ projectId: string,
+ projectPath: string,
+ refresh: boolean = false,
+ config?: PersonaConfig
+ ): Promise {
+ debugLog('[Agent Queue] Starting persona generation:', {
+ projectId,
+ projectPath,
+ refresh,
+ config
+ });
+
+ const autoBuildSource = this.processManager.getAutoBuildSourcePath();
+
+ if (!autoBuildSource) {
+ debugError('[Agent Queue] Auto-build source path not found');
+ this.emitter.emit('persona-error', projectId, 'Auto-build source path not found. Please configure it in App Settings.');
+ return;
+ }
+
+ const personaRunnerPath = path.join(autoBuildSource, 'runners', 'persona_runner.py');
+
+ if (!existsSync(personaRunnerPath)) {
+ debugError('[Agent Queue] Persona runner not found at:', personaRunnerPath);
+ this.emitter.emit('persona-error', projectId, `Persona runner not found at: ${personaRunnerPath}`);
+ return;
+ }
+
+ const args = [personaRunnerPath, '--project', projectPath];
+
+ if (refresh) {
+ args.push('--refresh');
+ }
+
+ // Add research flag if enabled
+ if (config?.enableResearch) {
+ args.push('--research');
+ }
+
+ // Add model and thinking level from config
+ if (config?.model) {
+ args.push('--model', config.model);
+ }
+ if (config?.thinkingLevel) {
+ args.push('--thinking-level', config.thinkingLevel);
+ }
+
+ debugLog('[Agent Queue] Spawning persona process with args:', args);
+
+ await this.spawnPersonaProcess(projectId, projectPath, args);
+ }
+
+ /**
+ * Spawn a Python process for persona generation
+ */
+ private async spawnPersonaProcess(
+ projectId: string,
+ projectPath: string,
+ args: string[]
+ ): Promise {
+ debugLog('[Agent Queue] Spawning persona process:', { projectId, projectPath });
+
+ const autoBuildSource = this.processManager.getAutoBuildSourcePath();
+ const cwd = autoBuildSource || process.cwd();
+
+ // Ensure Python environment is ready before spawning
+ if (!await this.ensurePythonEnvReady(projectId, 'persona-error')) {
+ return;
+ }
+
+ // Kill existing process for this project if any
+ const wasKilled = this.processManager.killProcess(projectId);
+ if (wasKilled) {
+ debugLog('[Agent Queue] Killed existing persona process for project:', projectId);
+ }
+
+ // Generate unique spawn ID for this process instance
+ const spawnId = this.state.generateSpawnId();
+ debugLog('[Agent Queue] Generated persona spawn ID:', spawnId);
+
+ // Get combined environment variables
+ const combinedEnv = this.processManager.getCombinedEnv(projectPath);
+
+ // Get active Claude profile environment
+ const profileEnv = getProfileEnv();
+
+ // Get active API profile environment variables
+ const apiProfileEnv = await getAPIProfileEnv();
+
+ // Get OAuth mode clearing vars
+ const oauthModeClearVars = getOAuthModeClearVars(apiProfileEnv);
+
+ // Get Python path from process manager
+ const pythonPath = this.processManager.getPythonPath();
+
+ // Get Python environment from pythonEnvManager
+ const pythonEnv = pythonEnvManager.getPythonEnv();
+
+ // Build PYTHONPATH
+ const pythonPathParts: string[] = [];
+ if (pythonEnv.PYTHONPATH) {
+ pythonPathParts.push(pythonEnv.PYTHONPATH);
+ }
+ if (autoBuildSource) {
+ pythonPathParts.push(autoBuildSource);
+ }
+ const combinedPythonPath = pythonPathParts.join(process.platform === 'win32' ? ';' : ':');
+
+ // Build final environment
+ const finalEnv = {
+ ...process.env,
+ ...pythonEnv,
+ ...combinedEnv,
+ ...oauthModeClearVars,
+ ...profileEnv,
+ ...apiProfileEnv,
+ PYTHONPATH: combinedPythonPath,
+ PYTHONUNBUFFERED: '1',
+ PYTHONUTF8: '1'
+ };
+
+ // Parse Python command
+ const [pythonCommand, pythonBaseArgs] = parsePythonCommand(pythonPath);
+ const childProcess = spawn(pythonCommand, [...pythonBaseArgs, ...args], {
+ cwd,
+ env: finalEnv
+ });
+
+ this.state.addProcess(projectId, {
+ taskId: projectId,
+ process: childProcess,
+ startedAt: new Date(),
+ projectPath,
+ spawnId,
+ queueProcessType: 'persona'
+ });
+
+ // Track progress through output
+ let progressPhase = 'analyzing';
+ let progressPercent = 10;
+ let allPersonaOutput = '';
+
+ // Handle stdout
+ childProcess.stdout?.on('data', (data: Buffer) => {
+ const log = data.toString('utf8');
+ allPersonaOutput = (allPersonaOutput + log).slice(-10000);
+
+ // Parse progress phases
+ if (log.includes('PHASE 1') || log.includes('PROJECT ANALYSIS')) {
+ progressPhase = 'analyzing';
+ progressPercent = 20;
+ } else if (log.includes('PHASE 2') || log.includes('USER TYPE DISCOVERY')) {
+ progressPhase = 'discovering';
+ progressPercent = 40;
+ } else if (log.includes('PHASE 3') || log.includes('WEB RESEARCH')) {
+ progressPhase = 'researching';
+ progressPercent = 60;
+ } else if (log.includes('PHASE 4') || log.includes('PERSONA GENERATION')) {
+ progressPhase = 'generating';
+ progressPercent = 80;
+ } else if (log.includes('PERSONAS GENERATED') || log.includes('complete')) {
+ progressPhase = 'complete';
+ progressPercent = 100;
+ }
+
+ this.emitter.emit('persona-progress', projectId, {
+ phase: progressPhase,
+ progress: progressPercent,
+ message: log.trim().substring(0, 200)
+ });
+ });
+
+ // Handle stderr
+ childProcess.stderr?.on('data', (data: Buffer) => {
+ const log = data.toString('utf8');
+ allPersonaOutput = (allPersonaOutput + log).slice(-10000);
+ console.error('[Persona STDERR]', log);
+ this.emitter.emit('persona-progress', projectId, {
+ phase: progressPhase,
+ progress: progressPercent,
+ message: log.trim().substring(0, 200)
+ });
+ });
+
+ // Handle process exit
+ childProcess.on('exit', (code: number | null) => {
+ debugLog('[Agent Queue] Persona process exited:', { projectId, code, spawnId });
+
+ const wasIntentionallyStopped = this.state.wasSpawnKilled(spawnId);
+ if (wasIntentionallyStopped) {
+ debugLog('[Agent Queue] Persona process was intentionally stopped, ignoring exit');
+ this.state.clearKilledSpawn(spawnId);
+ this.emitter.emit('persona-stopped', projectId);
+ return;
+ }
+
+ const processInfo = this.state.getProcess(projectId);
+ const storedProjectPath = processInfo?.projectPath;
+ this.state.deleteProcess(projectId);
+
+ // Check for rate limit if process failed
+ if (code !== 0) {
+ const rateLimitDetection = detectRateLimit(allPersonaOutput);
+ if (rateLimitDetection.isRateLimited) {
+ debugLog('[Agent Queue] Rate limit detected for persona');
+ const rateLimitInfo = createSDKRateLimitInfo('persona', rateLimitDetection, {
+ projectId
+ });
+ this.emitter.emit('sdk-rate-limit', rateLimitInfo);
+ }
+ }
+
+ if (code === 0) {
+ debugLog('[Agent Queue] Persona generation completed successfully');
+ this.emitter.emit('persona-progress', projectId, {
+ phase: 'complete',
+ progress: 100,
+ message: 'Persona generation complete'
+ });
+
+ // Load and emit the complete personas config
+ if (storedProjectPath) {
+ try {
+ const personasFilePath = path.join(
+ storedProjectPath,
+ '.auto-claude',
+ 'personas',
+ 'personas.json'
+ );
+ debugLog('[Agent Queue] Loading personas from:', personasFilePath);
+ if (existsSync(personasFilePath)) {
+ const loadPersonas = async (): Promise => {
+ try {
+ const content = await fsPromises.readFile(personasFilePath, 'utf-8');
+ const rawPersonas = JSON.parse(content);
+ // Personas are already in camelCase from the backend
+ const personasConfig: PersonasConfig = {
+ version: rawPersonas.version || '1.0',
+ projectId: rawPersonas.projectId || projectId,
+ personas: rawPersonas.personas || [],
+ metadata: {
+ generatedAt: rawPersonas.metadata?.generatedAt || new Date().toISOString(),
+ discoverySynced: rawPersonas.metadata?.discoverySynced ?? true,
+ researchEnriched: rawPersonas.metadata?.researchEnriched ?? false,
+ roadmapSynced: rawPersonas.metadata?.roadmapSynced ?? false,
+ personaCount: (rawPersonas.personas || []).length
+ }
+ };
+ debugLog('[Agent Queue] Loaded personas:', {
+ personaCount: personasConfig.personas.length
+ });
+ this.emitter.emit('persona-complete', projectId, personasConfig);
+ } catch (err) {
+ debugError('[Persona] Failed to load personas:', err);
+ this.emitter.emit('persona-error', projectId,
+ `Failed to load personas: ${err instanceof Error ? err.message : 'Unknown error'}`);
+ }
+ };
+ loadPersonas().catch((err: unknown) => {
+ debugError('[Agent Queue] Unhandled error loading personas:', err);
+ });
+ } else {
+ debugError('[Persona] personas.json not found at:', personasFilePath);
+ this.emitter.emit('persona-error', projectId,
+ 'Personas completed but file not found.');
+ }
+ } catch (err) {
+ debugError('[Persona] Unexpected error in persona completion:', err);
+ this.emitter.emit('persona-error', projectId,
+ `Unexpected error: ${err instanceof Error ? err.message : 'Unknown error'}`);
+ }
+ } else {
+ debugError('[Persona] No project path available for persona completion');
+ this.emitter.emit('persona-error', projectId, 'Personas completed but project path not found.');
+ }
+ } else {
+ debugError('[Agent Queue] Persona generation failed:', { projectId, code });
+ this.emitter.emit('persona-error', projectId, `Persona generation failed with exit code ${code}`);
+ }
+ });
+
+ // Handle process error
+ childProcess.on('error', (err: Error) => {
+ console.error('[Persona] Process error:', err.message);
+ this.state.deleteProcess(projectId);
+ this.emitter.emit('persona-error', projectId, err.message);
+ });
+ }
+
+ /**
+ * Stop persona generation for a project
+ */
+ stopPersonas(projectId: string): boolean {
+ debugLog('[Agent Queue] Stop persona requested:', { projectId });
+
+ const processInfo = this.state.getProcess(projectId);
+ const isPersona = processInfo?.queueProcessType === 'persona';
+ debugLog('[Agent Queue] Persona process running?', { projectId, isPersona, processType: processInfo?.queueProcessType });
+
+ if (isPersona) {
+ debugLog('[Agent Queue] Killing persona process:', projectId);
+ this.processManager.killProcess(projectId);
+ this.emitter.emit('persona-stopped', projectId);
+ return true;
+ }
+ debugLog('[Agent Queue] No running persona process found for:', projectId);
+ return false;
+ }
+
+ /**
+ * Check if persona generation is running for a project
+ */
+ isPersonaRunning(projectId: string): boolean {
+ const processInfo = this.state.getProcess(projectId);
+ return processInfo?.queueProcessType === 'persona';
+ }
+
+ /**
+ * Start persona enrichment for a new persona (AI-assisted creation)
+ */
+ async startPersonaEnrichment(
+ projectId: string,
+ projectPath: string,
+ input: PersonaEnrichmentInput,
+ config?: PersonaConfig
+ ): Promise {
+ debugLog('[Agent Queue] Starting persona enrichment (new):', {
+ projectId,
+ projectPath,
+ role: input.role,
+ type: input.type
+ });
+
+ const autoBuildSource = this.processManager.getAutoBuildSourcePath();
+
+ if (!autoBuildSource) {
+ debugError('[Agent Queue] Auto-build source path not found');
+ this.emitter.emit('persona-enrichment-error', projectId, 'Auto-build source path not found. Please configure it in App Settings.');
+ return;
+ }
+
+ const personaRunnerPath = path.join(autoBuildSource, 'runners', 'persona_runner.py');
+
+ if (!existsSync(personaRunnerPath)) {
+ debugError('[Agent Queue] Persona runner not found at:', personaRunnerPath);
+ this.emitter.emit('persona-enrichment-error', projectId, `Persona runner not found at: ${personaRunnerPath}`);
+ return;
+ }
+
+ const args = [
+ personaRunnerPath,
+ '--project', projectPath,
+ '--enrich-new',
+ '--role', input.role,
+ '--description', input.description,
+ '--persona-type', input.type
+ ];
+
+ // Add optional fields
+ if (input.primaryGoal) {
+ args.push('--primary-goal', input.primaryGoal);
+ }
+ if (input.experienceLevel) {
+ args.push('--experience-level', input.experienceLevel);
+ }
+ if (input.industry) {
+ args.push('--industry', input.industry);
+ }
+
+ // Add model and thinking level from config
+ if (config?.model) {
+ args.push('--model', config.model);
+ }
+ if (config?.thinkingLevel) {
+ args.push('--thinking-level', config.thinkingLevel);
+ }
+
+ debugLog('[Agent Queue] Spawning persona enrichment process with args:', args);
+
+ await this.spawnPersonaEnrichmentProcess(projectId, projectPath, args, 'new');
+ }
+
+ /**
+ * Start persona enrichment for an existing persona
+ */
+ async startPersonaEnrichmentExisting(
+ projectId: string,
+ projectPath: string,
+ personaId: string,
+ persona: Persona,
+ config?: PersonaConfig
+ ): Promise {
+ debugLog('[Agent Queue] Starting persona enrichment (existing):', {
+ projectId,
+ projectPath,
+ personaId,
+ personaName: persona.name
+ });
+
+ const autoBuildSource = this.processManager.getAutoBuildSourcePath();
+
+ if (!autoBuildSource) {
+ debugError('[Agent Queue] Auto-build source path not found');
+ this.emitter.emit('persona-enrichment-error', projectId, 'Auto-build source path not found. Please configure it in App Settings.');
+ return;
+ }
+
+ const personaRunnerPath = path.join(autoBuildSource, 'runners', 'persona_runner.py');
+
+ if (!existsSync(personaRunnerPath)) {
+ debugError('[Agent Queue] Persona runner not found at:', personaRunnerPath);
+ this.emitter.emit('persona-enrichment-error', projectId, `Persona runner not found at: ${personaRunnerPath}`);
+ return;
+ }
+
+ const args = [
+ personaRunnerPath,
+ '--project', projectPath,
+ '--enrich-existing',
+ '--persona-id', personaId
+ ];
+
+ // Add model and thinking level from config
+ if (config?.model) {
+ args.push('--model', config.model);
+ }
+ if (config?.thinkingLevel) {
+ args.push('--thinking-level', config.thinkingLevel);
+ }
+
+ debugLog('[Agent Queue] Spawning persona enrichment process with args:', args);
+
+ await this.spawnPersonaEnrichmentProcess(projectId, projectPath, args, 'existing');
+ }
+
+ /**
+ * Spawn a Python process for persona enrichment
+ */
+ private async spawnPersonaEnrichmentProcess(
+ projectId: string,
+ projectPath: string,
+ args: string[],
+ enrichmentType: 'new' | 'existing'
+ ): Promise {
+ debugLog('[Agent Queue] Spawning persona enrichment process:', { projectId, projectPath, enrichmentType });
+
+ const autoBuildSource = this.processManager.getAutoBuildSourcePath();
+ const cwd = autoBuildSource || process.cwd();
+
+ // Ensure Python environment is ready before spawning
+ if (!await this.ensurePythonEnvReady(projectId, 'persona-error')) {
+ this.emitter.emit('persona-enrichment-error', projectId, 'Python environment not ready');
+ return;
+ }
+
+ // Use a unique task ID for enrichment to not conflict with regular persona generation
+ const enrichmentTaskId = `${projectId}-enrichment`;
+
+ // Kill existing enrichment process for this project if any
+ const wasKilled = this.processManager.killProcess(enrichmentTaskId);
+ if (wasKilled) {
+ debugLog('[Agent Queue] Killed existing enrichment process for project:', projectId);
+ }
+
+ // Generate unique spawn ID for this process instance
+ const spawnId = this.state.generateSpawnId();
+ debugLog('[Agent Queue] Generated enrichment spawn ID:', spawnId);
+
+ // Get combined environment variables
+ const combinedEnv = this.processManager.getCombinedEnv(projectPath);
+
+ // Get active Claude profile environment
+ const profileEnv = getProfileEnv();
+
+ // Get active API profile environment variables
+ const apiProfileEnv = await getAPIProfileEnv();
+
+ // Get OAuth mode clearing vars
+ const oauthModeClearVars = getOAuthModeClearVars(apiProfileEnv);
+
+ // Get Python path from process manager
+ const pythonPath = this.processManager.getPythonPath();
+
+ // Get Python environment from pythonEnvManager
+ const pythonEnv = pythonEnvManager.getPythonEnv();
+
+ // Build PYTHONPATH
+ const pythonPathParts: string[] = [];
+ if (pythonEnv.PYTHONPATH) {
+ pythonPathParts.push(pythonEnv.PYTHONPATH);
+ }
+ if (autoBuildSource) {
+ pythonPathParts.push(autoBuildSource);
+ }
+ const combinedPythonPath = pythonPathParts.join(process.platform === 'win32' ? ';' : ':');
+
+ // Build final environment
+ const finalEnv = {
+ ...process.env,
+ ...pythonEnv,
+ ...combinedEnv,
+ ...oauthModeClearVars,
+ ...profileEnv,
+ ...apiProfileEnv,
+ PYTHONPATH: combinedPythonPath,
+ PYTHONUNBUFFERED: '1',
+ PYTHONUTF8: '1'
+ };
+
+ // Parse Python command
+ const [pythonCommand, pythonBaseArgs] = parsePythonCommand(pythonPath);
+ const childProcess = spawn(pythonCommand, [...pythonBaseArgs, ...args], {
+ cwd,
+ env: finalEnv
+ });
+
+ this.state.addProcess(enrichmentTaskId, {
+ taskId: enrichmentTaskId,
+ process: childProcess,
+ startedAt: new Date(),
+ projectPath,
+ spawnId,
+ queueProcessType: 'persona-enrichment'
+ });
+
+ // Track progress through output
+ let progressPhase = 'researching';
+ let progressPercent = 10;
+ let allEnrichmentOutput = '';
+
+ // Handle stdout
+ childProcess.stdout?.on('data', (data: Buffer) => {
+ const log = data.toString('utf8');
+ allEnrichmentOutput = (allEnrichmentOutput + log).slice(-10000);
+
+ // Parse enrichment-specific markers
+ const phaseMatch = log.match(/ENRICHMENT_PHASE:(\w+)/);
+ if (phaseMatch) {
+ progressPhase = phaseMatch[1];
+ progressPercent = progressPhase === 'researching' ? 30 : progressPhase === 'generating' ? 60 : progressPercent;
+ }
+
+ // Check for completion with persona data
+ const completeMatch = log.match(/ENRICHMENT_COMPLETE:(.+)/);
+ if (completeMatch) {
+ try {
+ const persona = JSON.parse(completeMatch[1]);
+ debugLog('[Agent Queue] Enrichment complete, persona:', { id: persona.id, name: persona.name });
+ this.emitter.emit('persona-enrichment-complete', projectId, persona);
+ } catch (parseErr) {
+ debugError('[Agent Queue] Failed to parse enriched persona:', parseErr);
+ }
+ }
+
+ // Check for error
+ const errorMatch = log.match(/ENRICHMENT_ERROR:(.+)/);
+ if (errorMatch) {
+ debugError('[Agent Queue] Enrichment error:', errorMatch[1]);
+ this.emitter.emit('persona-enrichment-error', projectId, errorMatch[1]);
+ }
+
+ this.emitter.emit('persona-enrichment-progress', projectId, {
+ phase: progressPhase,
+ progress: progressPercent,
+ message: log.trim().substring(0, 200)
+ });
+ });
+
+ // Handle stderr
+ childProcess.stderr?.on('data', (data: Buffer) => {
+ const log = data.toString('utf8');
+ allEnrichmentOutput = (allEnrichmentOutput + log).slice(-10000);
+ console.error('[Persona Enrichment STDERR]', log);
+ this.emitter.emit('persona-enrichment-progress', projectId, {
+ phase: progressPhase,
+ progress: progressPercent,
+ message: log.trim().substring(0, 200)
+ });
+ });
+
+ // Handle process exit
+ childProcess.on('exit', (code: number | null) => {
+ debugLog('[Agent Queue] Persona enrichment process exited:', { projectId, code, spawnId, enrichmentType });
+
+ const wasIntentionallyStopped = this.state.wasSpawnKilled(spawnId);
+ if (wasIntentionallyStopped) {
+ debugLog('[Agent Queue] Persona enrichment process was intentionally stopped, ignoring exit');
+ this.state.clearKilledSpawn(spawnId);
+ return;
+ }
+
+ this.state.deleteProcess(enrichmentTaskId);
+
+ // Check for rate limit if process failed
+ if (code !== 0) {
+ const rateLimitDetection = detectRateLimit(allEnrichmentOutput);
+ if (rateLimitDetection.isRateLimited) {
+ debugLog('[Agent Queue] Rate limit detected for persona enrichment');
+ const rateLimitInfo = createSDKRateLimitInfo('persona', rateLimitDetection, {
+ projectId
+ });
+ this.emitter.emit('sdk-rate-limit', rateLimitInfo);
+ }
+
+ // Only emit error if we haven't already (via ENRICHMENT_ERROR marker)
+ if (!allEnrichmentOutput.includes('ENRICHMENT_COMPLETE:') && !allEnrichmentOutput.includes('ENRICHMENT_ERROR:')) {
+ this.emitter.emit('persona-enrichment-error', projectId, `Persona enrichment failed with exit code ${code}`);
+ }
+ }
+ });
+
+ // Handle process error
+ childProcess.on('error', (err: Error) => {
+ console.error('[Persona Enrichment] Process error:', err.message);
+ this.state.deleteProcess(enrichmentTaskId);
+ this.emitter.emit('persona-enrichment-error', projectId, err.message);
+ });
+ }
}
diff --git a/apps/frontend/src/main/agent/env-utils.test.ts b/apps/frontend/src/main/agent/env-utils.test.ts
new file mode 100644
index 0000000000..6a5d42c54e
--- /dev/null
+++ b/apps/frontend/src/main/agent/env-utils.test.ts
@@ -0,0 +1,134 @@
+/**
+ * Unit tests for env-utils
+ * Tests OAuth mode environment variable clearing functionality
+ */
+
+import { describe, it, expect } from 'vitest';
+import { getOAuthModeClearVars } from './env-utils';
+
+describe('getOAuthModeClearVars', () => {
+ describe('OAuth mode (no active API profile)', () => {
+ it('should return clearing vars when apiProfileEnv is empty', () => {
+ const result = getOAuthModeClearVars({});
+
+ expect(result).toEqual({
+ ANTHROPIC_API_KEY: '',
+ ANTHROPIC_AUTH_TOKEN: '',
+ ANTHROPIC_BASE_URL: '',
+ ANTHROPIC_MODEL: '',
+ ANTHROPIC_DEFAULT_HAIKU_MODEL: '',
+ ANTHROPIC_DEFAULT_SONNET_MODEL: '',
+ ANTHROPIC_DEFAULT_OPUS_MODEL: ''
+ });
+ });
+
+ it('should clear all ANTHROPIC_* environment variables', () => {
+ const result = getOAuthModeClearVars({});
+
+ // Verify all known ANTHROPIC_* vars are cleared
+ expect(result.ANTHROPIC_API_KEY).toBe('');
+ expect(result.ANTHROPIC_AUTH_TOKEN).toBe('');
+ expect(result.ANTHROPIC_BASE_URL).toBe('');
+ expect(result.ANTHROPIC_MODEL).toBe('');
+ expect(result.ANTHROPIC_DEFAULT_HAIKU_MODEL).toBe('');
+ expect(result.ANTHROPIC_DEFAULT_SONNET_MODEL).toBe('');
+ expect(result.ANTHROPIC_DEFAULT_OPUS_MODEL).toBe('');
+ });
+ });
+
+ describe('API Profile mode (active profile)', () => {
+ it('should return empty object when apiProfileEnv has values', () => {
+ const apiProfileEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-active-profile',
+ ANTHROPIC_BASE_URL: 'https://custom.api.com'
+ };
+
+ const result = getOAuthModeClearVars(apiProfileEnv);
+
+ expect(result).toEqual({});
+ });
+
+ it('should NOT clear vars when API profile is active', () => {
+ const apiProfileEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-test',
+ ANTHROPIC_BASE_URL: 'https://test.com',
+ ANTHROPIC_MODEL: 'claude-3-opus'
+ };
+
+ const result = getOAuthModeClearVars(apiProfileEnv);
+
+ // Should not return any clearing vars
+ expect(Object.keys(result)).toHaveLength(0);
+ });
+
+ it('should detect non-empty profile even with single property', () => {
+ const apiProfileEnv = {
+ ANTHROPIC_AUTH_TOKEN: 'sk-minimal'
+ };
+
+ const result = getOAuthModeClearVars(apiProfileEnv);
+
+ expect(result).toEqual({});
+ });
+ });
+
+ describe('Edge cases', () => {
+ it('should handle undefined gracefully (treat as empty)', () => {
+ // TypeScript should prevent this, but runtime safety
+ const result = getOAuthModeClearVars(undefined as any);
+
+ // Should treat undefined as empty object -> OAuth mode
+ expect(result).toBeDefined();
+ });
+
+ it('should handle null gracefully (treat as empty)', () => {
+ // Runtime safety for null values
+ const result = getOAuthModeClearVars(null as any);
+
+ // Should treat null as OAuth mode and return clearing vars
+ expect(result).toEqual({
+ ANTHROPIC_API_KEY: '',
+ ANTHROPIC_AUTH_TOKEN: '',
+ ANTHROPIC_BASE_URL: '',
+ ANTHROPIC_MODEL: '',
+ ANTHROPIC_DEFAULT_HAIKU_MODEL: '',
+ ANTHROPIC_DEFAULT_SONNET_MODEL: '',
+ ANTHROPIC_DEFAULT_OPUS_MODEL: ''
+ });
+ });
+
+ it('should return consistent object shape for OAuth mode', () => {
+ const result1 = getOAuthModeClearVars({});
+ const result2 = getOAuthModeClearVars({});
+
+ expect(result1).toEqual(result2);
+ // Use specific expected keys instead of magic number
+ const expectedKeys = [
+ 'ANTHROPIC_API_KEY',
+ 'ANTHROPIC_AUTH_TOKEN',
+ 'ANTHROPIC_BASE_URL',
+ 'ANTHROPIC_MODEL',
+ 'ANTHROPIC_DEFAULT_HAIKU_MODEL',
+ 'ANTHROPIC_DEFAULT_SONNET_MODEL',
+ 'ANTHROPIC_DEFAULT_OPUS_MODEL'
+ ];
+ expect(Object.keys(result1).sort()).toEqual(expectedKeys.sort());
+ });
+
+ it('should NOT clear if apiProfileEnv has non-ANTHROPIC keys only', () => {
+ // Edge case: service returns metadata but no ANTHROPIC_* vars
+ const result = getOAuthModeClearVars({ SOME_OTHER_VAR: 'value' });
+
+ // Should treat as OAuth mode since no ANTHROPIC_* keys present
+ expect(result).toEqual({
+ ANTHROPIC_API_KEY: '',
+ ANTHROPIC_AUTH_TOKEN: '',
+ ANTHROPIC_BASE_URL: '',
+ ANTHROPIC_MODEL: '',
+ ANTHROPIC_DEFAULT_HAIKU_MODEL: '',
+ ANTHROPIC_DEFAULT_SONNET_MODEL: '',
+ ANTHROPIC_DEFAULT_OPUS_MODEL: ''
+ });
+ });
+ });
+});
diff --git a/apps/frontend/src/main/agent/env-utils.ts b/apps/frontend/src/main/agent/env-utils.ts
new file mode 100644
index 0000000000..3c479e607e
--- /dev/null
+++ b/apps/frontend/src/main/agent/env-utils.ts
@@ -0,0 +1,44 @@
+/**
+ * Utility functions for managing environment variables in agent spawning
+ */
+
+/**
+ * Get environment variables to clear ANTHROPIC_* vars when in OAuth mode
+ *
+ * When switching from API Profile mode to OAuth mode, residual ANTHROPIC_*
+ * environment variables from process.env can cause authentication failures.
+ * This function returns an object with empty strings for these vars when
+ * no API profile is active, ensuring OAuth tokens are used correctly.
+ *
+ * **Why empty strings?** Setting environment variables to empty strings (rather than
+ * undefined) ensures they override any stale values from process.env. Python's SDK
+ * treats empty strings as falsy in conditional checks like `if token:`, so empty
+ * strings effectively disable these authentication parameters without leaving
+ * undefined values that might be ignored during object spreading.
+ *
+ * @param apiProfileEnv - Environment variables from getAPIProfileEnv()
+ * @returns Object with empty ANTHROPIC_* vars if in OAuth mode, empty object otherwise
+ */
+export function getOAuthModeClearVars(apiProfileEnv: Record): Record {
+ // If API profile is active (has ANTHROPIC_* vars), don't clear anything
+ if (apiProfileEnv && Object.keys(apiProfileEnv).some(key => key.startsWith('ANTHROPIC_'))) {
+ return {};
+ }
+
+ // In OAuth mode (no API profile), clear all ANTHROPIC_* vars
+ // Setting to empty string ensures they override any values from process.env
+ // Python's `if token:` checks treat empty strings as falsy
+ //
+ // IMPORTANT: ANTHROPIC_API_KEY is included to prevent Claude Code from using
+ // API keys that may be present in the shell environment instead of OAuth tokens.
+ // Without clearing this, Claude Code would show "Claude API" instead of "Claude Max".
+ return {
+ ANTHROPIC_API_KEY: '',
+ ANTHROPIC_AUTH_TOKEN: '',
+ ANTHROPIC_BASE_URL: '',
+ ANTHROPIC_MODEL: '',
+ ANTHROPIC_DEFAULT_HAIKU_MODEL: '',
+ ANTHROPIC_DEFAULT_SONNET_MODEL: '',
+ ANTHROPIC_DEFAULT_OPUS_MODEL: ''
+ };
+}
diff --git a/apps/frontend/src/main/agent/types.ts b/apps/frontend/src/main/agent/types.ts
index fa3c5b8d9d..1c6e2e3264 100644
--- a/apps/frontend/src/main/agent/types.ts
+++ b/apps/frontend/src/main/agent/types.ts
@@ -5,7 +5,7 @@ import type { IdeationConfig } from '../../shared/types';
* Agent-specific types for process and state management
*/
-export type QueueProcessType = 'ideation' | 'roadmap';
+export type QueueProcessType = 'ideation' | 'roadmap' | 'persona' | 'persona-enrichment';
export interface AgentProcess {
taskId: string;
@@ -40,10 +40,17 @@ export interface RoadmapConfig {
thinkingLevel?: string; // Thinking level (none, low, medium, high, ultrathink)
}
+export interface PersonaConfig {
+ model?: string; // Model shorthand (opus, sonnet, haiku)
+ thinkingLevel?: string; // Thinking level (none, low, medium, high, ultrathink)
+ enableResearch?: boolean; // Enable web research enrichment phase
+}
+
export interface TaskExecutionOptions {
parallel?: boolean;
workers?: number;
baseBranch?: string;
+ useWorktree?: boolean; // If false, use --direct mode (no worktree isolation)
}
export interface SpecCreationMetadata {
@@ -65,6 +72,8 @@ export interface SpecCreationMetadata {
// Non-auto profile - single model and thinking level
model?: 'haiku' | 'sonnet' | 'opus';
thinkingLevel?: 'none' | 'low' | 'medium' | 'high' | 'ultrathink';
+ // Workspace mode - whether to use worktree isolation
+ useWorktree?: boolean; // If false, use --direct mode (no worktree isolation)
}
export interface IdeationProgressData {
@@ -79,3 +88,9 @@ export interface RoadmapProgressData {
progress: number;
message: string;
}
+
+export interface PersonaProgressData {
+ phase: string;
+ progress: number;
+ message: string;
+}
diff --git a/apps/frontend/src/main/app-updater.ts b/apps/frontend/src/main/app-updater.ts
index a76444dd3b..98f1f824bf 100644
--- a/apps/frontend/src/main/app-updater.ts
+++ b/apps/frontend/src/main/app-updater.ts
@@ -18,12 +18,16 @@
*/
import { autoUpdater } from 'electron-updater';
-import { app } from 'electron';
+import { app, net } from 'electron';
import type { BrowserWindow } from 'electron';
import { IPC_CHANNELS } from '../shared/constants';
import type { AppUpdateInfo } from '../shared/types';
import { compareVersions } from './updater/version-manager';
+// GitHub repo info for API calls
+const GITHUB_OWNER = 'AndyMik90';
+const GITHUB_REPO = 'Auto-Claude';
+
// Debug mode - DEBUG_UPDATER=true or development mode
const DEBUG_UPDATER = process.env.DEBUG_UPDATER === 'true' || process.env.NODE_ENV === 'development';
@@ -251,3 +255,214 @@ export function quitAndInstall(): void {
export function getCurrentVersion(): string {
return autoUpdater.currentVersion.version;
}
+
+/**
+ * Check if a version string represents a prerelease (beta, alpha, rc, etc.)
+ */
+export function isPrerelease(version: string): boolean {
+ return /-(alpha|beta|rc|dev|canary)\.\d+$/i.test(version) || version.includes('-');
+}
+
+// Timeout for GitHub API requests (10 seconds)
+const GITHUB_API_TIMEOUT = 10000;
+
+/**
+ * Fetch the latest stable release from GitHub API
+ * Returns the latest non-prerelease version
+ */
+async function fetchLatestStableRelease(): Promise {
+ const fetchPromise = new Promise((resolve) => {
+ const url = `https://api.github.com/repos/${GITHUB_OWNER}/${GITHUB_REPO}/releases`;
+ console.warn('[app-updater] Fetching releases from:', url);
+
+ const request = net.request({
+ url,
+ method: 'GET'
+ });
+
+ request.setHeader('Accept', 'application/vnd.github.v3+json');
+ request.setHeader('User-Agent', `Auto-Claude/${getCurrentVersion()}`);
+
+ let data = '';
+
+ request.on('response', (response) => {
+ // Validate HTTP status code
+ const statusCode = response.statusCode;
+ if (statusCode !== 200) {
+ // Sanitize statusCode to prevent log injection
+ // Convert to number and validate range to ensure it's a valid HTTP status code
+ const numericCode = Number(statusCode);
+ const safeStatusCode = (Number.isInteger(numericCode) && numericCode >= 100 && numericCode < 600)
+ ? String(numericCode)
+ : 'unknown';
+ console.error(`[app-updater] GitHub API error: HTTP ${safeStatusCode}`);
+ if (statusCode === 403) {
+ console.error('[app-updater] Rate limit may have been exceeded');
+ } else if (statusCode === 404) {
+ console.error('[app-updater] Repository or releases not found');
+ }
+ resolve(null);
+ return;
+ }
+
+ response.on('data', (chunk) => {
+ data += chunk.toString();
+ });
+
+ response.on('end', () => {
+ try {
+ const parsed = JSON.parse(data);
+
+ // Validate response is an array
+ if (!Array.isArray(parsed)) {
+ console.error('[app-updater] Unexpected response format - expected array, got:', typeof parsed);
+ resolve(null);
+ return;
+ }
+
+ const releases = parsed as Array<{
+ tag_name: string;
+ prerelease: boolean;
+ draft: boolean;
+ body?: string;
+ published_at?: string;
+ html_url?: string;
+ }>;
+
+ // Find the first non-prerelease, non-draft release
+ const latestStable = releases.find(r => !r.prerelease && !r.draft);
+
+ if (!latestStable) {
+ console.warn('[app-updater] No stable release found');
+ resolve(null);
+ return;
+ }
+
+ const version = latestStable.tag_name.replace(/^v/, '');
+ // Sanitize version string for logging (remove control characters and limit length)
+ // eslint-disable-next-line no-control-regex
+ const safeVersion = String(version).replace(/[\x00-\x1f\x7f]/g, '').slice(0, 50);
+ console.warn('[app-updater] Found latest stable release:', safeVersion);
+
+ resolve({
+ version,
+ releaseNotes: latestStable.body,
+ releaseDate: latestStable.published_at
+ });
+ } catch (e) {
+ // Sanitize error message for logging (prevent log injection from malformed JSON)
+ const safeError = e instanceof Error ? e.message : 'Unknown parse error';
+ console.error('[app-updater] Failed to parse releases JSON:', safeError);
+ resolve(null);
+ }
+ });
+ });
+
+ request.on('error', (error) => {
+ // Sanitize error message for logging (use only the message property)
+ const safeErrorMessage = error instanceof Error ? error.message : 'Unknown error';
+ console.error('[app-updater] Failed to fetch releases:', safeErrorMessage);
+ resolve(null);
+ });
+
+ request.end();
+ });
+
+ // Add timeout to prevent hanging indefinitely
+ const timeoutPromise = new Promise((resolve) => {
+ setTimeout(() => {
+ console.error(`[app-updater] GitHub API request timed out after ${GITHUB_API_TIMEOUT}ms`);
+ resolve(null);
+ }, GITHUB_API_TIMEOUT);
+ });
+
+ return Promise.race([fetchPromise, timeoutPromise]);
+}
+
+/**
+ * Check if we should offer a downgrade to stable
+ * Called when user disables beta updates while on a prerelease version
+ *
+ * Returns the latest stable version if:
+ * 1. Current version is a prerelease
+ * 2. A stable version exists
+ */
+export async function checkForStableDowngrade(): Promise {
+ const currentVersion = getCurrentVersion();
+
+ // Only check for downgrade if currently on a prerelease
+ if (!isPrerelease(currentVersion)) {
+ console.warn('[app-updater] Current version is not a prerelease, no downgrade needed');
+ return null;
+ }
+
+ console.warn('[app-updater] Current version is prerelease:', currentVersion);
+ console.warn('[app-updater] Checking for stable version to downgrade to...');
+
+ const latestStable = await fetchLatestStableRelease();
+
+ if (!latestStable) {
+ console.warn('[app-updater] No stable release available for downgrade');
+ return null;
+ }
+
+ console.warn('[app-updater] Stable downgrade available:', latestStable.version);
+ return latestStable;
+}
+
+/**
+ * Set update channel with optional downgrade check
+ * When switching from beta to stable, checks if user should be offered a downgrade
+ *
+ * @param channel - The update channel to switch to
+ * @param triggerDowngradeCheck - Whether to check for stable downgrade (when disabling beta)
+ */
+export async function setUpdateChannelWithDowngradeCheck(
+ channel: UpdateChannel,
+ triggerDowngradeCheck = false
+): Promise {
+ autoUpdater.channel = channel;
+ console.warn(`[app-updater] Update channel set to: ${channel}`);
+
+ // If switching to stable and downgrade check requested, look for stable version
+ if (channel === 'latest' && triggerDowngradeCheck) {
+ const stableVersion = await checkForStableDowngrade();
+
+ if (stableVersion && mainWindow) {
+ // Notify the renderer about the available stable downgrade
+ mainWindow.webContents.send(IPC_CHANNELS.APP_UPDATE_STABLE_DOWNGRADE, stableVersion);
+ }
+
+ return stableVersion;
+ }
+
+ return null;
+}
+
+/**
+ * Download a specific version (for downgrade)
+ * Uses electron-updater with allowDowngrade enabled to download older stable versions
+ */
+export async function downloadStableVersion(): Promise {
+ // Switch to stable channel
+ autoUpdater.channel = 'latest';
+ // Enable downgrade to allow downloading older versions (e.g., stable when on beta)
+ autoUpdater.allowDowngrade = true;
+ console.warn('[app-updater] Downloading stable version (allowDowngrade=true)...');
+
+ try {
+ // Force a fresh check on the stable channel, then download
+ const result = await autoUpdater.checkForUpdates();
+ if (result) {
+ await autoUpdater.downloadUpdate();
+ } else {
+ throw new Error('No stable version available for download');
+ }
+ } catch (error) {
+ console.error('[app-updater] Failed to download stable version:', error);
+ throw error;
+ } finally {
+ // Reset allowDowngrade to prevent unintended downgrades in normal update checks
+ autoUpdater.allowDowngrade = false;
+ }
+}
diff --git a/apps/frontend/src/main/auto-claude-updater.ts b/apps/frontend/src/main/auto-claude-updater.ts
deleted file mode 100644
index b19e19855e..0000000000
--- a/apps/frontend/src/main/auto-claude-updater.ts
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Auto Claude Source Updater
- *
- * Checks GitHub Releases for updates and downloads them.
- * GitHub Releases are the single source of truth for versioning.
- *
- * Update flow:
- * 1. Check GitHub Releases API for the latest release
- * 2. Compare release tag with current app version
- * 3. If update available, download release tarball and apply
- * 4. Existing project update system handles pushing to individual projects
- *
- * Versioning:
- * - Single source of truth: GitHub Releases
- * - Current version: app.getVersion() (from package.json at build time)
- * - Latest version: Fetched from GitHub Releases API
- * - To release: Create a GitHub release with tag (e.g., v1.2.0)
- */
-
-// Export types
-export type {
- GitHubRelease,
- AutoBuildUpdateCheck,
- AutoBuildUpdateResult,
- UpdateProgressCallback,
- UpdateMetadata
-} from './updater/types';
-
-// Export version management
-export { getBundledVersion, getEffectiveVersion } from './updater/version-manager';
-
-// Export path resolution
-export {
- getBundledSourcePath,
- getEffectiveSourcePath
-} from './updater/path-resolver';
-
-// Export update checking
-export { checkForUpdates } from './updater/update-checker';
-
-// Export update installation
-export { downloadAndApplyUpdate } from './updater/update-installer';
-
-// Export update status
-export {
- hasPendingSourceUpdate,
- getUpdateMetadata
-} from './updater/update-status';
diff --git a/apps/frontend/src/main/changelog/generator.ts b/apps/frontend/src/main/changelog/generator.ts
index c71af9c3d4..6fa75c06fb 100644
--- a/apps/frontend/src/main/changelog/generator.ts
+++ b/apps/frontend/src/main/changelog/generator.ts
@@ -13,6 +13,7 @@ import { extractChangelog } from './parser';
import { getCommits, getBranchDiffCommits } from './git-integration';
import { detectRateLimit, createSDKRateLimitInfo, getProfileEnv } from '../rate-limit-detector';
import { parsePythonCommand } from '../python-detector';
+import { getAugmentedEnv } from '../env-utils';
/**
* Core changelog generation logic
@@ -246,21 +247,9 @@ export class ChangelogGenerator extends EventEmitter {
const homeDir = os.homedir();
const isWindows = process.platform === 'win32';
- // Build PATH with platform-appropriate separator and locations
- const pathAdditions = isWindows
- ? [
- path.join(homeDir, 'AppData', 'Local', 'Programs', 'claude'),
- path.join(homeDir, 'AppData', 'Roaming', 'npm'),
- path.join(homeDir, '.local', 'bin'),
- 'C:\\Program Files\\Claude',
- 'C:\\Program Files (x86)\\Claude'
- ]
- : [
- '/usr/local/bin',
- '/opt/homebrew/bin',
- path.join(homeDir, '.local', 'bin'),
- path.join(homeDir, 'bin')
- ];
+ // Use getAugmentedEnv() to ensure common tool paths are available
+ // even when app is launched from Finder/Dock
+ const augmentedEnv = getAugmentedEnv();
// Get active Claude profile environment (OAuth token preferred, falls back to CLAUDE_CONFIG_DIR)
const profileEnv = getProfileEnv();
@@ -271,15 +260,13 @@ export class ChangelogGenerator extends EventEmitter {
});
const spawnEnv: Record = {
- ...process.env as Record,
+ ...augmentedEnv,
...this.autoBuildEnv,
...profileEnv, // Include active Claude profile config
// Ensure critical env vars are set for claude CLI
// Use USERPROFILE on Windows, HOME on Unix
...(isWindows ? { USERPROFILE: homeDir } : { HOME: homeDir }),
USER: process.env.USER || process.env.USERNAME || 'user',
- // Add common binary locations to PATH for claude CLI
- PATH: [process.env.PATH || '', ...pathAdditions].filter(Boolean).join(path.delimiter),
PYTHONUNBUFFERED: '1',
PYTHONIOENCODING: 'utf-8',
PYTHONUTF8: '1'
diff --git a/apps/frontend/src/main/changelog/version-suggester.ts b/apps/frontend/src/main/changelog/version-suggester.ts
index 4869fe41ef..6d4a9b9126 100644
--- a/apps/frontend/src/main/changelog/version-suggester.ts
+++ b/apps/frontend/src/main/changelog/version-suggester.ts
@@ -1,9 +1,9 @@
import { spawn } from 'child_process';
-import * as path from 'path';
import * as os from 'os';
import type { GitCommit } from '../../shared/types';
import { getProfileEnv } from '../rate-limit-detector';
import { parsePythonCommand } from '../python-detector';
+import { getAugmentedEnv } from '../env-utils';
interface VersionSuggestion {
version: string;
@@ -215,31 +215,19 @@ except Exception as e:
const homeDir = os.homedir();
const isWindows = process.platform === 'win32';
- // Build PATH with platform-appropriate separator and locations
- const pathAdditions = isWindows
- ? [
- path.join(homeDir, 'AppData', 'Local', 'Programs', 'claude'),
- path.join(homeDir, 'AppData', 'Roaming', 'npm'),
- path.join(homeDir, '.local', 'bin'),
- 'C:\\Program Files\\Claude',
- 'C:\\Program Files (x86)\\Claude'
- ]
- : [
- '/usr/local/bin',
- '/opt/homebrew/bin',
- path.join(homeDir, '.local', 'bin'),
- path.join(homeDir, 'bin')
- ];
+ // Use getAugmentedEnv() to ensure common tool paths are available
+ // even when app is launched from Finder/Dock
+ const augmentedEnv = getAugmentedEnv();
// Get active Claude profile environment
const profileEnv = getProfileEnv();
const spawnEnv: Record = {
- ...process.env as Record,
+ ...augmentedEnv,
...profileEnv,
+ // Ensure critical env vars are set for claude CLI
...(isWindows ? { USERPROFILE: homeDir } : { HOME: homeDir }),
USER: process.env.USER || process.env.USERNAME || 'user',
- PATH: [process.env.PATH || '', ...pathAdditions].filter(Boolean).join(path.delimiter),
PYTHONUNBUFFERED: '1',
PYTHONIOENCODING: 'utf-8',
PYTHONUTF8: '1'
diff --git a/apps/frontend/src/main/claude-cli-utils.ts b/apps/frontend/src/main/claude-cli-utils.ts
new file mode 100644
index 0000000000..49a0c49c71
--- /dev/null
+++ b/apps/frontend/src/main/claude-cli-utils.ts
@@ -0,0 +1,77 @@
+import path from 'path';
+import { getAugmentedEnv, getAugmentedEnvAsync } from './env-utils';
+import { getToolPath, getToolPathAsync } from './cli-tool-manager';
+
+export type ClaudeCliInvocation = {
+ command: string;
+ env: Record;
+};
+
+function ensureCommandDirInPath(command: string, env: Record): Record {
+ if (!path.isAbsolute(command)) {
+ return env;
+ }
+
+ const pathSeparator = process.platform === 'win32' ? ';' : ':';
+ const commandDir = path.dirname(command);
+ const currentPath = env.PATH || '';
+ const pathEntries = currentPath.split(pathSeparator);
+ const normalizedCommandDir = path.normalize(commandDir);
+ const hasCommandDir = process.platform === 'win32'
+ ? pathEntries
+ .map((entry) => path.normalize(entry).toLowerCase())
+ .includes(normalizedCommandDir.toLowerCase())
+ : pathEntries
+ .map((entry) => path.normalize(entry))
+ .includes(normalizedCommandDir);
+
+ if (hasCommandDir) {
+ return env;
+ }
+
+ return {
+ ...env,
+ PATH: [commandDir, currentPath].filter(Boolean).join(pathSeparator),
+ };
+}
+
+/**
+ * Returns the Claude CLI command path and an environment with PATH updated to include the CLI directory.
+ *
+ * WARNING: This function uses synchronous subprocess calls that block the main process.
+ * For use in Electron main process, prefer getClaudeCliInvocationAsync() instead.
+ */
+export function getClaudeCliInvocation(): ClaudeCliInvocation {
+ const command = getToolPath('claude');
+ const env = getAugmentedEnv();
+
+ return {
+ command,
+ env: ensureCommandDirInPath(command, env),
+ };
+}
+
+/**
+ * Returns the Claude CLI command path and environment asynchronously (non-blocking).
+ *
+ * Safe to call from Electron main process without blocking the event loop.
+ * Uses cached values if available for instant response.
+ *
+ * @example
+ * ```typescript
+ * const { command, env } = await getClaudeCliInvocationAsync();
+ * spawn(command, ['--version'], { env });
+ * ```
+ */
+export async function getClaudeCliInvocationAsync(): Promise {
+ // Run both detections in parallel for efficiency
+ const [command, env] = await Promise.all([
+ getToolPathAsync('claude'),
+ getAugmentedEnvAsync(),
+ ]);
+
+ return {
+ command,
+ env: ensureCommandDirInPath(command, env),
+ };
+}
diff --git a/apps/frontend/src/main/claude-profile-manager.ts b/apps/frontend/src/main/claude-profile-manager.ts
index 0f9c88f6d6..f64ef42d81 100644
--- a/apps/frontend/src/main/claude-profile-manager.ts
+++ b/apps/frontend/src/main/claude-profile-manager.ts
@@ -13,7 +13,7 @@
import { app } from 'electron';
import { join } from 'path';
-import { existsSync, mkdirSync } from 'fs';
+import { mkdir } from 'fs/promises';
import type {
ClaudeProfile,
ClaudeProfileSettings,
@@ -32,6 +32,7 @@ import {
} from './claude-profile/rate-limit-manager';
import {
loadProfileStore,
+ loadProfileStoreAsync,
saveProfileStore,
ProfileStoreData,
DEFAULT_AUTO_SWITCH_SETTINGS
@@ -57,19 +58,45 @@ import {
*/
export class ClaudeProfileManager {
private storePath: string;
+ private configDir: string;
private data: ProfileStoreData;
+ private initialized: boolean = false;
constructor() {
- const configDir = join(app.getPath('userData'), 'config');
- this.storePath = join(configDir, 'claude-profiles.json');
+ this.configDir = join(app.getPath('userData'), 'config');
+ this.storePath = join(this.configDir, 'claude-profiles.json');
- // Ensure directory exists
- if (!existsSync(configDir)) {
- mkdirSync(configDir, { recursive: true });
+ // DON'T do file I/O here - defer to async initialize()
+ // Start with default data until initialized
+ this.data = this.createDefaultData();
+ }
+
+ /**
+ * Initialize the profile manager asynchronously (non-blocking)
+ * This should be called at app startup via initializeClaudeProfileManager()
+ */
+ async initialize(): Promise {
+ if (this.initialized) return;
+
+ // Ensure directory exists (async) - mkdir with recursive:true is idempotent
+ await mkdir(this.configDir, { recursive: true });
+
+ // Load existing data asynchronously
+ const loadedData = await loadProfileStoreAsync(this.storePath);
+ if (loadedData) {
+ this.data = loadedData;
}
+ // else: keep the default data from constructor
+
+ this.initialized = true;
+ console.warn('[ClaudeProfileManager] Initialized asynchronously');
+ }
- // Load existing data or initialize with default profile
- this.data = this.load();
+ /**
+ * Check if the profile manager has been initialized
+ */
+ isInitialized(): boolean {
+ return this.initialized;
}
/**
@@ -522,11 +549,13 @@ export class ClaudeProfileManager {
}
}
-// Singleton instance
+// Singleton instance and initialization promise
let profileManager: ClaudeProfileManager | null = null;
+let initPromise: Promise | null = null;
/**
* Get the singleton Claude profile manager instance
+ * Note: For async contexts, prefer initializeClaudeProfileManager() to ensure initialization
*/
export function getClaudeProfileManager(): ClaudeProfileManager {
if (!profileManager) {
@@ -534,3 +563,28 @@ export function getClaudeProfileManager(): ClaudeProfileManager {
}
return profileManager;
}
+
+/**
+ * Initialize and get the singleton Claude profile manager instance (async)
+ * This ensures the profile manager is fully initialized before use.
+ * Uses promise caching to prevent concurrent initialization.
+ */
+export async function initializeClaudeProfileManager(): Promise {
+ if (!profileManager) {
+ profileManager = new ClaudeProfileManager();
+ }
+
+ // If already initialized, return immediately
+ if (profileManager.isInitialized()) {
+ return profileManager;
+ }
+
+ // If initialization is in progress, wait for it (promise caching)
+ if (!initPromise) {
+ initPromise = profileManager.initialize().then(() => {
+ return profileManager!;
+ });
+ }
+
+ return initPromise;
+}
diff --git a/apps/frontend/src/main/claude-profile/profile-storage.ts b/apps/frontend/src/main/claude-profile/profile-storage.ts
index bd5b89c372..a4c825e2f2 100644
--- a/apps/frontend/src/main/claude-profile/profile-storage.ts
+++ b/apps/frontend/src/main/claude-profile/profile-storage.ts
@@ -4,6 +4,7 @@
*/
import { existsSync, readFileSync, writeFileSync } from 'fs';
+import { readFile } from 'fs/promises';
import type { ClaudeProfile, ClaudeAutoSwitchSettings } from '../../shared/types';
export const STORE_VERSION = 3; // Bumped for encrypted token storage
@@ -30,6 +31,42 @@ export interface ProfileStoreData {
autoSwitch?: ClaudeAutoSwitchSettings;
}
+/**
+ * Parse and migrate profile data from JSON.
+ * Handles version migration and date parsing.
+ * Shared helper used by both sync and async loaders.
+ */
+function parseAndMigrateProfileData(data: Record): ProfileStoreData | null {
+ // Handle version migration
+ if (data.version === 1) {
+ // Migrate v1 to v2: add usage and rateLimitEvents fields
+ data.version = STORE_VERSION;
+ data.autoSwitch = DEFAULT_AUTO_SWITCH_SETTINGS;
+ }
+
+ if (data.version === STORE_VERSION) {
+ // Parse dates
+ const profiles = data.profiles as ClaudeProfile[];
+ data.profiles = profiles.map((p: ClaudeProfile) => ({
+ ...p,
+ createdAt: new Date(p.createdAt),
+ lastUsedAt: p.lastUsedAt ? new Date(p.lastUsedAt) : undefined,
+ usage: p.usage ? {
+ ...p.usage,
+ lastUpdated: new Date(p.usage.lastUpdated)
+ } : undefined,
+ rateLimitEvents: p.rateLimitEvents?.map(e => ({
+ ...e,
+ hitAt: new Date(e.hitAt),
+ resetAt: new Date(e.resetAt)
+ }))
+ }));
+ return data as unknown as ProfileStoreData;
+ }
+
+ return null;
+}
+
/**
* Load profiles from disk
*/
@@ -38,32 +75,7 @@ export function loadProfileStore(storePath: string): ProfileStoreData | null {
if (existsSync(storePath)) {
const content = readFileSync(storePath, 'utf-8');
const data = JSON.parse(content);
-
- // Handle version migration
- if (data.version === 1) {
- // Migrate v1 to v2: add usage and rateLimitEvents fields
- data.version = STORE_VERSION;
- data.autoSwitch = DEFAULT_AUTO_SWITCH_SETTINGS;
- }
-
- if (data.version === STORE_VERSION) {
- // Parse dates
- data.profiles = data.profiles.map((p: ClaudeProfile) => ({
- ...p,
- createdAt: new Date(p.createdAt),
- lastUsedAt: p.lastUsedAt ? new Date(p.lastUsedAt) : undefined,
- usage: p.usage ? {
- ...p.usage,
- lastUpdated: new Date(p.usage.lastUpdated)
- } : undefined,
- rateLimitEvents: p.rateLimitEvents?.map(e => ({
- ...e,
- hitAt: new Date(e.hitAt),
- resetAt: new Date(e.resetAt)
- }))
- }));
- return data;
- }
+ return parseAndMigrateProfileData(data);
}
} catch (error) {
console.error('[ProfileStorage] Error loading profiles:', error);
@@ -72,6 +84,27 @@ export function loadProfileStore(storePath: string): ProfileStoreData | null {
return null;
}
+/**
+ * Load profiles from disk (async, non-blocking)
+ * Use this version for initialization to avoid blocking the main process.
+ */
+export async function loadProfileStoreAsync(storePath: string): Promise {
+ try {
+ // Read file directly - avoid TOCTOU race condition by not checking existence first
+ // If file doesn't exist, readFile will throw ENOENT which we handle below
+ const content = await readFile(storePath, 'utf-8');
+ const data = JSON.parse(content);
+ return parseAndMigrateProfileData(data);
+ } catch (error) {
+ // ENOENT is expected if file doesn't exist yet
+ if ((error as NodeJS.ErrnoException).code !== 'ENOENT') {
+ console.error('[ProfileStorage] Error loading profiles:', error);
+ }
+ }
+
+ return null;
+}
+
/**
* Save profiles to disk
*/
diff --git a/apps/frontend/src/main/claude-profile/profile-utils.ts b/apps/frontend/src/main/claude-profile/profile-utils.ts
index 557d8fae0e..80a3c048cb 100644
--- a/apps/frontend/src/main/claude-profile/profile-utils.ts
+++ b/apps/frontend/src/main/claude-profile/profile-utils.ts
@@ -56,7 +56,7 @@ export async function createProfileDirectory(profileName: string): Promise true },
+ * { name: 'v20.0.0', isDirectory: () => true },
+ * { name: '.DS_Store', isDirectory: () => false },
+ * ];
+ * sortNvmVersionDirs(entries); // ['v20.0.0', 'v18.0.0']
+ */
+export function sortNvmVersionDirs(
+ entries: Array<{ name: string; isDirectory(): boolean }>
+): string[] {
+ // Regex to match valid semver directories: v20.0.0, v18.17.1, etc.
+ // This prevents NaN from malformed versions (e.g., v20.abc.1) breaking sort
+ const semverRegex = /^v\d+\.\d+\.\d+$/;
+
+ return entries
+ .filter((entry) => entry.isDirectory() && semverRegex.test(entry.name))
+ .sort((a, b) => {
+ // Parse version numbers: v20.0.0 -> [20, 0, 0]
+ const vA = a.name.slice(1).split('.').map(Number);
+ const vB = b.name.slice(1).split('.').map(Number);
+ // Compare major, minor, patch in order (descending)
+ for (let i = 0; i < 3; i++) {
+ const diff = (vB[i] ?? 0) - (vA[i] ?? 0);
+ if (diff !== 0) return diff;
+ }
+ return 0;
+ })
+ .map((entry) => entry.name);
+}
+
+/**
+ * Build a ToolDetectionResult from a validation result.
+ *
+ * Returns null if validation failed, otherwise constructs the full result object.
+ * This helper consolidates the result-building logic used throughout detection.
+ *
+ * @param claudePath - The path that was validated
+ * @param validation - The validation result from validateClaude/validateClaudeAsync
+ * @param source - The source of detection ('user-config', 'homebrew', 'system-path', 'nvm')
+ * @param messagePrefix - Prefix for the success message (e.g., 'Using Homebrew Claude CLI')
+ * @returns ToolDetectionResult if valid, null if validation failed
+ *
+ * @example
+ * const result = buildClaudeDetectionResult(
+ * '/opt/homebrew/bin/claude',
+ * { valid: true, version: '1.0.0', message: 'OK' },
+ * 'homebrew',
+ * 'Using Homebrew Claude CLI'
+ * );
+ * // Returns: { found: true, path: '/opt/homebrew/bin/claude', version: '1.0.0', ... }
+ */
+export function buildClaudeDetectionResult(
+ claudePath: string,
+ validation: ToolValidation,
+ source: ToolDetectionResult['source'],
+ messagePrefix: string
+): ToolDetectionResult | null {
+ if (!validation.valid) {
+ return null;
+ }
+ return {
+ found: true,
+ path: claudePath,
+ version: validation.version,
+ source,
+ message: `${messagePrefix}: ${claudePath}`,
+ };
+}
+
/**
* Centralized CLI Tool Manager
*
@@ -392,7 +537,40 @@ class CLIToolManager {
}
}
- // 4. Not found - fallback to 'git'
+ // 4. Windows-specific detection using 'where' command (most reliable for custom installs)
+ if (process.platform === 'win32') {
+ // First try 'where' command - finds git regardless of installation location
+ const whereGitPath = findWindowsExecutableViaWhere('git', '[Git]');
+ if (whereGitPath) {
+ const validation = this.validateGit(whereGitPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: whereGitPath,
+ version: validation.version,
+ source: 'system-path',
+ message: `Using Windows Git: ${whereGitPath}`,
+ };
+ }
+ }
+
+ // Fallback to checking common installation paths
+ const windowsPaths = getWindowsExecutablePaths(WINDOWS_GIT_PATHS, '[Git]');
+ for (const winGitPath of windowsPaths) {
+ const validation = this.validateGit(winGitPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: winGitPath,
+ version: validation.version,
+ source: 'system-path',
+ message: `Using Windows Git: ${winGitPath}`,
+ };
+ }
+ }
+ }
+
+ // 5. Not found - fallback to 'git'
return {
found: false,
source: 'fallback',
@@ -512,104 +690,96 @@ class CLIToolManager {
* 1. User configuration (if valid for current platform)
* 2. Homebrew claude (macOS)
* 3. System PATH
- * 4. Windows/macOS/Linux standard locations
+ * 4. Windows where.exe (Windows only - finds executables via PATH + Registry)
+ * 5. NVM paths (Unix only - checks Node.js version managers)
+ * 6. Platform-specific standard locations
*
* @returns Detection result for Claude CLI
*/
private detectClaude(): ToolDetectionResult {
+ const homeDir = os.homedir();
+ const paths = getClaudeDetectionPaths(homeDir);
+
// 1. User configuration
if (this.userConfig.claudePath) {
- // Check if path is from wrong platform (e.g., Windows path on macOS)
if (isWrongPlatformPath(this.userConfig.claudePath)) {
console.warn(
`[Claude CLI] User-configured path is from different platform, ignoring: ${this.userConfig.claudePath}`
);
+ } else if (process.platform === 'win32' && !isSecurePath(this.userConfig.claudePath)) {
+ console.warn(
+ `[Claude CLI] User-configured path failed security validation, ignoring: ${this.userConfig.claudePath}`
+ );
} else {
const validation = this.validateClaude(this.userConfig.claudePath);
- if (validation.valid) {
- return {
- found: true,
- path: this.userConfig.claudePath,
- version: validation.version,
- source: 'user-config',
- message: `Using user-configured Claude CLI: ${this.userConfig.claudePath}`,
- };
- }
- console.warn(
- `[Claude CLI] User-configured path invalid: ${validation.message}`
+ const result = buildClaudeDetectionResult(
+ this.userConfig.claudePath, validation, 'user-config', 'Using user-configured Claude CLI'
);
+ if (result) return result;
+ console.warn(`[Claude CLI] User-configured path invalid: ${validation.message}`);
}
}
// 2. Homebrew (macOS)
if (process.platform === 'darwin') {
- const homebrewPaths = [
- '/opt/homebrew/bin/claude', // Apple Silicon
- '/usr/local/bin/claude', // Intel Mac
- ];
-
- for (const claudePath of homebrewPaths) {
+ for (const claudePath of paths.homebrewPaths) {
if (existsSync(claudePath)) {
const validation = this.validateClaude(claudePath);
- if (validation.valid) {
- return {
- found: true,
- path: claudePath,
- version: validation.version,
- source: 'homebrew',
- message: `Using Homebrew Claude CLI: ${claudePath}`,
- };
- }
+ const result = buildClaudeDetectionResult(claudePath, validation, 'homebrew', 'Using Homebrew Claude CLI');
+ if (result) return result;
}
}
}
// 3. System PATH (augmented)
- const claudePath = findExecutable('claude');
- if (claudePath) {
- const validation = this.validateClaude(claudePath);
- if (validation.valid) {
- return {
- found: true,
- path: claudePath,
- version: validation.version,
- source: 'system-path',
- message: `Using system Claude CLI: ${claudePath}`,
- };
+ const systemClaudePath = findExecutable('claude');
+ if (systemClaudePath) {
+ const validation = this.validateClaude(systemClaudePath);
+ const result = buildClaudeDetectionResult(systemClaudePath, validation, 'system-path', 'Using system Claude CLI');
+ if (result) return result;
+ }
+
+ // 4. Windows where.exe detection (Windows only - most reliable for custom installs)
+ if (process.platform === 'win32') {
+ const whereClaudePath = findWindowsExecutableViaWhere('claude', '[Claude CLI]');
+ if (whereClaudePath) {
+ const validation = this.validateClaude(whereClaudePath);
+ const result = buildClaudeDetectionResult(whereClaudePath, validation, 'system-path', 'Using Windows Claude CLI');
+ if (result) return result;
}
}
- // 4. Platform-specific standard locations
- const homeDir = os.homedir();
- const platformPaths = process.platform === 'win32'
- ? [
- path.join(homeDir, 'AppData', 'Local', 'Programs', 'claude', 'claude.exe'),
- path.join(homeDir, 'AppData', 'Roaming', 'npm', 'claude.cmd'),
- path.join(homeDir, '.local', 'bin', 'claude.exe'),
- 'C:\\Program Files\\Claude\\claude.exe',
- 'C:\\Program Files (x86)\\Claude\\claude.exe',
- ]
- : [
- path.join(homeDir, '.local', 'bin', 'claude'),
- path.join(homeDir, 'bin', 'claude'),
- ];
-
- for (const claudePath of platformPaths) {
+ // 5. NVM paths (Unix only) - check before platform paths for better Node.js integration
+ if (process.platform !== 'win32') {
+ try {
+ if (existsSync(paths.nvmVersionsDir)) {
+ const nodeVersions = readdirSync(paths.nvmVersionsDir, { withFileTypes: true });
+ const versionNames = sortNvmVersionDirs(nodeVersions);
+
+ for (const versionName of versionNames) {
+ const nvmClaudePath = path.join(paths.nvmVersionsDir, versionName, 'bin', 'claude');
+ if (existsSync(nvmClaudePath)) {
+ const validation = this.validateClaude(nvmClaudePath);
+ const result = buildClaudeDetectionResult(nvmClaudePath, validation, 'nvm', 'Using NVM Claude CLI');
+ if (result) return result;
+ }
+ }
+ }
+ } catch (error) {
+ console.warn(`[Claude CLI] Unable to read NVM directory: ${error}`);
+ }
+ }
+
+ // 6. Platform-specific standard locations
+ for (const claudePath of paths.platformPaths) {
if (existsSync(claudePath)) {
const validation = this.validateClaude(claudePath);
- if (validation.valid) {
- return {
- found: true,
- path: claudePath,
- version: validation.version,
- source: 'system-path',
- message: `Using Claude CLI: ${claudePath}`,
- };
- }
+ const result = buildClaudeDetectionResult(claudePath, validation, 'system-path', 'Using Claude CLI');
+ if (result) return result;
}
}
- // 5. Not found
+ // 7. Not found
return {
found: false,
source: 'fallback',
@@ -746,20 +916,30 @@ class CLIToolManager {
*/
private validateClaude(claudeCmd: string): ToolValidation {
try {
- // On Windows, .cmd files need shell: true to execute properly.
- // SECURITY NOTE: shell: true is safe here because:
- // 1. claudeCmd comes from internal path detection (user config or known system paths)
- // 2. Only '--version' is passed as an argument (no user input)
- // If claudeCmd origin ever changes to accept user input, use escapeShellArgWindows.
- const needsShell = process.platform === 'win32' &&
- (claudeCmd.endsWith('.cmd') || claudeCmd.endsWith('.bat'));
-
- const version = execFileSync(claudeCmd, ['--version'], {
- encoding: 'utf-8',
- timeout: 5000,
- windowsHide: true,
- shell: needsShell,
- }).trim();
+ const needsShell = shouldUseShell(claudeCmd);
+
+ let version: string;
+
+ if (needsShell) {
+ // For .cmd/.bat files on Windows, use execSync with quoted path
+ // execFileSync doesn't handle spaces in .cmd paths correctly even with shell:true
+ const quotedCmd = `"${claudeCmd}"`;
+ version = execSync(`${quotedCmd} --version`, {
+ encoding: 'utf-8',
+ timeout: 5000,
+ windowsHide: true,
+ env: getAugmentedEnv(),
+ }).trim();
+ } else {
+ // For .exe files and non-Windows, use execFileSync
+ version = execFileSync(claudeCmd, ['--version'], {
+ encoding: 'utf-8',
+ timeout: 5000,
+ windowsHide: true,
+ shell: false,
+ env: getAugmentedEnv(),
+ }).trim();
+ }
// Claude CLI version output format: "claude-code version X.Y.Z" or similar
const match = version.match(/(\d+\.\d+\.\d+)/);
@@ -778,117 +958,783 @@ class CLIToolManager {
}
}
+ // ============================================================================
+ // ASYNC METHODS - Non-blocking alternatives for Electron main process
+ // ============================================================================
+
/**
- * Get bundled Python path for packaged apps
+ * Get the path for a CLI tool asynchronously (non-blocking)
*
- * Only available in packaged Electron apps where Python is bundled
- * in the resources directory.
+ * Uses cached path if available, otherwise detects asynchronously.
+ * Safe to call from Electron main process without blocking.
*
- * @returns Path to bundled Python or null if not found
+ * @param tool - The CLI tool to get the path for
+ * @returns Promise resolving to the tool path
*/
- private getBundledPythonPath(): string | null {
- if (!app.isPackaged) {
- return null;
+ async getToolPathAsync(tool: CLITool): Promise {
+ // Check cache first (instant return if cached)
+ const cached = this.cache.get(tool);
+ if (cached) {
+ console.warn(
+ `[CLI Tools] Using cached ${tool}: ${cached.path} (${cached.source})`
+ );
+ return cached.path;
}
- const resourcesPath = process.resourcesPath;
- const isWindows = process.platform === 'win32';
-
- const pythonPath = isWindows
- ? path.join(resourcesPath, 'python', 'python.exe')
- : path.join(resourcesPath, 'python', 'bin', 'python3');
+ // Detect asynchronously
+ const result = await this.detectToolPathAsync(tool);
+ if (result.found && result.path) {
+ this.cache.set(tool, {
+ path: result.path,
+ version: result.version,
+ source: result.source,
+ });
+ console.warn(`[CLI Tools] Detected ${tool}: ${result.path} (${result.source})`);
+ return result.path;
+ }
- return existsSync(pythonPath) ? pythonPath : null;
+ // Fallback to tool name (let system PATH resolve it)
+ console.warn(`[CLI Tools] ${tool} not found, using fallback: "${tool}"`);
+ return tool;
}
/**
- * Find Homebrew Python on macOS
- * Delegates to shared utility function.
+ * Detect tool path asynchronously
*
- * @returns Path to Homebrew Python or null if not found
+ * All tools now use async detection methods to prevent blocking the main process.
+ *
+ * @param tool - The tool to detect
+ * @returns Promise resolving to detection result
*/
- private findHomebrewPython(): string | null {
- return findHomebrewPythonUtil(
- (pythonPath) => this.validatePython(pythonPath),
- '[CLI Tools]'
- );
+ private async detectToolPathAsync(tool: CLITool): Promise {
+ switch (tool) {
+ case 'claude':
+ return this.detectClaudeAsync();
+ case 'python':
+ return this.detectPythonAsync();
+ case 'git':
+ return this.detectGitAsync();
+ case 'gh':
+ return this.detectGitHubCLIAsync();
+ default:
+ return {
+ found: false,
+ source: 'fallback',
+ message: `Unknown tool: ${tool}`,
+ };
+ }
}
/**
- * Clear cache manually
+ * Validate Claude CLI asynchronously (non-blocking)
*
- * Useful for testing or forcing re-detection.
- * Normally not needed as cache is cleared automatically on settings change.
+ * @param claudeCmd - The Claude CLI command to validate
+ * @returns Promise resolving to validation result
*/
- clearCache(): void {
- this.cache.clear();
- console.warn('[CLI Tools] Cache cleared');
+ private async validateClaudeAsync(claudeCmd: string): Promise {
+ try {
+ const needsShell = shouldUseShell(claudeCmd);
+
+ let stdout: string;
+
+ if (needsShell) {
+ // For .cmd/.bat files on Windows, use exec with quoted path
+ const quotedCmd = `"${claudeCmd}"`;
+ const result = await execAsync(`${quotedCmd} --version`, {
+ encoding: 'utf-8',
+ timeout: 5000,
+ windowsHide: true,
+ env: await getAugmentedEnvAsync(),
+ });
+ stdout = result.stdout;
+ } else {
+ // For .exe files and non-Windows, use execFileAsync
+ const result = await execFileAsync(claudeCmd, ['--version'], {
+ encoding: 'utf-8',
+ timeout: 5000,
+ windowsHide: true,
+ shell: false,
+ env: await getAugmentedEnvAsync(),
+ });
+ stdout = result.stdout;
+ }
+
+ const version = stdout.trim();
+ const match = version.match(/(\d+\.\d+\.\d+)/);
+ const versionStr = match ? match[1] : version.split('\n')[0];
+
+ return {
+ valid: true,
+ version: versionStr,
+ message: `Claude CLI ${versionStr} is available`,
+ };
+ } catch (error) {
+ return {
+ valid: false,
+ message: `Failed to validate Claude CLI: ${error instanceof Error ? error.message : String(error)}`,
+ };
+ }
}
/**
- * Get tool detection info for diagnostics
- *
- * Performs fresh detection without using cache.
- * Useful for Settings UI to show current detection status.
+ * Validate Python version asynchronously (non-blocking)
*
- * @param tool - The tool to get detection info for
- * @returns Detection result with full metadata
+ * @param pythonCmd - The Python command to validate
+ * @returns Promise resolving to validation result
*/
- getToolInfo(tool: CLITool): ToolDetectionResult {
- return this.detectToolPath(tool);
- }
-}
+ private async validatePythonAsync(pythonCmd: string): Promise {
+ const MINIMUM_VERSION = '3.10.0';
-// Singleton instance
-const cliToolManager = new CLIToolManager();
+ try {
+ const parts = pythonCmd.split(' ');
+ const cmd = parts[0];
+ const args = [...parts.slice(1), '--version'];
-/**
- * Get the path for a CLI tool
- *
- * Convenience function for accessing the tool manager singleton.
- * Uses cached path if available, otherwise auto-detects.
- *
- * @param tool - The CLI tool to get the path for
- * @returns The resolved path to the tool executable
- *
- * @example
- * ```typescript
- * import { getToolPath } from './cli-tool-manager';
- *
- * const pythonPath = getToolPath('python');
- * const gitPath = getToolPath('git');
- * const ghPath = getToolPath('gh');
- *
- * execSync(`${gitPath} status`, { cwd: projectPath });
- * ```
- */
-export function getToolPath(tool: CLITool): string {
- return cliToolManager.getToolPath(tool);
-}
+ const { stdout } = await execFileAsync(cmd, args, {
+ encoding: 'utf-8',
+ timeout: 5000,
+ windowsHide: true,
+ env: await getAugmentedEnvAsync(),
+ });
-/**
- * Configure CLI tools with user settings
- *
- * Call this when user updates CLI tool paths in Settings.
- * Clears cache to force re-detection with new configuration.
- *
- * @param config - User configuration for CLI tool paths
- *
- * @example
- * ```typescript
- * import { configureTools } from './cli-tool-manager';
- *
- * // When settings are loaded or updated
- * configureTools({
- * pythonPath: settings.pythonPath,
- * gitPath: settings.gitPath,
- * githubCLIPath: settings.githubCLIPath,
- * });
- * ```
- */
-export function configureTools(config: ToolConfig): void {
- cliToolManager.configure(config);
-}
+ const version = stdout.trim();
+ const match = version.match(/Python (\d+\.\d+\.\d+)/);
+ if (!match) {
+ return {
+ valid: false,
+ message: 'Unable to detect Python version',
+ };
+ }
+
+ const versionStr = match[1];
+ const [major, minor] = versionStr.split('.').map(Number);
+ const [reqMajor, reqMinor] = MINIMUM_VERSION.split('.').map(Number);
+
+ const meetsRequirement =
+ major > reqMajor || (major === reqMajor && minor >= reqMinor);
+
+ if (!meetsRequirement) {
+ return {
+ valid: false,
+ version: versionStr,
+ message: `Python ${versionStr} is too old. Requires ${MINIMUM_VERSION}+`,
+ };
+ }
+
+ return {
+ valid: true,
+ version: versionStr,
+ message: `Python ${versionStr} meets requirements`,
+ };
+ } catch (error) {
+ return {
+ valid: false,
+ message: `Failed to validate Python: ${error}`,
+ };
+ }
+ }
+
+ /**
+ * Validate Git asynchronously (non-blocking)
+ *
+ * @param gitCmd - The Git command to validate
+ * @returns Promise resolving to validation result
+ */
+ private async validateGitAsync(gitCmd: string): Promise {
+ try {
+ const { stdout } = await execFileAsync(gitCmd, ['--version'], {
+ encoding: 'utf-8',
+ timeout: 5000,
+ windowsHide: true,
+ env: await getAugmentedEnvAsync(),
+ });
+
+ const version = stdout.trim();
+ const match = version.match(/git version (\d+\.\d+\.\d+)/);
+ const versionStr = match ? match[1] : version;
+
+ return {
+ valid: true,
+ version: versionStr,
+ message: `Git ${versionStr} is available`,
+ };
+ } catch (error) {
+ return {
+ valid: false,
+ message: `Failed to validate Git: ${error instanceof Error ? error.message : String(error)}`,
+ };
+ }
+ }
+
+ /**
+ * Validate GitHub CLI asynchronously (non-blocking)
+ *
+ * @param ghCmd - The GitHub CLI command to validate
+ * @returns Promise resolving to validation result
+ */
+ private async validateGitHubCLIAsync(ghCmd: string): Promise {
+ try {
+ const { stdout } = await execFileAsync(ghCmd, ['--version'], {
+ encoding: 'utf-8',
+ timeout: 5000,
+ windowsHide: true,
+ env: await getAugmentedEnvAsync(),
+ });
+
+ const version = stdout.trim();
+ const match = version.match(/gh version (\d+\.\d+\.\d+)/);
+ const versionStr = match ? match[1] : version.split('\n')[0];
+
+ return {
+ valid: true,
+ version: versionStr,
+ message: `GitHub CLI ${versionStr} is available`,
+ };
+ } catch (error) {
+ return {
+ valid: false,
+ message: `Failed to validate GitHub CLI: ${error instanceof Error ? error.message : String(error)}`,
+ };
+ }
+ }
+
+ /**
+ * Detect Claude CLI asynchronously (non-blocking)
+ *
+ * Priority order:
+ * 1. User configuration (if valid for current platform)
+ * 2. Homebrew claude (macOS)
+ * 3. System PATH
+ * 4. Windows where.exe (Windows only - finds executables via PATH + Registry)
+ * 5. NVM paths (Unix only - checks Node.js version managers)
+ * 6. Platform-specific standard locations
+ *
+ * @returns Promise resolving to detection result
+ */
+ private async detectClaudeAsync(): Promise {
+ const homeDir = os.homedir();
+ const paths = getClaudeDetectionPaths(homeDir);
+
+ // 1. User configuration
+ if (this.userConfig.claudePath) {
+ if (isWrongPlatformPath(this.userConfig.claudePath)) {
+ console.warn(
+ `[Claude CLI] User-configured path is from different platform, ignoring: ${this.userConfig.claudePath}`
+ );
+ } else if (process.platform === 'win32' && !isSecurePath(this.userConfig.claudePath)) {
+ console.warn(
+ `[Claude CLI] User-configured path failed security validation, ignoring: ${this.userConfig.claudePath}`
+ );
+ } else {
+ const validation = await this.validateClaudeAsync(this.userConfig.claudePath);
+ const result = buildClaudeDetectionResult(
+ this.userConfig.claudePath, validation, 'user-config', 'Using user-configured Claude CLI'
+ );
+ if (result) return result;
+ console.warn(`[Claude CLI] User-configured path invalid: ${validation.message}`);
+ }
+ }
+
+ // 2. Homebrew (macOS)
+ if (process.platform === 'darwin') {
+ for (const claudePath of paths.homebrewPaths) {
+ if (await existsAsync(claudePath)) {
+ const validation = await this.validateClaudeAsync(claudePath);
+ const result = buildClaudeDetectionResult(claudePath, validation, 'homebrew', 'Using Homebrew Claude CLI');
+ if (result) return result;
+ }
+ }
+ }
+
+ // 3. System PATH (augmented) - using async findExecutable
+ const systemClaudePath = await findExecutableAsync('claude');
+ if (systemClaudePath) {
+ const validation = await this.validateClaudeAsync(systemClaudePath);
+ const result = buildClaudeDetectionResult(systemClaudePath, validation, 'system-path', 'Using system Claude CLI');
+ if (result) return result;
+ }
+
+ // 4. Windows where.exe detection (async, non-blocking)
+ if (process.platform === 'win32') {
+ const whereClaudePath = await findWindowsExecutableViaWhereAsync('claude', '[Claude CLI]');
+ if (whereClaudePath) {
+ const validation = await this.validateClaudeAsync(whereClaudePath);
+ const result = buildClaudeDetectionResult(whereClaudePath, validation, 'system-path', 'Using Windows Claude CLI');
+ if (result) return result;
+ }
+ }
+
+ // 5. NVM paths (Unix only) - check before platform paths for better Node.js integration
+ if (process.platform !== 'win32') {
+ try {
+ if (await existsAsync(paths.nvmVersionsDir)) {
+ const nodeVersions = await fsPromises.readdir(paths.nvmVersionsDir, { withFileTypes: true });
+ const versionNames = sortNvmVersionDirs(nodeVersions);
+
+ for (const versionName of versionNames) {
+ const nvmClaudePath = path.join(paths.nvmVersionsDir, versionName, 'bin', 'claude');
+ if (await existsAsync(nvmClaudePath)) {
+ const validation = await this.validateClaudeAsync(nvmClaudePath);
+ const result = buildClaudeDetectionResult(nvmClaudePath, validation, 'nvm', 'Using NVM Claude CLI');
+ if (result) return result;
+ }
+ }
+ }
+ } catch (error) {
+ console.warn(`[Claude CLI] Unable to read NVM directory: ${error}`);
+ }
+ }
+
+ // 6. Platform-specific standard locations
+ for (const claudePath of paths.platformPaths) {
+ if (await existsAsync(claudePath)) {
+ const validation = await this.validateClaudeAsync(claudePath);
+ const result = buildClaudeDetectionResult(claudePath, validation, 'system-path', 'Using Claude CLI');
+ if (result) return result;
+ }
+ }
+
+ // 7. Not found
+ return {
+ found: false,
+ source: 'fallback',
+ message: 'Claude CLI not found. Install from https://claude.ai/download',
+ };
+ }
+
+ /**
+ * Detect Python asynchronously (non-blocking)
+ *
+ * Same detection logic as detectPython but uses async validation.
+ *
+ * @returns Promise resolving to detection result
+ */
+ private async detectPythonAsync(): Promise {
+ const MINIMUM_VERSION = '3.10.0';
+
+ // 1. User configuration
+ if (this.userConfig.pythonPath) {
+ if (isWrongPlatformPath(this.userConfig.pythonPath)) {
+ console.warn(
+ `[Python] User-configured path is from different platform, ignoring: ${this.userConfig.pythonPath}`
+ );
+ } else {
+ const validation = await this.validatePythonAsync(this.userConfig.pythonPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: this.userConfig.pythonPath,
+ version: validation.version,
+ source: 'user-config',
+ message: `Using user-configured Python: ${this.userConfig.pythonPath}`,
+ };
+ }
+ console.warn(`[Python] User-configured path invalid: ${validation.message}`);
+ }
+ }
+
+ // 2. Bundled Python (packaged apps only)
+ if (app.isPackaged) {
+ const bundledPath = this.getBundledPythonPath();
+ if (bundledPath) {
+ const validation = await this.validatePythonAsync(bundledPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: bundledPath,
+ version: validation.version,
+ source: 'bundled',
+ message: `Using bundled Python: ${bundledPath}`,
+ };
+ }
+ }
+ }
+
+ // 3. Homebrew Python (macOS) - simplified async version
+ if (process.platform === 'darwin') {
+ const homebrewPaths = [
+ '/opt/homebrew/bin/python3',
+ '/opt/homebrew/bin/python3.12',
+ '/opt/homebrew/bin/python3.11',
+ '/opt/homebrew/bin/python3.10',
+ '/usr/local/bin/python3',
+ ];
+ for (const pythonPath of homebrewPaths) {
+ if (await existsAsync(pythonPath)) {
+ const validation = await this.validatePythonAsync(pythonPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: pythonPath,
+ version: validation.version,
+ source: 'homebrew',
+ message: `Using Homebrew Python: ${pythonPath}`,
+ };
+ }
+ }
+ }
+ }
+
+ // 4. System PATH (augmented)
+ const candidates =
+ process.platform === 'win32'
+ ? ['py -3', 'python', 'python3', 'py']
+ : ['python3', 'python'];
+
+ for (const cmd of candidates) {
+ if (cmd.startsWith('py ')) {
+ const validation = await this.validatePythonAsync(cmd);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: cmd,
+ version: validation.version,
+ source: 'system-path',
+ message: `Using system Python: ${cmd}`,
+ };
+ }
+ } else {
+ const pythonPath = await findExecutableAsync(cmd);
+ if (pythonPath) {
+ const validation = await this.validatePythonAsync(pythonPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: pythonPath,
+ version: validation.version,
+ source: 'system-path',
+ message: `Using system Python: ${pythonPath}`,
+ };
+ }
+ }
+ }
+ }
+
+ // 5. Not found
+ return {
+ found: false,
+ source: 'fallback',
+ message:
+ `Python ${MINIMUM_VERSION}+ not found. ` +
+ 'Please install Python or configure in Settings.',
+ };
+ }
+
+ /**
+ * Detect Git asynchronously (non-blocking)
+ *
+ * Same detection logic as detectGit but uses async validation.
+ *
+ * @returns Promise resolving to detection result
+ */
+ private async detectGitAsync(): Promise {
+ // 1. User configuration
+ if (this.userConfig.gitPath) {
+ if (isWrongPlatformPath(this.userConfig.gitPath)) {
+ console.warn(
+ `[Git] User-configured path is from different platform, ignoring: ${this.userConfig.gitPath}`
+ );
+ } else {
+ const validation = await this.validateGitAsync(this.userConfig.gitPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: this.userConfig.gitPath,
+ version: validation.version,
+ source: 'user-config',
+ message: `Using user-configured Git: ${this.userConfig.gitPath}`,
+ };
+ }
+ console.warn(`[Git] User-configured path invalid: ${validation.message}`);
+ }
+ }
+
+ // 2. Homebrew (macOS)
+ if (process.platform === 'darwin') {
+ const homebrewPaths = [
+ '/opt/homebrew/bin/git',
+ '/usr/local/bin/git',
+ ];
+
+ for (const gitPath of homebrewPaths) {
+ if (await existsAsync(gitPath)) {
+ const validation = await this.validateGitAsync(gitPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: gitPath,
+ version: validation.version,
+ source: 'homebrew',
+ message: `Using Homebrew Git: ${gitPath}`,
+ };
+ }
+ }
+ }
+ }
+
+ // 3. System PATH (augmented)
+ const gitPath = await findExecutableAsync('git');
+ if (gitPath) {
+ const validation = await this.validateGitAsync(gitPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: gitPath,
+ version: validation.version,
+ source: 'system-path',
+ message: `Using system Git: ${gitPath}`,
+ };
+ }
+ }
+
+ // 4. Windows-specific detection (async to avoid blocking main process)
+ if (process.platform === 'win32') {
+ const whereGitPath = await findWindowsExecutableViaWhereAsync('git', '[Git]');
+ if (whereGitPath) {
+ const validation = await this.validateGitAsync(whereGitPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: whereGitPath,
+ version: validation.version,
+ source: 'system-path',
+ message: `Using Windows Git: ${whereGitPath}`,
+ };
+ }
+ }
+
+ const windowsPaths = await getWindowsExecutablePathsAsync(WINDOWS_GIT_PATHS, '[Git]');
+ for (const winGitPath of windowsPaths) {
+ const validation = await this.validateGitAsync(winGitPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: winGitPath,
+ version: validation.version,
+ source: 'system-path',
+ message: `Using Windows Git: ${winGitPath}`,
+ };
+ }
+ }
+ }
+
+ // 5. Not found
+ return {
+ found: false,
+ source: 'fallback',
+ message: 'Git not found in standard locations. Using fallback "git".',
+ };
+ }
+
+ /**
+ * Detect GitHub CLI asynchronously (non-blocking)
+ *
+ * Same detection logic as detectGitHubCLI but uses async validation.
+ *
+ * @returns Promise resolving to detection result
+ */
+ private async detectGitHubCLIAsync(): Promise {
+ // 1. User configuration
+ if (this.userConfig.githubCLIPath) {
+ if (isWrongPlatformPath(this.userConfig.githubCLIPath)) {
+ console.warn(
+ `[GitHub CLI] User-configured path is from different platform, ignoring: ${this.userConfig.githubCLIPath}`
+ );
+ } else {
+ const validation = await this.validateGitHubCLIAsync(this.userConfig.githubCLIPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: this.userConfig.githubCLIPath,
+ version: validation.version,
+ source: 'user-config',
+ message: `Using user-configured GitHub CLI: ${this.userConfig.githubCLIPath}`,
+ };
+ }
+ console.warn(`[GitHub CLI] User-configured path invalid: ${validation.message}`);
+ }
+ }
+
+ // 2. Homebrew (macOS)
+ if (process.platform === 'darwin') {
+ const homebrewPaths = [
+ '/opt/homebrew/bin/gh',
+ '/usr/local/bin/gh',
+ ];
+
+ for (const ghPath of homebrewPaths) {
+ if (await existsAsync(ghPath)) {
+ const validation = await this.validateGitHubCLIAsync(ghPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: ghPath,
+ version: validation.version,
+ source: 'homebrew',
+ message: `Using Homebrew GitHub CLI: ${ghPath}`,
+ };
+ }
+ }
+ }
+ }
+
+ // 3. System PATH (augmented)
+ const ghPath = await findExecutableAsync('gh');
+ if (ghPath) {
+ const validation = await this.validateGitHubCLIAsync(ghPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: ghPath,
+ version: validation.version,
+ source: 'system-path',
+ message: `Using system GitHub CLI: ${ghPath}`,
+ };
+ }
+ }
+
+ // 4. Windows Program Files
+ if (process.platform === 'win32') {
+ const windowsPaths = [
+ 'C:\\Program Files\\GitHub CLI\\gh.exe',
+ 'C:\\Program Files (x86)\\GitHub CLI\\gh.exe',
+ ];
+
+ for (const winGhPath of windowsPaths) {
+ if (await existsAsync(winGhPath)) {
+ const validation = await this.validateGitHubCLIAsync(winGhPath);
+ if (validation.valid) {
+ return {
+ found: true,
+ path: winGhPath,
+ version: validation.version,
+ source: 'system-path',
+ message: `Using Windows GitHub CLI: ${winGhPath}`,
+ };
+ }
+ }
+ }
+ }
+
+ // 5. Not found
+ return {
+ found: false,
+ source: 'fallback',
+ message: 'GitHub CLI (gh) not found. Install from https://cli.github.com',
+ };
+ }
+
+ /**
+ * Get bundled Python path for packaged apps
+ *
+ * Only available in packaged Electron apps where Python is bundled
+ * in the resources directory.
+ *
+ * @returns Path to bundled Python or null if not found
+ */
+ private getBundledPythonPath(): string | null {
+ if (!app.isPackaged) {
+ return null;
+ }
+
+ const resourcesPath = process.resourcesPath;
+ const isWindows = process.platform === 'win32';
+
+ const pythonPath = isWindows
+ ? path.join(resourcesPath, 'python', 'python.exe')
+ : path.join(resourcesPath, 'python', 'bin', 'python3');
+
+ return existsSync(pythonPath) ? pythonPath : null;
+ }
+
+ /**
+ * Find Homebrew Python on macOS
+ * Delegates to shared utility function.
+ *
+ * @returns Path to Homebrew Python or null if not found
+ */
+ private findHomebrewPython(): string | null {
+ return findHomebrewPythonUtil(
+ (pythonPath) => this.validatePython(pythonPath),
+ '[CLI Tools]'
+ );
+ }
+
+ /**
+ * Clear cache manually
+ *
+ * Useful for testing or forcing re-detection.
+ * Normally not needed as cache is cleared automatically on settings change.
+ */
+ clearCache(): void {
+ this.cache.clear();
+ console.warn('[CLI Tools] Cache cleared');
+ }
+
+ /**
+ * Get tool detection info for diagnostics
+ *
+ * Performs fresh detection without using cache.
+ * Useful for Settings UI to show current detection status.
+ *
+ * @param tool - The tool to get detection info for
+ * @returns Detection result with full metadata
+ */
+ getToolInfo(tool: CLITool): ToolDetectionResult {
+ return this.detectToolPath(tool);
+ }
+}
+
+// Singleton instance
+const cliToolManager = new CLIToolManager();
+
+/**
+ * Get the path for a CLI tool
+ *
+ * Convenience function for accessing the tool manager singleton.
+ * Uses cached path if available, otherwise auto-detects.
+ *
+ * @param tool - The CLI tool to get the path for
+ * @returns The resolved path to the tool executable
+ *
+ * @example
+ * ```typescript
+ * import { getToolPath } from './cli-tool-manager';
+ *
+ * const pythonPath = getToolPath('python');
+ * const gitPath = getToolPath('git');
+ * const ghPath = getToolPath('gh');
+ *
+ * execSync(`${gitPath} status`, { cwd: projectPath });
+ * ```
+ */
+export function getToolPath(tool: CLITool): string {
+ return cliToolManager.getToolPath(tool);
+}
+
+/**
+ * Configure CLI tools with user settings
+ *
+ * Call this when user updates CLI tool paths in Settings.
+ * Clears cache to force re-detection with new configuration.
+ *
+ * @param config - User configuration for CLI tool paths
+ *
+ * @example
+ * ```typescript
+ * import { configureTools } from './cli-tool-manager';
+ *
+ * // When settings are loaded or updated
+ * configureTools({
+ * pythonPath: settings.pythonPath,
+ * gitPath: settings.gitPath,
+ * githubCLIPath: settings.githubCLIPath,
+ * });
+ * ```
+ */
+export function configureTools(config: ToolConfig): void {
+ cliToolManager.configure(config);
+}
/**
* Get tool detection info for diagnostics
@@ -951,3 +1797,52 @@ export function clearToolCache(): void {
export function isPathFromWrongPlatform(pathStr: string | undefined): boolean {
return isWrongPlatformPath(pathStr);
}
+
+// ============================================================================
+// ASYNC EXPORTS - Non-blocking alternatives for Electron main process
+// ============================================================================
+
+/**
+ * Get the path for a CLI tool asynchronously (non-blocking)
+ *
+ * Safe to call from Electron main process without blocking the event loop.
+ * Uses cached path if available, otherwise detects asynchronously.
+ *
+ * @param tool - The CLI tool to get the path for
+ * @returns Promise resolving to the tool path
+ *
+ * @example
+ * ```typescript
+ * import { getToolPathAsync } from './cli-tool-manager';
+ *
+ * const claudePath = await getToolPathAsync('claude');
+ * ```
+ */
+export async function getToolPathAsync(tool: CLITool): Promise {
+ return cliToolManager.getToolPathAsync(tool);
+}
+
+/**
+ * Pre-warm the CLI tool cache asynchronously
+ *
+ * Call this during app startup to detect tools in the background.
+ * Subsequent calls to getToolPath/getToolPathAsync will use cached values.
+ *
+ * @param tools - Array of tools to pre-warm (defaults to ['claude'])
+ *
+ * @example
+ * ```typescript
+ * import { preWarmToolCache } from './cli-tool-manager';
+ *
+ * // In app startup
+ * app.whenReady().then(() => {
+ * // ... setup code ...
+ * preWarmToolCache(['claude', 'git', 'gh']);
+ * });
+ * ```
+ */
+export async function preWarmToolCache(tools: CLITool[] = ['claude']): Promise {
+ console.warn('[CLI Tools] Pre-warming cache for:', tools.join(', '));
+ await Promise.all(tools.map(tool => cliToolManager.getToolPathAsync(tool)));
+ console.warn('[CLI Tools] Cache pre-warming complete');
+}
diff --git a/apps/frontend/src/main/env-utils.ts b/apps/frontend/src/main/env-utils.ts
index 9a1325ce15..8463a2ace4 100644
--- a/apps/frontend/src/main/env-utils.ts
+++ b/apps/frontend/src/main/env-utils.ts
@@ -12,7 +12,32 @@
import * as os from 'os';
import * as path from 'path';
import * as fs from 'fs';
-import { execFileSync } from 'child_process';
+import { promises as fsPromises } from 'fs';
+import { execFileSync, execFile } from 'child_process';
+import { promisify } from 'util';
+
+const execFileAsync = promisify(execFile);
+
+/**
+ * Check if a path exists asynchronously (non-blocking)
+ *
+ * Uses fs.promises.access which is non-blocking, unlike fs.existsSync.
+ *
+ * @param filePath - The path to check
+ * @returns Promise resolving to true if path exists, false otherwise
+ */
+export async function existsAsync(filePath: string): Promise {
+ try {
+ await fsPromises.access(filePath);
+ return true;
+ } catch {
+ return false;
+ }
+}
+
+// Cache for npm global prefix to avoid repeated async calls
+let npmGlobalPrefixCache: string | null | undefined = undefined;
+let npmGlobalPrefixCachePromise: Promise | null = null;
/**
* Get npm global prefix directory dynamically
@@ -30,10 +55,12 @@ function getNpmGlobalPrefix(): string | null {
// On Windows, use npm.cmd for proper command resolution
const npmCommand = process.platform === 'win32' ? 'npm.cmd' : 'npm';
- const rawPrefix = execFileSync(npmCommand, ['config', 'get', 'prefix'], {
+ // Use --location=global to bypass workspace context and avoid ENOWORKSPACES error
+ const rawPrefix = execFileSync(npmCommand, ['config', 'get', 'prefix', '--location=global'], {
encoding: 'utf-8',
timeout: 3000,
windowsHide: true,
+ cwd: os.homedir(), // Run from home dir to avoid ENOWORKSPACES error in monorepos
shell: process.platform === 'win32', // Enable shell on Windows for .cmd resolution
}).trim();
@@ -60,19 +87,22 @@ function getNpmGlobalPrefix(): string | null {
* Common binary directories that should be in PATH
* These are locations where commonly used tools are installed
*/
-const COMMON_BIN_PATHS: Record = {
+export const COMMON_BIN_PATHS: Record = {
darwin: [
'/opt/homebrew/bin', // Apple Silicon Homebrew
'/usr/local/bin', // Intel Homebrew / system
+ '/usr/local/share/dotnet', // .NET SDK
'/opt/homebrew/sbin', // Apple Silicon Homebrew sbin
'/usr/local/sbin', // Intel Homebrew sbin
'~/.local/bin', // User-local binaries (Claude CLI)
+ '~/.dotnet/tools', // .NET global tools
],
linux: [
'/usr/local/bin',
'/usr/bin', // System binaries (Python, etc.)
'/snap/bin', // Snap packages
'~/.local/bin', // User-local binaries
+ '~/.dotnet/tools', // .NET global tools
'/usr/sbin', // System admin binaries
],
win32: [
@@ -82,6 +112,77 @@ const COMMON_BIN_PATHS: Record = {
],
};
+/**
+ * Essential system directories that must always be in PATH
+ * Required for core system functionality (e.g., /usr/bin/security for Keychain access)
+ */
+const ESSENTIAL_SYSTEM_PATHS: string[] = ['/usr/bin', '/bin', '/usr/sbin', '/sbin'];
+
+/**
+ * Get expanded platform paths for PATH augmentation
+ *
+ * Shared helper used by both sync and async getAugmentedEnv functions.
+ * Expands home directory (~) in paths and returns the list of candidate paths.
+ *
+ * @param additionalPaths - Optional additional paths to include
+ * @returns Array of expanded paths (without existence checking)
+ */
+function getExpandedPlatformPaths(additionalPaths?: string[]): string[] {
+ const platform = process.platform as 'darwin' | 'linux' | 'win32';
+ const homeDir = os.homedir();
+
+ // Get platform-specific paths and expand home directory
+ const platformPaths = COMMON_BIN_PATHS[platform] || [];
+ const expandedPaths = platformPaths.map(p =>
+ p.startsWith('~') ? p.replace('~', homeDir) : p
+ );
+
+ // Add user-requested additional paths (expanded)
+ if (additionalPaths) {
+ for (const p of additionalPaths) {
+ const expanded = p.startsWith('~') ? p.replace('~', homeDir) : p;
+ expandedPaths.push(expanded);
+ }
+ }
+
+ return expandedPaths;
+}
+
+/**
+ * Build augmented PATH by filtering existing paths
+ *
+ * Shared helper that takes candidate paths and a set of current PATH entries,
+ * returning only paths that should be added.
+ *
+ * @param candidatePaths - Array of paths to consider adding
+ * @param currentPathSet - Set of paths already in PATH
+ * @param existingPaths - Array of paths that actually exist on the filesystem
+ * @param npmPrefix - npm global prefix path (or null if not found)
+ * @returns Array of paths to prepend to PATH
+ */
+function buildPathsToAdd(
+ candidatePaths: string[],
+ currentPathSet: Set,
+ existingPaths: Set,
+ npmPrefix: string | null
+): string[] {
+ const pathsToAdd: string[] = [];
+
+ // Add platform-specific paths that exist
+ for (const p of candidatePaths) {
+ if (!currentPathSet.has(p) && existingPaths.has(p)) {
+ pathsToAdd.push(p);
+ }
+ }
+
+ // Add npm global prefix if it exists
+ if (npmPrefix && !currentPathSet.has(npmPrefix) && existingPaths.has(npmPrefix)) {
+ pathsToAdd.push(npmPrefix);
+ }
+
+ return pathsToAdd;
+}
+
/**
* Get augmented environment with additional PATH entries
*
@@ -97,48 +198,44 @@ export function getAugmentedEnv(additionalPaths?: string[]): Record
- p.startsWith('~') ? p.replace('~', homeDir) : p
- );
+ // Get all candidate paths (platform + additional)
+ const candidatePaths = getExpandedPlatformPaths(additionalPaths);
- // Collect paths to add (only if they exist and aren't already in PATH)
- const currentPath = env.PATH || '';
- const currentPathSet = new Set(currentPath.split(pathSeparator));
+ // Ensure PATH has essential system directories when launched from Finder/Dock.
+ // When Electron launches from GUI (not terminal), PATH might be empty or minimal.
+ // The Claude Agent SDK needs /usr/bin/security to access macOS Keychain.
+ let currentPath = env.PATH || '';
- const pathsToAdd: string[] = [];
+ // On macOS/Linux, ensure basic system paths are always present
+ if (platform !== 'win32') {
+ const pathSetForEssentials = new Set(currentPath.split(pathSeparator).filter(Boolean));
+ const missingEssentials = ESSENTIAL_SYSTEM_PATHS.filter(p => !pathSetForEssentials.has(p));
- // Add platform-specific paths
- for (const p of expandedPaths) {
- if (!currentPathSet.has(p) && fs.existsSync(p)) {
- pathsToAdd.push(p);
+ if (missingEssentials.length > 0) {
+ // Append essential paths if missing (append, not prepend, to respect user's PATH)
+ currentPath = currentPath
+ ? `${currentPath}${pathSeparator}${missingEssentials.join(pathSeparator)}`
+ : missingEssentials.join(pathSeparator);
}
}
- // Add npm global prefix dynamically (cross-platform: works with standard npm, nvm, nvm-windows)
+ // Collect paths to add (only if they exist and aren't already in PATH)
+ const currentPathSet = new Set(currentPath.split(pathSeparator).filter(Boolean));
+
+ // Check existence synchronously and build existing paths set
+ const existingPaths = new Set(candidatePaths.filter(p => fs.existsSync(p)));
+
+ // Get npm global prefix dynamically
const npmPrefix = getNpmGlobalPrefix();
- if (npmPrefix && !currentPathSet.has(npmPrefix) && fs.existsSync(npmPrefix)) {
- pathsToAdd.push(npmPrefix);
+ if (npmPrefix && fs.existsSync(npmPrefix)) {
+ existingPaths.add(npmPrefix);
}
- // Add user-requested additional paths
- if (additionalPaths) {
- for (const p of additionalPaths) {
- const expanded = p.startsWith('~') ? p.replace('~', homeDir) : p;
- if (!currentPathSet.has(expanded) && fs.existsSync(expanded)) {
- pathsToAdd.push(expanded);
- }
- }
- }
+ // Build final paths to add using shared helper
+ const pathsToAdd = buildPathsToAdd(candidatePaths, currentPathSet, existingPaths, npmPrefix);
// Prepend new paths to PATH (prepend so they take priority)
- if (pathsToAdd.length > 0) {
- env.PATH = [...pathsToAdd, currentPath].filter(Boolean).join(pathSeparator);
- }
+ env.PATH = [...pathsToAdd, currentPath].filter(Boolean).join(pathSeparator);
return env;
}
@@ -184,3 +281,227 @@ export function findExecutable(command: string): string | null {
export function isCommandAvailable(command: string): boolean {
return findExecutable(command) !== null;
}
+
+// ============================================================================
+// ASYNC VERSIONS - Non-blocking alternatives for Electron main process
+// ============================================================================
+
+/**
+ * Get npm global prefix directory asynchronously (non-blocking)
+ *
+ * Uses caching to avoid repeated subprocess calls. Safe to call from
+ * Electron main process without blocking the event loop.
+ *
+ * @returns Promise resolving to npm global binaries directory, or null
+ */
+async function getNpmGlobalPrefixAsync(): Promise {
+ // Return cached value if available
+ if (npmGlobalPrefixCache !== undefined) {
+ return npmGlobalPrefixCache;
+ }
+
+ // If a fetch is already in progress, wait for it
+ if (npmGlobalPrefixCachePromise) {
+ return npmGlobalPrefixCachePromise;
+ }
+
+ // Start the async fetch
+ npmGlobalPrefixCachePromise = (async () => {
+ try {
+ const npmCommand = process.platform === 'win32' ? 'npm.cmd' : 'npm';
+
+ const { stdout } = await execFileAsync(npmCommand, ['config', 'get', 'prefix', '--location=global'], {
+ encoding: 'utf-8',
+ timeout: 3000,
+ windowsHide: true,
+ cwd: os.homedir(), // Run from home dir to avoid ENOWORKSPACES error in monorepos
+ shell: process.platform === 'win32',
+ });
+
+ const rawPrefix = stdout.trim();
+ if (!rawPrefix) {
+ npmGlobalPrefixCache = null;
+ return null;
+ }
+
+ const binPath = process.platform === 'win32'
+ ? rawPrefix
+ : path.join(rawPrefix, 'bin');
+
+ const normalizedPath = path.normalize(binPath);
+ npmGlobalPrefixCache = await existsAsync(normalizedPath) ? normalizedPath : null;
+ return npmGlobalPrefixCache;
+ } catch (error) {
+ console.warn(`[env-utils] Failed to get npm global prefix: ${error}`);
+ npmGlobalPrefixCache = null;
+ return null;
+ } finally {
+ npmGlobalPrefixCachePromise = null;
+ }
+ })();
+
+ return npmGlobalPrefixCachePromise;
+}
+
+/**
+ * Get augmented environment asynchronously (non-blocking)
+ *
+ * Same as getAugmentedEnv but uses async npm prefix detection.
+ * Safe to call from Electron main process without blocking.
+ *
+ * @param additionalPaths - Optional array of additional paths to include
+ * @returns Promise resolving to environment object with augmented PATH
+ */
+export async function getAugmentedEnvAsync(additionalPaths?: string[]): Promise> {
+ const env = { ...process.env } as Record;
+ const platform = process.platform as 'darwin' | 'linux' | 'win32';
+ const pathSeparator = platform === 'win32' ? ';' : ':';
+
+ // Get all candidate paths (platform + additional)
+ const candidatePaths = getExpandedPlatformPaths(additionalPaths);
+
+ // Ensure essential system paths are present (for macOS Keychain access)
+ let currentPath = env.PATH || '';
+
+ if (platform !== 'win32') {
+ const pathSetForEssentials = new Set(currentPath.split(pathSeparator).filter(Boolean));
+ const missingEssentials = ESSENTIAL_SYSTEM_PATHS.filter(p => !pathSetForEssentials.has(p));
+
+ if (missingEssentials.length > 0) {
+ currentPath = currentPath
+ ? `${currentPath}${pathSeparator}${missingEssentials.join(pathSeparator)}`
+ : missingEssentials.join(pathSeparator);
+ }
+ }
+
+ // Collect paths to add (only if they exist and aren't already in PATH)
+ const currentPathSet = new Set(currentPath.split(pathSeparator).filter(Boolean));
+
+ // Check existence asynchronously in parallel for performance
+ const pathChecks = await Promise.all(
+ candidatePaths.map(async (p) => ({ path: p, exists: await existsAsync(p) }))
+ );
+ const existingPaths = new Set(
+ pathChecks.filter(({ exists }) => exists).map(({ path: p }) => p)
+ );
+
+ // Get npm global prefix dynamically (async - non-blocking)
+ const npmPrefix = await getNpmGlobalPrefixAsync();
+ if (npmPrefix && await existsAsync(npmPrefix)) {
+ existingPaths.add(npmPrefix);
+ }
+
+ // Build final paths to add using shared helper
+ const pathsToAdd = buildPathsToAdd(candidatePaths, currentPathSet, existingPaths, npmPrefix);
+
+ // Prepend new paths to PATH (prepend so they take priority)
+ env.PATH = [...pathsToAdd, currentPath].filter(Boolean).join(pathSeparator);
+
+ return env;
+}
+
+/**
+ * Find the full path to an executable asynchronously (non-blocking)
+ *
+ * Same as findExecutable but uses async environment augmentation.
+ *
+ * @param command - The command name to find (e.g., 'gh', 'git')
+ * @returns Promise resolving to the full path to the executable, or null
+ */
+export async function findExecutableAsync(command: string): Promise {
+ const env = await getAugmentedEnvAsync();
+ const pathSeparator = process.platform === 'win32' ? ';' : ':';
+ const pathDirs = (env.PATH || '').split(pathSeparator);
+
+ const extensions = process.platform === 'win32'
+ ? ['.exe', '.cmd', '.bat', '.ps1', '']
+ : [''];
+
+ for (const dir of pathDirs) {
+ for (const ext of extensions) {
+ const fullPath = path.join(dir, command + ext);
+ if (await existsAsync(fullPath)) {
+ return fullPath;
+ }
+ }
+ }
+
+ return null;
+}
+
+/**
+ * Clear the npm global prefix cache
+ *
+ * Call this if npm configuration changes and you need fresh detection.
+ */
+export function clearNpmPrefixCache(): void {
+ npmGlobalPrefixCache = undefined;
+ npmGlobalPrefixCachePromise = null;
+}
+
+/**
+ * Determine if a command requires shell execution on Windows
+ *
+ * Windows .cmd and .bat files MUST be executed through shell, while .exe files
+ * can be executed directly. This function checks the file extension to determine
+ * the correct execution method.
+ *
+ * @param command - The command path to check
+ * @returns true if shell is required (Windows .cmd/.bat), false otherwise
+ *
+ * @example
+ * ```typescript
+ * shouldUseShell('D:\\nodejs\\claude.cmd') // true
+ * shouldUseShell('C:\\Program Files\\nodejs\\claude.cmd') // true
+ * shouldUseShell('C:\\Windows\\System32\\git.exe') // false
+ * shouldUseShell('/usr/local/bin/claude') // false (non-Windows)
+ * ```
+ */
+export function shouldUseShell(command: string): boolean {
+ // Only Windows needs special handling for .cmd/.bat files
+ if (process.platform !== 'win32') {
+ return false;
+ }
+
+ // Check if command ends with .cmd or .bat (case-insensitive)
+ return /\.(cmd|bat)$/i.test(command);
+}
+
+/**
+ * Get spawn options with correct shell setting for Windows compatibility
+ *
+ * Provides a consistent way to create spawn options that work across platforms.
+ * Handles the shell requirement for Windows .cmd/.bat files automatically.
+ *
+ * @param command - The command path to execute
+ * @param baseOptions - Base spawn options to merge with (optional)
+ * @returns Spawn options with correct shell setting
+ *
+ * @example
+ * ```typescript
+ * const opts = getSpawnOptions(claudeCmd, { cwd: '/project', env: {...} });
+ * spawn(claudeCmd, ['--version'], opts);
+ * ```
+ */
+export function getSpawnOptions(
+ command: string,
+ baseOptions?: {
+ cwd?: string;
+ env?: Record;
+ timeout?: number;
+ windowsHide?: boolean;
+ stdio?: 'inherit' | 'pipe' | Array<'inherit' | 'pipe'>;
+ }
+): {
+ cwd?: string;
+ env?: Record;
+ shell: boolean;
+ timeout?: number;
+ windowsHide?: boolean;
+ stdio?: 'inherit' | 'pipe' | Array<'inherit' | 'pipe'>;
+} {
+ return {
+ ...baseOptions,
+ shell: shouldUseShell(command),
+ };
+}
diff --git a/apps/frontend/src/main/index.ts b/apps/frontend/src/main/index.ts
index 7cd856a0fe..8ee2eaf76c 100644
--- a/apps/frontend/src/main/index.ts
+++ b/apps/frontend/src/main/index.ts
@@ -1,6 +1,28 @@
-import { app, BrowserWindow, shell, nativeImage } from 'electron';
+// Load .env file FIRST before any other imports that might use process.env
+import { config } from 'dotenv';
+import { resolve, dirname } from 'path';
+import { existsSync } from 'fs';
+
+// Load .env from apps/frontend directory
+// In development: __dirname is out/main (compiled), so go up 2 levels
+// In production: app resources directory
+const possibleEnvPaths = [
+ resolve(__dirname, '../../.env'), // Development: out/main -> apps/frontend/.env
+ resolve(__dirname, '../../../.env'), // Alternative: might be in different location
+ resolve(process.cwd(), 'apps/frontend/.env'), // Fallback: from workspace root
+];
+
+for (const envPath of possibleEnvPaths) {
+ if (existsSync(envPath)) {
+ config({ path: envPath });
+ console.log(`[dotenv] Loaded environment from: ${envPath}`);
+ break;
+ }
+}
+
+import { app, BrowserWindow, shell, nativeImage, session, screen } from 'electron';
import { join } from 'path';
-import { accessSync, readFileSync, writeFileSync } from 'fs';
+import { accessSync, readFileSync, writeFileSync, rmSync } from 'fs';
import { electronApp, optimizer, is } from '@electron-toolkit/utils';
import { setupIpcHandlers } from './ipc-setup';
import { AgentManager } from './agent';
@@ -12,11 +34,34 @@ import { initializeAppUpdater } from './app-updater';
import { DEFAULT_APP_SETTINGS } from '../shared/constants';
import { readSettingsFile } from './settings-utils';
import { setupErrorLogging } from './app-logger';
+import { initSentryMain } from './sentry';
+import { preWarmToolCache } from './cli-tool-manager';
+import { initializeClaudeProfileManager } from './claude-profile-manager';
import type { AppSettings } from '../shared/types';
+// ─────────────────────────────────────────────────────────────────────────────
+// Window sizing constants
+// ─────────────────────────────────────────────────────────────────────────────
+/** Preferred window width on startup */
+const WINDOW_PREFERRED_WIDTH: number = 1400;
+/** Preferred window height on startup */
+const WINDOW_PREFERRED_HEIGHT: number = 900;
+/** Absolute minimum window width (supports high DPI displays with scaling) */
+const WINDOW_MIN_WIDTH: number = 800;
+/** Absolute minimum window height (supports high DPI displays with scaling) */
+const WINDOW_MIN_HEIGHT: number = 500;
+/** Margin from screen edges to avoid edge-to-edge windows */
+const WINDOW_SCREEN_MARGIN: number = 20;
+/** Default screen dimensions used as fallback when screen.getPrimaryDisplay() fails */
+const DEFAULT_SCREEN_WIDTH: number = 1920;
+const DEFAULT_SCREEN_HEIGHT: number = 1080;
+
// Setup error logging early (captures uncaught exceptions)
setupErrorLogging();
+// Initialize Sentry for error tracking (respects user's sentryEnabled setting)
+initSentryMain();
+
/**
* Load app settings synchronously (for use during startup).
* This is a simple merge with defaults - no migrations or auto-detection.
@@ -26,6 +71,32 @@ function loadSettingsSync(): AppSettings {
return { ...DEFAULT_APP_SETTINGS, ...savedSettings } as AppSettings;
}
+/**
+ * Clean up stale update metadata files from the redundant source updater system.
+ *
+ * The old "source updater" wrote .update-metadata.json files that could persist
+ * across app updates and cause version display desync. This cleanup ensures
+ * we use the actual bundled version from app.getVersion().
+ */
+function cleanupStaleUpdateMetadata(): void {
+ const userData = app.getPath('userData');
+ const stalePaths = [
+ join(userData, 'auto-claude-source'),
+ join(userData, 'backend-source'),
+ ];
+
+ for (const stalePath of stalePaths) {
+ if (existsSync(stalePath)) {
+ try {
+ rmSync(stalePath, { recursive: true, force: true });
+ console.warn(`[main] Cleaned up stale update metadata: ${stalePath}`);
+ } catch (e) {
+ console.warn(`[main] Failed to clean up stale metadata at ${stalePath}:`, e);
+ }
+ }
+ }
+}
+
// Get icon path based on platform
function getIconPath(): string {
// In dev mode, __dirname is out/main, so we go up to project root then into resources
@@ -54,12 +125,51 @@ let agentManager: AgentManager | null = null;
let terminalManager: TerminalManager | null = null;
function createWindow(): void {
+ // Get the primary display's work area (accounts for taskbar, dock, etc.)
+ // Wrapped in try/catch to handle potential failures with fallback to safe defaults
+ let workAreaSize: { width: number; height: number };
+ try {
+ const display = screen.getPrimaryDisplay();
+ // Validate the returned object has expected structure with valid dimensions
+ if (
+ display &&
+ display.workAreaSize &&
+ typeof display.workAreaSize.width === 'number' &&
+ typeof display.workAreaSize.height === 'number' &&
+ display.workAreaSize.width > 0 &&
+ display.workAreaSize.height > 0
+ ) {
+ workAreaSize = display.workAreaSize;
+ } else {
+ console.error(
+ '[main] screen.getPrimaryDisplay() returned unexpected structure:',
+ JSON.stringify(display)
+ );
+ workAreaSize = { width: DEFAULT_SCREEN_WIDTH, height: DEFAULT_SCREEN_HEIGHT };
+ }
+ } catch (error: unknown) {
+ console.error('[main] Failed to get primary display, using fallback dimensions:', error);
+ workAreaSize = { width: DEFAULT_SCREEN_WIDTH, height: DEFAULT_SCREEN_HEIGHT };
+ }
+
+ // Calculate available space with a small margin to avoid edge-to-edge windows
+ const availableWidth: number = workAreaSize.width - WINDOW_SCREEN_MARGIN;
+ const availableHeight: number = workAreaSize.height - WINDOW_SCREEN_MARGIN;
+
+ // Calculate actual dimensions (preferred, but capped to margin-adjusted available space)
+ const width: number = Math.min(WINDOW_PREFERRED_WIDTH, availableWidth);
+ const height: number = Math.min(WINDOW_PREFERRED_HEIGHT, availableHeight);
+
+ // Ensure minimum dimensions don't exceed the actual initial window size
+ const minWidth: number = Math.min(WINDOW_MIN_WIDTH, width);
+ const minHeight: number = Math.min(WINDOW_MIN_HEIGHT, height);
+
// Create the browser window
mainWindow = new BrowserWindow({
- width: 1400,
- height: 900,
- minWidth: 1000,
- minHeight: 700,
+ width,
+ height,
+ minWidth,
+ minHeight,
show: false,
autoHideMenuBar: true,
titleBarStyle: 'hiddenInset',
@@ -110,11 +220,29 @@ if (process.platform === 'darwin') {
app.name = 'Auto Claude';
}
+// Fix Windows GPU cache permission errors (0x5 Access Denied)
+if (process.platform === 'win32') {
+ app.commandLine.appendSwitch('disable-gpu-shader-disk-cache');
+ app.commandLine.appendSwitch('disable-gpu-program-cache');
+ console.log('[main] Applied Windows GPU cache fixes');
+}
+
// Initialize the application
app.whenReady().then(() => {
// Set app user model id for Windows
electronApp.setAppUserModelId('com.autoclaude.ui');
+ // Clear cache on Windows to prevent permission errors from stale cache
+ if (process.platform === 'win32') {
+ session.defaultSession.clearCache()
+ .then(() => console.log('[main] Cleared cache on startup'))
+ .catch((err) => console.warn('[main] Failed to clear cache:', err));
+ }
+
+ // Clean up stale update metadata from the old source updater system
+ // This prevents version display desync after electron-updater installs a new version
+ cleanupStaleUpdateMetadata();
+
// Set dock icon on macOS
if (process.platform === 'darwin') {
const iconPath = getIconPath();
@@ -222,6 +350,23 @@ app.whenReady().then(() => {
// Create window
createWindow();
+ // Pre-warm CLI tool cache in background (non-blocking)
+ // This ensures CLI detection is done before user needs it
+ // Include all commonly used tools to prevent sync blocking on first use
+ setImmediate(() => {
+ preWarmToolCache(['claude', 'git', 'gh', 'python']).catch((error) => {
+ console.warn('[main] Failed to pre-warm CLI cache:', error);
+ });
+ });
+
+ // Pre-initialize Claude profile manager in background (non-blocking)
+ // This ensures profile data is loaded before user clicks "Start Claude Code"
+ setImmediate(() => {
+ initializeClaudeProfileManager().catch((error) => {
+ console.warn('[main] Failed to pre-initialize profile manager:', error);
+ });
+ });
+
// Initialize usage monitoring after window is created
if (mainWindow) {
// Setup event forwarding from usage monitor to renderer
diff --git a/apps/frontend/src/main/insights/config.ts b/apps/frontend/src/main/insights/config.ts
index 0ca1609c13..97e8a9a28d 100644
--- a/apps/frontend/src/main/insights/config.ts
+++ b/apps/frontend/src/main/insights/config.ts
@@ -1,9 +1,12 @@
import path from 'path';
import { existsSync, readFileSync } from 'fs';
-import { app } from 'electron';
import { getProfileEnv } from '../rate-limit-detector';
+import { getAPIProfileEnv } from '../services/profile';
+import { getOAuthModeClearVars } from '../agent/env-utils';
+import { pythonEnvManager, getConfiguredPythonPath } from '../python-env-manager';
import { getValidatedPythonPath } from '../python-detector';
-import { getConfiguredPythonPath } from '../python-env-manager';
+import { getAugmentedEnv } from '../env-utils';
+import { getEffectiveSourcePath } from '../updater/path-resolver';
/**
* Configuration manager for insights service
@@ -40,24 +43,23 @@ export class InsightsConfig {
/**
* Get the auto-claude source path (detects automatically if not configured)
+ * Uses getEffectiveSourcePath() which handles userData override for user-updated backend
*/
getAutoBuildSourcePath(): string | null {
if (this.autoBuildSourcePath && existsSync(this.autoBuildSourcePath)) {
return this.autoBuildSourcePath;
}
- const possiblePaths = [
- // Apps structure: from out/main -> apps/backend
- path.resolve(__dirname, '..', '..', '..', 'backend'),
- path.resolve(app.getAppPath(), '..', 'backend'),
- path.resolve(process.cwd(), 'apps', 'backend')
- ];
-
- for (const p of possiblePaths) {
- if (existsSync(p) && existsSync(path.join(p, 'runners', 'spec_runner.py'))) {
- return p;
- }
+ // Use shared path resolver which handles:
+ // 1. User settings (autoBuildPath)
+ // 2. userData override (backend-source) for user-updated backend
+ // 3. Bundled backend (process.resourcesPath/backend)
+ // 4. Development paths
+ const effectivePath = getEffectiveSourcePath();
+ if (existsSync(effectivePath) && existsSync(path.join(effectivePath, 'runners', 'spec_runner.py'))) {
+ return effectivePath;
}
+
return null;
}
@@ -104,17 +106,51 @@ export class InsightsConfig {
* Get complete environment for process execution
* Includes system env, auto-claude env, and active Claude profile
*/
- getProcessEnv(): Record {
+ async getProcessEnv(): Promise> {
const autoBuildEnv = this.loadAutoBuildEnv();
const profileEnv = getProfileEnv();
+ const apiProfileEnv = await getAPIProfileEnv();
+ const oauthModeClearVars = getOAuthModeClearVars(apiProfileEnv);
+ const pythonEnv = pythonEnvManager.getPythonEnv();
+ const autoBuildSource = this.getAutoBuildSourcePath();
+ const pythonPathParts = (pythonEnv.PYTHONPATH ?? '')
+ .split(path.delimiter)
+ .map((entry) => entry.trim())
+ .filter(Boolean)
+ .map((entry) => path.resolve(entry));
+
+ if (autoBuildSource) {
+ const normalizedAutoBuildSource = path.resolve(autoBuildSource);
+ const autoBuildComparator = process.platform === 'win32'
+ ? normalizedAutoBuildSource.toLowerCase()
+ : normalizedAutoBuildSource;
+ const hasAutoBuildSource = pythonPathParts.some((entry) => {
+ const candidate = process.platform === 'win32' ? entry.toLowerCase() : entry;
+ return candidate === autoBuildComparator;
+ });
+
+ if (!hasAutoBuildSource) {
+ pythonPathParts.push(normalizedAutoBuildSource);
+ }
+ }
+
+ const combinedPythonPath = pythonPathParts.join(path.delimiter);
+
+ // Use getAugmentedEnv() to ensure common tool paths (claude, dotnet, etc.)
+ // are available even when app is launched from Finder/Dock.
+ const augmentedEnv = getAugmentedEnv();
return {
- ...process.env as Record,
+ ...augmentedEnv,
+ ...pythonEnv, // Include PYTHONPATH for bundled site-packages
...autoBuildEnv,
+ ...oauthModeClearVars,
...profileEnv,
+ ...apiProfileEnv,
PYTHONUNBUFFERED: '1',
PYTHONIOENCODING: 'utf-8',
- PYTHONUTF8: '1'
+ PYTHONUTF8: '1',
+ ...(combinedPythonPath ? { PYTHONPATH: combinedPythonPath } : {})
};
}
}
diff --git a/apps/frontend/src/main/insights/insights-executor.ts b/apps/frontend/src/main/insights/insights-executor.ts
index d5565620fe..0c349b3480 100644
--- a/apps/frontend/src/main/insights/insights-executor.ts
+++ b/apps/frontend/src/main/insights/insights-executor.ts
@@ -85,7 +85,7 @@ export class InsightsExecutor extends EventEmitter {
} as InsightsChatStatus);
// Get process environment
- const processEnv = this.config.getProcessEnv();
+ const processEnv = await this.config.getProcessEnv();
// Write conversation history to temp file to avoid Windows command-line length limit
const historyFile = path.join(
@@ -130,6 +130,7 @@ export class InsightsExecutor extends EventEmitter {
let suggestedTask: InsightsChatMessage['suggestedTask'] | undefined;
const toolsUsed: InsightsToolUsage[] = [];
let allInsightsOutput = '';
+ let stderrOutput = '';
proc.stdout?.on('data', (data: Buffer) => {
const text = data.toString();
@@ -159,8 +160,9 @@ export class InsightsExecutor extends EventEmitter {
proc.stderr?.on('data', (data: Buffer) => {
const text = data.toString();
- // Collect stderr for rate limit detection too
+ // Collect stderr for rate limit detection and error reporting
allInsightsOutput = (allInsightsOutput + text).slice(-10000);
+ stderrOutput = (stderrOutput + text).slice(-2000);
console.error('[Insights]', text);
});
@@ -196,7 +198,11 @@ export class InsightsExecutor extends EventEmitter {
toolsUsed
});
} else {
- const error = `Process exited with code ${code}`;
+ // Include stderr output in error message for debugging
+ const stderrSummary = stderrOutput.trim()
+ ? `\n\nError output:\n${stderrOutput.slice(-500)}`
+ : '';
+ const error = `Process exited with code ${code}${stderrSummary}`;
this.emit('stream-chunk', projectId, {
type: 'error',
error
diff --git a/apps/frontend/src/main/ipc-handlers/agent-events-handlers.ts b/apps/frontend/src/main/ipc-handlers/agent-events-handlers.ts
index cbe4a67b68..8a87872445 100644
--- a/apps/frontend/src/main/ipc-handlers/agent-events-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/agent-events-handlers.ts
@@ -1,6 +1,8 @@
import type { BrowserWindow } from 'electron';
import path from 'path';
-import { IPC_CHANNELS, getSpecsDir, AUTO_BUILD_PATHS } from '../../shared/constants';
+import { existsSync } from 'fs';
+import { IPC_CHANNELS, AUTO_BUILD_PATHS, getSpecsDir } from '../../shared/constants';
+import { wouldPhaseRegress, isTerminalPhase, isValidExecutionPhase, type ExecutionPhase } from '../../shared/constants/phase-protocol';
import type {
SDKRateLimitInfo,
Task,
@@ -15,6 +17,56 @@ import { fileWatcher } from '../file-watcher';
import { projectStore } from '../project-store';
import { notificationService } from '../notification-service';
import { persistPlanStatusSync, getPlanPath } from './task/plan-file-utils';
+import { findTaskWorktree } from '../worktree-paths';
+import { findTaskAndProject } from './task/shared';
+
+
+/**
+ * Validates status transitions to prevent invalid state changes.
+ * FIX (ACS-55, ACS-71): Adds guardrails against bad status transitions.
+ * FIX (PR Review): Uses comprehensive wouldPhaseRegress() utility instead of hardcoded checks.
+ *
+ * @param task - The current task (may be undefined if not found)
+ * @param newStatus - The proposed new status
+ * @param phase - The execution phase that triggered this transition
+ * @returns true if transition is valid, false if it should be blocked
+ */
+function validateStatusTransition(
+ task: Task | undefined,
+ newStatus: TaskStatus,
+ phase: string
+): boolean {
+ // Can't validate without task data - allow the transition
+ if (!task) return true;
+
+ // Don't allow human_review without subtasks
+ // This prevents tasks from jumping to review before planning is complete
+ if (newStatus === 'human_review' && (!task.subtasks || task.subtasks.length === 0)) {
+ console.warn(`[validateStatusTransition] Blocking human_review - task ${task.id} has no subtasks (phase: ${phase})`);
+ return false;
+ }
+
+ // FIX (PR Review): Use comprehensive phase regression check instead of hardcoded checks
+ // This handles all phase regressions (qa_review→coding, complete→coding, etc.)
+ // not just the specific coding→planning case
+ const currentPhase = task.executionProgress?.phase;
+ if (currentPhase && isValidExecutionPhase(currentPhase) && isValidExecutionPhase(phase)) {
+ // Block transitions from terminal phases (complete/failed)
+ if (isTerminalPhase(currentPhase)) {
+ console.warn(`[validateStatusTransition] Blocking transition from terminal phase: ${currentPhase} for task ${task.id}`);
+ return false;
+ }
+
+ // Block any phase regression (going backwards in the workflow)
+ // Note: Cast phase to ExecutionPhase since isValidExecutionPhase() type guard doesn't narrow through function calls
+ if (wouldPhaseRegress(currentPhase, phase as ExecutionPhase)) {
+ console.warn(`[validateStatusTransition] Blocking phase regression: ${currentPhase} -> ${phase} for task ${task.id}`);
+ return false;
+ }
+ }
+
+ return true;
+}
/**
@@ -31,14 +83,18 @@ export function registerAgenteventsHandlers(
agentManager.on('log', (taskId: string, log: string) => {
const mainWindow = getMainWindow();
if (mainWindow) {
- mainWindow.webContents.send(IPC_CHANNELS.TASK_LOG, taskId, log);
+ // Include projectId for multi-project filtering (issue #723)
+ const { project } = findTaskAndProject(taskId);
+ mainWindow.webContents.send(IPC_CHANNELS.TASK_LOG, taskId, log, project?.id);
}
});
agentManager.on('error', (taskId: string, error: string) => {
const mainWindow = getMainWindow();
if (mainWindow) {
- mainWindow.webContents.send(IPC_CHANNELS.TASK_ERROR, taskId, error);
+ // Include projectId for multi-project filtering (issue #723)
+ const { project } = findTaskAndProject(taskId);
+ mainWindow.webContents.send(IPC_CHANNELS.TASK_ERROR, taskId, error, project?.id);
}
});
@@ -61,11 +117,15 @@ export function registerAgenteventsHandlers(
agentManager.on('exit', (taskId: string, code: number | null, processType: ProcessType) => {
const mainWindow = getMainWindow();
if (mainWindow) {
+ // Get project info early for multi-project filtering (issue #723)
+ const { project: exitProject } = findTaskAndProject(taskId);
+ const exitProjectId = exitProject?.id;
+
// Send final plan state to renderer BEFORE unwatching
// This ensures the renderer has the final subtask data (fixes 0/0 subtask bug)
const finalPlan = fileWatcher.getCurrentPlan(taskId);
if (finalPlan) {
- mainWindow.webContents.send(IPC_CHANNELS.TASK_PROGRESS, taskId, finalPlan);
+ mainWindow.webContents.send(IPC_CHANNELS.TASK_PROGRESS, taskId, finalPlan, exitProjectId);
}
fileWatcher.unwatch(taskId);
@@ -81,6 +141,12 @@ export function registerAgenteventsHandlers(
try {
const projects = projectStore.getProjects();
+ // IMPORTANT: Invalidate cache for all projects to ensure we get fresh data
+ // This prevents race conditions where cached task data has stale status
+ for (const p of projects) {
+ projectStore.invalidateTasksCache(p.id);
+ }
+
for (const p of projects) {
const tasks = projectStore.getTasks(p.id);
task = tasks.find((t) => t.id === taskId || t.specId === taskId);
@@ -92,42 +158,79 @@ export function registerAgenteventsHandlers(
if (task && project) {
const taskTitle = task.title || task.specId;
- const planPath = getPlanPath(project, task);
+ const mainPlanPath = getPlanPath(project, task);
+ const projectId = project.id; // Capture for closure
+
+ // Capture task values for closure
+ const taskSpecId = task.specId;
+ const projectPath = project.path;
+ const autoBuildPath = project.autoBuildPath;
// Use shared utility for persisting status (prevents race conditions)
+ // Persist to both main project AND worktree (if exists) for consistency
const persistStatus = (status: TaskStatus) => {
- const persisted = persistPlanStatusSync(planPath, status);
- if (persisted) {
- console.log(`[Task ${taskId}] Persisted status to plan: ${status}`);
+ // Persist to main project
+ const mainPersisted = persistPlanStatusSync(mainPlanPath, status, projectId);
+ if (mainPersisted) {
+ console.warn(`[Task ${taskId}] Persisted status to main plan: ${status}`);
+ }
+
+ // Also persist to worktree if it exists
+ const worktreePath = findTaskWorktree(projectPath, taskSpecId);
+ if (worktreePath) {
+ const specsBaseDir = getSpecsDir(autoBuildPath);
+ const worktreePlanPath = path.join(
+ worktreePath,
+ specsBaseDir,
+ taskSpecId,
+ AUTO_BUILD_PATHS.IMPLEMENTATION_PLAN
+ );
+ if (existsSync(worktreePlanPath)) {
+ const worktreePersisted = persistPlanStatusSync(worktreePlanPath, status, projectId);
+ if (worktreePersisted) {
+ console.warn(`[Task ${taskId}] Persisted status to worktree plan: ${status}`);
+ }
+ }
}
};
if (code === 0) {
notificationService.notifyReviewNeeded(taskTitle, project.id, taskId);
-
+
// Fallback: Ensure status is updated even if COMPLETE phase event was missed
// This prevents tasks from getting stuck in ai_review status
- // Uses inverted logic to also handle tasks with no subtasks (treats them as complete)
+ // FIX (ACS-71): Only move to human_review if subtasks exist AND are all completed
+ // If no subtasks exist, the task is still in planning and shouldn't move to human_review
const isActiveStatus = task.status === 'in_progress' || task.status === 'ai_review';
- const hasIncompleteSubtasks = task.subtasks && task.subtasks.length > 0 &&
+ const hasSubtasks = task.subtasks && task.subtasks.length > 0;
+ const hasIncompleteSubtasks = hasSubtasks &&
task.subtasks.some((s) => s.status !== 'completed');
-
- if (isActiveStatus && !hasIncompleteSubtasks) {
- console.log(`[Task ${taskId}] Fallback: Moving to human_review (process exited successfully)`);
+
+ if (isActiveStatus && hasSubtasks && !hasIncompleteSubtasks) {
+ // All subtasks completed - safe to move to human_review
+ console.warn(`[Task ${taskId}] Fallback: Moving to human_review (process exited successfully, all ${task.subtasks.length} subtasks completed)`);
persistStatus('human_review');
+ // Include projectId for multi-project filtering (issue #723)
mainWindow.webContents.send(
IPC_CHANNELS.TASK_STATUS_CHANGE,
taskId,
- 'human_review' as TaskStatus
+ 'human_review' as TaskStatus,
+ projectId
);
+ } else if (isActiveStatus && !hasSubtasks) {
+ // No subtasks yet - task is still in planning phase, don't change status
+ // This prevents the bug where tasks jump to human_review before planning completes
+ console.warn(`[Task ${taskId}] Process exited but no subtasks created yet - keeping current status (${task.status})`);
}
} else {
notificationService.notifyTaskFailed(taskTitle, project.id, taskId);
persistStatus('human_review');
+ // Include projectId for multi-project filtering (issue #723)
mainWindow.webContents.send(
IPC_CHANNELS.TASK_STATUS_CHANGE,
taskId,
- 'human_review' as TaskStatus
+ 'human_review' as TaskStatus,
+ projectId
);
}
}
@@ -140,7 +243,12 @@ export function registerAgenteventsHandlers(
agentManager.on('execution-progress', (taskId: string, progress: ExecutionProgressData) => {
const mainWindow = getMainWindow();
if (mainWindow) {
- mainWindow.webContents.send(IPC_CHANNELS.TASK_EXECUTION_PROGRESS, taskId, progress);
+ // Use shared helper to find task and project (issue #723 - deduplicate lookup)
+ const { task, project } = findTaskAndProject(taskId);
+ const taskProjectId = project?.id;
+
+ // Include projectId in execution progress event for multi-project filtering
+ mainWindow.webContents.send(IPC_CHANNELS.TASK_EXECUTION_PROGRESS, taskId, progress, taskProjectId);
const phaseToStatus: Record = {
'idle': null,
@@ -153,31 +261,47 @@ export function registerAgenteventsHandlers(
};
const newStatus = phaseToStatus[progress.phase];
- if (newStatus) {
+ // FIX (ACS-55, ACS-71): Validate status transition before sending/persisting
+ if (newStatus && validateStatusTransition(task, newStatus, progress.phase)) {
+ // Include projectId in status change event for multi-project filtering
mainWindow.webContents.send(
IPC_CHANNELS.TASK_STATUS_CHANGE,
taskId,
- newStatus
+ newStatus,
+ taskProjectId
);
- // CRITICAL: Persist status to plan file to prevent flip-flop on task list refresh
+ // CRITICAL: Persist status to plan file(s) to prevent flip-flop on task list refresh
// When getTasks() is called, it reads status from the plan file. Without persisting,
// the status in the file might differ from the UI, causing inconsistent state.
// Uses shared utility with locking to prevent race conditions.
- try {
- const projects = projectStore.getProjects();
- for (const p of projects) {
- const tasks = projectStore.getTasks(p.id);
- const task = tasks.find((t) => t.id === taskId || t.specId === taskId);
- if (task) {
- const planPath = getPlanPath(p, task);
- persistPlanStatusSync(planPath, newStatus);
- break;
+ // IMPORTANT: We persist to BOTH main project AND worktree (if exists) to ensure
+ // consistency, since getTasks() prefers the worktree version.
+ if (task && project) {
+ try {
+ // Persist to main project plan file
+ const mainPlanPath = getPlanPath(project, task);
+ persistPlanStatusSync(mainPlanPath, newStatus, project.id);
+
+ // Also persist to worktree plan file if it exists
+ // This ensures consistency since getTasks() prefers worktree version
+ const worktreePath = findTaskWorktree(project.path, task.specId);
+ if (worktreePath) {
+ const specsBaseDir = getSpecsDir(project.autoBuildPath);
+ const worktreePlanPath = path.join(
+ worktreePath,
+ specsBaseDir,
+ task.specId,
+ AUTO_BUILD_PATHS.IMPLEMENTATION_PLAN
+ );
+ if (existsSync(worktreePlanPath)) {
+ persistPlanStatusSync(worktreePlanPath, newStatus, project.id);
+ }
}
+ } catch (err) {
+ // Ignore persistence errors - UI will still work, just might flip on refresh
+ console.warn('[execution-progress] Could not persist status:', err);
}
- } catch (err) {
- // Ignore persistence errors - UI will still work, just might flip on refresh
- console.warn('[execution-progress] Could not persist status:', err);
}
}
}
@@ -190,14 +314,18 @@ export function registerAgenteventsHandlers(
fileWatcher.on('progress', (taskId: string, plan: ImplementationPlan) => {
const mainWindow = getMainWindow();
if (mainWindow) {
- mainWindow.webContents.send(IPC_CHANNELS.TASK_PROGRESS, taskId, plan);
+ // Use shared helper to find project (issue #723 - deduplicate lookup)
+ const { project } = findTaskAndProject(taskId);
+ mainWindow.webContents.send(IPC_CHANNELS.TASK_PROGRESS, taskId, plan, project?.id);
}
});
fileWatcher.on('error', (taskId: string, error: string) => {
const mainWindow = getMainWindow();
if (mainWindow) {
- mainWindow.webContents.send(IPC_CHANNELS.TASK_ERROR, taskId, error);
+ // Include projectId for multi-project filtering (issue #723)
+ const { project } = findTaskAndProject(taskId);
+ mainWindow.webContents.send(IPC_CHANNELS.TASK_ERROR, taskId, error, project?.id);
}
});
}
diff --git a/apps/frontend/src/main/ipc-handlers/app-update-handlers.ts b/apps/frontend/src/main/ipc-handlers/app-update-handlers.ts
index 1d0b963efc..66c7f3ee3d 100644
--- a/apps/frontend/src/main/ipc-handlers/app-update-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/app-update-handlers.ts
@@ -11,6 +11,7 @@ import type { IPCResult, AppUpdateInfo } from '../../shared/types';
import {
checkForUpdates,
downloadUpdate,
+ downloadStableVersion,
quitAndInstall,
getCurrentVersion
} from '../app-updater';
@@ -65,6 +66,26 @@ export function registerAppUpdateHandlers(): void {
}
);
+ /**
+ * APP_UPDATE_DOWNLOAD_STABLE: Download stable version (for downgrade from beta)
+ * Uses allowDowngrade to download an older stable version
+ */
+ ipcMain.handle(
+ IPC_CHANNELS.APP_UPDATE_DOWNLOAD_STABLE,
+ async (): Promise => {
+ try {
+ await downloadStableVersion();
+ return { success: true };
+ } catch (error) {
+ console.error('[app-update-handlers] Download stable version failed:', error);
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to download stable version'
+ };
+ }
+ }
+ );
+
/**
* APP_UPDATE_INSTALL: Quit and install update
* Quits the app and installs the downloaded update
diff --git a/apps/frontend/src/main/ipc-handlers/autobuild-source-handlers.ts b/apps/frontend/src/main/ipc-handlers/autobuild-source-handlers.ts
deleted file mode 100644
index 4a4ab66d82..0000000000
--- a/apps/frontend/src/main/ipc-handlers/autobuild-source-handlers.ts
+++ /dev/null
@@ -1,321 +0,0 @@
-import { ipcMain } from 'electron';
-import type { BrowserWindow } from 'electron';
-import { IPC_CHANNELS } from '../../shared/constants';
-import type { IPCResult } from '../../shared/types';
-import path from 'path';
-import { existsSync, readFileSync, writeFileSync } from 'fs';
-import type { AutoBuildSourceUpdateProgress, SourceEnvConfig, SourceEnvCheckResult } from '../../shared/types';
-import { checkForUpdates as checkSourceUpdates, downloadAndApplyUpdate, getBundledVersion, getEffectiveVersion, getEffectiveSourcePath } from '../auto-claude-updater';
-import { debugLog } from '../../shared/utils/debug-logger';
-
-
-/**
- * Register all autobuild-source-related IPC handlers
- */
-export function registerAutobuildSourceHandlers(
- getMainWindow: () => BrowserWindow | null
-): void {
- // ============================================
- // Auto Claude Source Update Operations
- // ============================================
-
- ipcMain.handle(
- IPC_CHANNELS.AUTOBUILD_SOURCE_CHECK,
- async (): Promise> => {
- console.log('[autobuild-source] Check for updates called');
- debugLog('[IPC] AUTOBUILD_SOURCE_CHECK called');
- try {
- const result = await checkSourceUpdates();
- console.log('[autobuild-source] Check result:', JSON.stringify(result, null, 2));
- debugLog('[IPC] AUTOBUILD_SOURCE_CHECK result:', result);
- return { success: true, data: result };
- } catch (error) {
- console.error('[autobuild-source] Check error:', error);
- debugLog('[IPC] AUTOBUILD_SOURCE_CHECK error:', error);
- return {
- success: false,
- error: error instanceof Error ? error.message : 'Failed to check for updates'
- };
- }
- }
- );
-
- ipcMain.on(
- IPC_CHANNELS.AUTOBUILD_SOURCE_DOWNLOAD,
- () => {
- debugLog('[IPC] Autobuild source download requested');
- const mainWindow = getMainWindow();
- if (!mainWindow) {
- debugLog('[IPC] No main window available, aborting update');
- return;
- }
-
- // Start download in background
- downloadAndApplyUpdate((progress) => {
- debugLog('[IPC] Update progress:', progress.stage, progress.message);
- mainWindow.webContents.send(
- IPC_CHANNELS.AUTOBUILD_SOURCE_PROGRESS,
- progress
- );
- }).then((result) => {
- if (result.success) {
- debugLog('[IPC] Update completed successfully, version:', result.version);
- mainWindow.webContents.send(
- IPC_CHANNELS.AUTOBUILD_SOURCE_PROGRESS,
- {
- stage: 'complete',
- message: `Updated to version ${result.version}`,
- newVersion: result.version // Include new version for UI refresh
- } as AutoBuildSourceUpdateProgress
- );
- } else {
- debugLog('[IPC] Update failed:', result.error);
- mainWindow.webContents.send(
- IPC_CHANNELS.AUTOBUILD_SOURCE_PROGRESS,
- {
- stage: 'error',
- message: result.error || 'Update failed'
- } as AutoBuildSourceUpdateProgress
- );
- }
- }).catch((error) => {
- debugLog('[IPC] Update error:', error instanceof Error ? error.message : error);
- mainWindow.webContents.send(
- IPC_CHANNELS.AUTOBUILD_SOURCE_PROGRESS,
- {
- stage: 'error',
- message: error instanceof Error ? error.message : 'Update failed'
- } as AutoBuildSourceUpdateProgress
- );
- });
-
- // Send initial progress
- mainWindow.webContents.send(
- IPC_CHANNELS.AUTOBUILD_SOURCE_PROGRESS,
- {
- stage: 'checking',
- message: 'Starting update...'
- } as AutoBuildSourceUpdateProgress
- );
- }
- );
-
- ipcMain.handle(
- IPC_CHANNELS.AUTOBUILD_SOURCE_VERSION,
- async (): Promise> => {
- try {
- // Use effective version which accounts for source updates
- const version = getEffectiveVersion();
- debugLog('[IPC] Returning effective version:', version);
- return { success: true, data: version };
- } catch (error) {
- return {
- success: false,
- error: error instanceof Error ? error.message : 'Failed to get version'
- };
- }
- }
- );
-
- // ============================================
- // Auto Claude Source Environment Operations
- // ============================================
-
- /**
- * Parse an .env file content into a key-value object
- */
- const parseSourceEnvFile = (content: string): Record => {
- const vars: Record = {};
- for (const line of content.split('\n')) {
- const trimmed = line.trim();
- if (!trimmed || trimmed.startsWith('#')) continue;
-
- const eqIndex = trimmed.indexOf('=');
- if (eqIndex > 0) {
- const key = trimmed.substring(0, eqIndex).trim();
- let value = trimmed.substring(eqIndex + 1).trim();
- // Remove quotes if present
- if ((value.startsWith('"') && value.endsWith('"')) ||
- (value.startsWith("'") && value.endsWith("'"))) {
- value = value.slice(1, -1);
- }
- vars[key] = value;
- }
- }
- return vars;
- };
-
- ipcMain.handle(
- IPC_CHANNELS.AUTOBUILD_SOURCE_ENV_GET,
- async (): Promise> => {
- try {
- const sourcePath = getEffectiveSourcePath();
- if (!sourcePath) {
- return {
- success: true,
- data: {
- hasClaudeToken: false,
- envExists: false,
- sourcePath: undefined
- }
- };
- }
-
- const envPath = path.join(sourcePath, '.env');
- const envExists = existsSync(envPath);
-
- if (!envExists) {
- return {
- success: true,
- data: {
- hasClaudeToken: false,
- envExists: false,
- sourcePath
- }
- };
- }
-
- const content = readFileSync(envPath, 'utf-8');
- const vars = parseSourceEnvFile(content);
- const hasToken = !!vars['CLAUDE_CODE_OAUTH_TOKEN'];
-
- return {
- success: true,
- data: {
- hasClaudeToken: hasToken,
- claudeOAuthToken: hasToken ? vars['CLAUDE_CODE_OAUTH_TOKEN'] : undefined,
- envExists: true,
- sourcePath
- }
- };
- } catch (error) {
- return {
- success: false,
- error: error instanceof Error ? error.message : 'Failed to get source env'
- };
- }
- }
- );
-
- ipcMain.handle(
- IPC_CHANNELS.AUTOBUILD_SOURCE_ENV_UPDATE,
- async (_, config: { claudeOAuthToken?: string }): Promise => {
- try {
- const sourcePath = getEffectiveSourcePath();
- if (!sourcePath) {
- return {
- success: false,
- error: 'Auto-Claude source path not found. Please configure it in App Settings.'
- };
- }
-
- const envPath = path.join(sourcePath, '.env');
-
- // Read existing content or start fresh
- let existingContent = '';
- const existingVars: Record = {};
-
- if (existsSync(envPath)) {
- existingContent = readFileSync(envPath, 'utf-8');
- Object.assign(existingVars, parseSourceEnvFile(existingContent));
- }
-
- // Update the token
- if (config.claudeOAuthToken !== undefined) {
- existingVars['CLAUDE_CODE_OAUTH_TOKEN'] = config.claudeOAuthToken;
- }
-
- // Rebuild the .env file preserving comments and structure
- const lines = existingContent.split('\n');
- const processedKeys = new Set();
- const outputLines: string[] = [];
-
- for (const line of lines) {
- const trimmed = line.trim();
- if (!trimmed || trimmed.startsWith('#')) {
- outputLines.push(line);
- continue;
- }
-
- const eqIndex = trimmed.indexOf('=');
- if (eqIndex > 0) {
- const key = trimmed.substring(0, eqIndex).trim();
- if (key in existingVars) {
- outputLines.push(`${key}=${existingVars[key]}`);
- processedKeys.add(key);
- } else {
- outputLines.push(line);
- }
- } else {
- outputLines.push(line);
- }
- }
-
- // Add any new keys that weren't in the original file
- for (const [key, value] of Object.entries(existingVars)) {
- if (!processedKeys.has(key)) {
- outputLines.push(`${key}=${value}`);
- }
- }
-
- writeFileSync(envPath, outputLines.join('\n'));
-
- return { success: true };
- } catch (error) {
- return {
- success: false,
- error: error instanceof Error ? error.message : 'Failed to update source env'
- };
- }
- }
- );
-
- ipcMain.handle(
- IPC_CHANNELS.AUTOBUILD_SOURCE_ENV_CHECK_TOKEN,
- async (): Promise> => {
- try {
- const sourcePath = getEffectiveSourcePath();
- if (!sourcePath) {
- return {
- success: true,
- data: {
- hasToken: false,
- sourcePath: undefined,
- error: 'Auto-Claude source path not found'
- }
- };
- }
-
- const envPath = path.join(sourcePath, '.env');
- if (!existsSync(envPath)) {
- return {
- success: true,
- data: {
- hasToken: false,
- sourcePath,
- error: '.env file does not exist'
- }
- };
- }
-
- const content = readFileSync(envPath, 'utf-8');
- const vars = parseSourceEnvFile(content);
- const hasToken = !!vars['CLAUDE_CODE_OAUTH_TOKEN'] && vars['CLAUDE_CODE_OAUTH_TOKEN'].length > 0;
-
- return {
- success: true,
- data: {
- hasToken,
- sourcePath
- }
- };
- } catch (error) {
- return {
- success: false,
- error: error instanceof Error ? error.message : 'Failed to check source token'
- };
- }
- }
- );
-
-}
diff --git a/apps/frontend/src/main/ipc-handlers/context/utils.ts b/apps/frontend/src/main/ipc-handlers/context/utils.ts
index c815751778..6611e99740 100644
--- a/apps/frontend/src/main/ipc-handlers/context/utils.ts
+++ b/apps/frontend/src/main/ipc-handlers/context/utils.ts
@@ -131,7 +131,7 @@ export interface EmbeddingValidationResult {
/**
* Validate embedding configuration based on the configured provider
* Supports: openai, ollama, google, voyage, azure_openai
- *
+ *
* @returns validation result with provider info and reason if invalid
*/
export function validateEmbeddingConfiguration(
diff --git a/apps/frontend/src/main/ipc-handlers/env-handlers.ts b/apps/frontend/src/main/ipc-handlers/env-handlers.ts
index 9574215b9e..3a9cbe417f 100644
--- a/apps/frontend/src/main/ipc-handlers/env-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/env-handlers.ts
@@ -8,6 +8,9 @@ import { existsSync, readFileSync, writeFileSync } from 'fs';
import { spawn } from 'child_process';
import { projectStore } from '../project-store';
import { parseEnvFile } from './utils';
+import { getClaudeCliInvocation, getClaudeCliInvocationAsync } from '../claude-cli-utils';
+import { debugError } from '../../shared/utils/debug-logger';
+import { getSpawnOptions } from '../env-utils';
// GitLab environment variable keys
const GITLAB_ENV_KEYS = {
@@ -25,6 +28,43 @@ function envLine(vars: Record, key: string, defaultVal: string =
return vars[key] ? `${key}=${vars[key]}` : `# ${key}=${defaultVal}`;
}
+type ResolvedClaudeCliInvocation =
+ | { command: string; env: Record }
+ | { error: string };
+
+function resolveClaudeCliInvocation(): ResolvedClaudeCliInvocation {
+ try {
+ const invocation = getClaudeCliInvocation();
+ if (!invocation?.command) {
+ throw new Error('Claude CLI path not resolved');
+ }
+ return { command: invocation.command, env: invocation.env };
+ } catch (error) {
+ debugError('[IPC] Failed to resolve Claude CLI path:', error);
+ return {
+ error: error instanceof Error ? error.message : 'Failed to resolve Claude CLI path',
+ };
+ }
+}
+
+/**
+ * Async version of resolveClaudeCliInvocation - non-blocking for main process
+ */
+async function resolveClaudeCliInvocationAsync(): Promise {
+ try {
+ const invocation = await getClaudeCliInvocationAsync();
+ if (!invocation?.command) {
+ throw new Error('Claude CLI path not resolved');
+ }
+ return { command: invocation.command, env: invocation.env };
+ } catch (error) {
+ debugError('[IPC] Failed to resolve Claude CLI path:', error);
+ return {
+ error: error instanceof Error ? error.message : 'Failed to resolve Claude CLI path',
+ };
+ }
+}
+
/**
* Register all env-related IPC handlers
@@ -552,14 +592,21 @@ ${existingVars['GRAPHITI_DB_PATH'] ? `GRAPHITI_DB_PATH=${existingVars['GRAPHITI_
return { success: false, error: 'Project not found' };
}
+ // Use async version to avoid blocking main process during CLI detection
+ const resolved = await resolveClaudeCliInvocationAsync();
+ if ('error' in resolved) {
+ return { success: false, error: resolved.error };
+ }
+ const claudeCmd = resolved.command;
+ const claudeEnv = resolved.env;
+
try {
// Check if Claude CLI is available and authenticated
const result = await new Promise((resolve) => {
- const proc = spawn('claude', ['--version'], {
+ const proc = spawn(claudeCmd, ['--version'], getSpawnOptions(claudeCmd, {
cwd: project.path,
- env: { ...process.env },
- shell: true
- });
+ env: claudeEnv,
+ }));
let _stdout = '';
let _stderr = '';
@@ -576,11 +623,10 @@ ${existingVars['GRAPHITI_DB_PATH'] ? `GRAPHITI_DB_PATH=${existingVars['GRAPHITI_
if (code === 0) {
// Claude CLI is available, check if authenticated
// Run a simple command that requires auth
- const authCheck = spawn('claude', ['api', '--help'], {
+ const authCheck = spawn(claudeCmd, ['api', '--help'], getSpawnOptions(claudeCmd, {
cwd: project.path,
- env: { ...process.env },
- shell: true
- });
+ env: claudeEnv,
+ }));
authCheck.on('close', (authCode: number | null) => {
resolve({
@@ -614,6 +660,9 @@ ${existingVars['GRAPHITI_DB_PATH'] ? `GRAPHITI_DB_PATH=${existingVars['GRAPHITI_
});
});
+ if (!result.success) {
+ return { success: false, error: result.error || 'Failed to check Claude auth' };
+ }
return { success: true, data: result };
} catch (error) {
return {
@@ -632,15 +681,22 @@ ${existingVars['GRAPHITI_DB_PATH'] ? `GRAPHITI_DB_PATH=${existingVars['GRAPHITI_
return { success: false, error: 'Project not found' };
}
+ // Use async version to avoid blocking main process during CLI detection
+ const resolved = await resolveClaudeCliInvocationAsync();
+ if ('error' in resolved) {
+ return { success: false, error: resolved.error };
+ }
+ const claudeCmd = resolved.command;
+ const claudeEnv = resolved.env;
+
try {
// Run claude setup-token which will open browser for OAuth
const result = await new Promise((resolve) => {
- const proc = spawn('claude', ['setup-token'], {
+ const proc = spawn(claudeCmd, ['setup-token'], getSpawnOptions(claudeCmd, {
cwd: project.path,
- env: { ...process.env },
- shell: true,
+ env: claudeEnv,
stdio: 'inherit' // This allows the terminal to handle the interactive auth
- });
+ }));
proc.on('close', (code: number | null) => {
if (code === 0) {
@@ -666,6 +722,9 @@ ${existingVars['GRAPHITI_DB_PATH'] ? `GRAPHITI_DB_PATH=${existingVars['GRAPHITI_
});
});
+ if (!result.success) {
+ return { success: false, error: result.error || 'Failed to invoke Claude setup' };
+ }
return { success: true, data: result };
} catch (error) {
return {
diff --git a/apps/frontend/src/main/ipc-handlers/github/__tests__/oauth-handlers.spec.ts b/apps/frontend/src/main/ipc-handlers/github/__tests__/oauth-handlers.spec.ts
index 616106675d..4c3c942f7e 100644
--- a/apps/frontend/src/main/ipc-handlers/github/__tests__/oauth-handlers.spec.ts
+++ b/apps/frontend/src/main/ipc-handlers/github/__tests__/oauth-handlers.spec.ts
@@ -10,11 +10,15 @@ const mockSpawn = vi.fn();
const mockExecSync = vi.fn();
const mockExecFileSync = vi.fn();
-vi.mock('child_process', () => ({
- spawn: (...args: unknown[]) => mockSpawn(...args),
- execSync: (...args: unknown[]) => mockExecSync(...args),
- execFileSync: (...args: unknown[]) => mockExecFileSync(...args)
-}));
+vi.mock('child_process', async (importOriginal) => {
+ const actual = await importOriginal();
+ return {
+ ...actual,
+ spawn: (...args: unknown[]) => mockSpawn(...args),
+ execSync: (...args: unknown[]) => mockExecSync(...args),
+ execFileSync: (...args: unknown[]) => mockExecFileSync(...args)
+ };
+});
// Mock shell.openExternal
const mockOpenExternal = vi.fn();
@@ -82,6 +86,13 @@ vi.mock('../../../env-utils', () => ({
isCommandAvailable: vi.fn((cmd: string) => mockFindExecutable(cmd) !== null)
}));
+// Mock cli-tool-manager to avoid child_process import issues
+vi.mock('../../../cli-tool-manager', () => ({
+ getToolPath: vi.fn(() => '/usr/local/bin/gh'),
+ detectCLITools: vi.fn(),
+ getAllToolStatus: vi.fn()
+}));
+
// Create mock process for spawn
function createMockProcess(): EventEmitter & {
stdout: EventEmitter | null;
diff --git a/apps/frontend/src/main/ipc-handlers/github/__tests__/runner-env-handlers.test.ts b/apps/frontend/src/main/ipc-handlers/github/__tests__/runner-env-handlers.test.ts
new file mode 100644
index 0000000000..751578da7f
--- /dev/null
+++ b/apps/frontend/src/main/ipc-handlers/github/__tests__/runner-env-handlers.test.ts
@@ -0,0 +1,260 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+import fs from 'fs';
+import os from 'os';
+import path from 'path';
+import type { Project } from '../../../../shared/types';
+import { IPC_CHANNELS } from '../../../../shared/constants';
+import type { BrowserWindow } from 'electron';
+import type { AgentManager } from '../../../agent/agent-manager';
+import type { createIPCCommunicators as createIPCCommunicatorsType } from '../utils/ipc-communicator';
+
+const mockIpcMain = vi.hoisted(() => {
+ class HoistedMockIpcMain {
+ handlers = new Map();
+ listeners = new Map();
+
+ handle(channel: string, handler: Function): void {
+ this.handlers.set(channel, handler);
+ }
+
+ on(channel: string, listener: Function): void {
+ this.listeners.set(channel, listener);
+ }
+
+ async invokeHandler(channel: string, ...args: unknown[]): Promise {
+ const handler = this.handlers.get(channel);
+ if (!handler) {
+ throw new Error(`No handler for channel: ${channel}`);
+ }
+ return handler({}, ...args);
+ }
+
+ async emit(channel: string, ...args: unknown[]): Promise {
+ const listener = this.listeners.get(channel);
+ if (!listener) {
+ throw new Error(`No listener for channel: ${channel}`);
+ }
+ await listener({}, ...args);
+ }
+
+ reset(): void {
+ this.handlers.clear();
+ this.listeners.clear();
+ }
+ }
+
+ return new HoistedMockIpcMain();
+});
+
+const mockRunPythonSubprocess = vi.fn();
+const mockValidateGitHubModule = vi.fn();
+const mockGetRunnerEnv = vi.fn();
+type CreateIPCCommunicators = typeof createIPCCommunicatorsType;
+
+const mockCreateIPCCommunicators = vi.fn(
+ (..._args: Parameters) => ({
+ sendProgress: vi.fn(),
+ sendComplete: vi.fn(),
+ sendError: vi.fn(),
+ })
+) as unknown as CreateIPCCommunicators;
+
+const projectRef: { current: Project | null } = { current: null };
+const tempDirs: string[] = [];
+
+vi.mock('electron', () => ({
+ ipcMain: mockIpcMain,
+ BrowserWindow: class {},
+ app: {
+ getPath: vi.fn(() => '/tmp'),
+ on: vi.fn(),
+ },
+}));
+
+vi.mock('../../../agent/agent-manager', () => ({
+ AgentManager: class {
+ startSpecCreation = vi.fn();
+ },
+}));
+
+vi.mock('../utils/ipc-communicator', () => ({
+ createIPCCommunicators: (...args: Parameters) =>
+ mockCreateIPCCommunicators(...args),
+}));
+
+vi.mock('../utils/project-middleware', () => ({
+ withProjectOrNull: async (_projectId: string, handler: (project: Project) => Promise) => {
+ if (!projectRef.current) {
+ return null;
+ }
+ return handler(projectRef.current);
+ },
+}));
+
+vi.mock('../utils/subprocess-runner', () => ({
+ runPythonSubprocess: (...args: unknown[]) => mockRunPythonSubprocess(...args),
+ validateGitHubModule: (...args: unknown[]) => mockValidateGitHubModule(...args),
+ getPythonPath: () => '/tmp/python',
+ getRunnerPath: () => '/tmp/runner.py',
+ buildRunnerArgs: (_runnerPath: string, _projectPath: string, command: string, args: string[] = []) => [
+ 'runner.py',
+ command,
+ ...args,
+ ],
+}));
+
+vi.mock('../utils/runner-env', () => ({
+ getRunnerEnv: (...args: unknown[]) => mockGetRunnerEnv(...args),
+}));
+
+vi.mock('../utils', () => ({
+ getGitHubConfig: vi.fn(() => null),
+ githubFetch: vi.fn(),
+}));
+
+vi.mock('../../../settings-utils', () => ({
+ readSettingsFile: vi.fn(() => ({})),
+}));
+
+function createMockWindow(): BrowserWindow {
+ return { webContents: { send: vi.fn() } } as unknown as BrowserWindow;
+}
+
+function createProject(): Project {
+ const projectPath = fs.mkdtempSync(path.join(os.tmpdir(), 'github-env-test-'));
+ tempDirs.push(projectPath);
+ return {
+ id: 'project-1',
+ name: 'Test Project',
+ path: projectPath,
+ autoBuildPath: '.auto-claude',
+ settings: {
+ model: 'default',
+ memoryBackend: 'file',
+ linearSync: false,
+ notifications: {
+ onTaskComplete: false,
+ onTaskFailed: false,
+ onReviewNeeded: false,
+ sound: false,
+ },
+ graphitiMcpEnabled: false,
+ useClaudeMd: true,
+ },
+ createdAt: new Date(),
+ updatedAt: new Date(),
+ };
+}
+
+describe('GitHub runner env usage', () => {
+ beforeEach(() => {
+ vi.clearAllMocks();
+ mockIpcMain.reset();
+ projectRef.current = createProject();
+ mockValidateGitHubModule.mockResolvedValue({ valid: true, backendPath: '/tmp/backend' });
+ mockGetRunnerEnv.mockResolvedValue({ ANTHROPIC_AUTH_TOKEN: 'token' });
+ });
+
+ afterEach(() => {
+ for (const dir of tempDirs) {
+ try {
+ fs.rmSync(dir, { recursive: true, force: true });
+ } catch {
+ // Ignore cleanup errors for already-removed temp dirs.
+ }
+ }
+ tempDirs.length = 0;
+ });
+
+ it('passes runner env to PR review subprocess', async () => {
+ const { registerPRHandlers } = await import('../pr-handlers');
+
+ mockRunPythonSubprocess.mockReturnValue({
+ process: { pid: 123 },
+ promise: Promise.resolve({
+ success: true,
+ exitCode: 0,
+ stdout: '',
+ stderr: '',
+ data: {
+ prNumber: 123,
+ repo: 'test/repo',
+ success: true,
+ findings: [],
+ summary: '',
+ overallStatus: 'comment',
+ reviewedAt: new Date().toISOString(),
+ },
+ }),
+ });
+
+ registerPRHandlers(() => createMockWindow());
+ await mockIpcMain.emit(IPC_CHANNELS.GITHUB_PR_REVIEW, projectRef.current?.id, 123);
+
+ expect(mockGetRunnerEnv).toHaveBeenCalledWith({ USE_CLAUDE_MD: 'true' });
+ expect(mockRunPythonSubprocess).toHaveBeenCalledWith(
+ expect.objectContaining({
+ env: { ANTHROPIC_AUTH_TOKEN: 'token' },
+ })
+ );
+ });
+
+ it('passes runner env to triage subprocess', async () => {
+ const { registerTriageHandlers } = await import('../triage-handlers');
+
+ mockRunPythonSubprocess.mockReturnValue({
+ process: { pid: 124 },
+ promise: Promise.resolve({
+ success: true,
+ exitCode: 0,
+ stdout: '',
+ stderr: '',
+ data: [],
+ }),
+ });
+
+ registerTriageHandlers(() => createMockWindow());
+ await mockIpcMain.emit(IPC_CHANNELS.GITHUB_TRIAGE_RUN, projectRef.current?.id);
+
+ expect(mockGetRunnerEnv).toHaveBeenCalledWith();
+ expect(mockRunPythonSubprocess).toHaveBeenCalledWith(
+ expect.objectContaining({
+ env: { ANTHROPIC_AUTH_TOKEN: 'token' },
+ })
+ );
+ });
+
+ it('passes runner env to autofix analyze preview subprocess', async () => {
+ const { registerAutoFixHandlers } = await import('../autofix-handlers');
+ const { AgentManager: MockedAgentManager } = await import('../../../agent/agent-manager');
+
+ mockRunPythonSubprocess.mockReturnValue({
+ process: { pid: 125 },
+ promise: Promise.resolve({
+ success: true,
+ exitCode: 0,
+ stdout: '',
+ stderr: '',
+ data: {
+ totalIssues: 0,
+ primaryIssue: null,
+ proposedBatches: [],
+ singleIssues: [],
+ },
+ }),
+ });
+
+ const agentManager: AgentManager = new MockedAgentManager();
+ const getMainWindow: () => BrowserWindow | null = () => createMockWindow();
+
+ registerAutoFixHandlers(agentManager, getMainWindow);
+ await mockIpcMain.emit(IPC_CHANNELS.GITHUB_AUTOFIX_ANALYZE_PREVIEW, projectRef.current?.id);
+
+ expect(mockGetRunnerEnv).toHaveBeenCalledWith();
+ expect(mockRunPythonSubprocess).toHaveBeenCalledWith(
+ expect.objectContaining({
+ env: { ANTHROPIC_AUTH_TOKEN: 'token' },
+ })
+ );
+ });
+});
diff --git a/apps/frontend/src/main/ipc-handlers/github/autofix-handlers.ts b/apps/frontend/src/main/ipc-handlers/github/autofix-handlers.ts
index 578ebace52..187eaa5d6b 100644
--- a/apps/frontend/src/main/ipc-handlers/github/autofix-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/github/autofix-handlers.ts
@@ -28,6 +28,7 @@ import {
parseJSONFromOutput,
} from './utils/subprocess-runner';
import { AgentManager } from '../../agent/agent-manager';
+import { getRunnerEnv } from './utils/runner-env';
// Debug logging
const { debug: debugLog } = createContextLogger('GitHub AutoFix');
@@ -277,11 +278,13 @@ async function checkNewIssues(project: Project): Promise
const backendPath = validation.backendPath!;
const args = buildRunnerArgs(getRunnerPath(backendPath), project.path, 'check-new');
+ const subprocessEnv = await getRunnerEnv();
const { promise } = runPythonSubprocess>({
pythonPath: getPythonPath(backendPath),
args,
cwd: backendPath,
+ env: subprocessEnv,
onComplete: (stdout) => {
return parseJSONFromOutput>(stdout);
},
@@ -361,7 +364,15 @@ async function startAutoFix(
// Create spec
const taskDescription = buildInvestigationTask(issue.number, issue.title, issueContext);
- const specData = await createSpecForIssue(project, issue.number, issue.title, taskDescription, issue.html_url, labels);
+ const specData = await createSpecForIssue(
+ project,
+ issue.number,
+ issue.title,
+ taskDescription,
+ issue.html_url,
+ labels,
+ project.settings?.mainBranch // Pass project's configured main branch
+ );
// Save auto-fix state
const issuesDir = path.join(getGitHubDir(project), 'issues');
@@ -607,6 +618,7 @@ export function registerAutoFixHandlers(
const backendPath = validation.backendPath!;
const additionalArgs = issueNumbers && issueNumbers.length > 0 ? issueNumbers.map(n => n.toString()) : [];
const args = buildRunnerArgs(getRunnerPath(backendPath), project.path, 'batch-issues', additionalArgs);
+ const subprocessEnv = await getRunnerEnv();
debugLog('Spawning batch process', { args });
@@ -614,6 +626,7 @@ export function registerAutoFixHandlers(
pythonPath: getPythonPath(backendPath),
args,
cwd: backendPath,
+ env: subprocessEnv,
onProgress: (percent, message) => {
sendProgress({
phase: 'batching',
@@ -728,12 +741,14 @@ export function registerAutoFixHandlers(
}
const args = buildRunnerArgs(getRunnerPath(backendPath), project.path, 'analyze-preview', additionalArgs);
+ const subprocessEnv = await getRunnerEnv();
debugLog('Spawning analyze-preview process', { args });
const { promise } = runPythonSubprocess({
pythonPath: getPythonPath(backendPath),
args,
cwd: backendPath,
+ env: subprocessEnv,
onProgress: (percent, message) => {
sendProgress({ phase: 'analyzing', progress: percent, message });
},
diff --git a/apps/frontend/src/main/ipc-handlers/github/import-handlers.ts b/apps/frontend/src/main/ipc-handlers/github/import-handlers.ts
index 8a38619e79..9e2e5c0506 100644
--- a/apps/frontend/src/main/ipc-handlers/github/import-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/github/import-handlers.ts
@@ -66,7 +66,8 @@ ${issue.body || 'No description provided.'}
issue.title,
description,
issue.html_url,
- labelNames
+ labelNames,
+ project.settings?.mainBranch // Pass project's configured main branch
);
// Start spec creation with the existing spec directory
diff --git a/apps/frontend/src/main/ipc-handlers/github/investigation-handlers.ts b/apps/frontend/src/main/ipc-handlers/github/investigation-handlers.ts
index 4f5a36d435..7ddae6e599 100644
--- a/apps/frontend/src/main/ipc-handlers/github/investigation-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/github/investigation-handlers.ts
@@ -148,7 +148,8 @@ export function registerInvestigateIssue(
issue.title,
taskDescription,
issue.html_url,
- labels
+ labels,
+ project.settings?.mainBranch // Pass project's configured main branch
);
// NOTE: We intentionally do NOT call agentManager.startSpecCreation() here
diff --git a/apps/frontend/src/main/ipc-handlers/github/pr-handlers.ts b/apps/frontend/src/main/ipc-handlers/github/pr-handlers.ts
index 7f6b01f44a..d1dacecf0f 100644
--- a/apps/frontend/src/main/ipc-handlers/github/pr-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/github/pr-handlers.ts
@@ -8,25 +8,32 @@
* 4. Apply fixes
*/
-import { ipcMain } from 'electron';
-import type { BrowserWindow } from 'electron';
-import path from 'path';
-import fs from 'fs';
-import { IPC_CHANNELS, MODEL_ID_MAP, DEFAULT_FEATURE_MODELS, DEFAULT_FEATURE_THINKING } from '../../../shared/constants';
-import { getGitHubConfig, githubFetch } from './utils';
-import { readSettingsFile } from '../../settings-utils';
-import { getAugmentedEnv } from '../../env-utils';
-import type { Project, AppSettings } from '../../../shared/types';
-import { createContextLogger } from './utils/logger';
-import { withProjectOrNull } from './utils/project-middleware';
-import { createIPCCommunicators } from './utils/ipc-communicator';
+import { ipcMain } from "electron";
+import type { BrowserWindow } from "electron";
+import path from "path";
+import fs from "fs";
+import {
+ IPC_CHANNELS,
+ MODEL_ID_MAP,
+ DEFAULT_FEATURE_MODELS,
+ DEFAULT_FEATURE_THINKING,
+} from "../../../shared/constants";
+import { getGitHubConfig, githubFetch } from "./utils";
+import { readSettingsFile } from "../../settings-utils";
+import { getAugmentedEnv } from "../../env-utils";
+import { getMemoryService, getDefaultDbPath } from "../../memory-service";
+import type { Project, AppSettings } from "../../../shared/types";
+import { createContextLogger } from "./utils/logger";
+import { withProjectOrNull } from "./utils/project-middleware";
+import { createIPCCommunicators } from "./utils/ipc-communicator";
+import { getRunnerEnv } from "./utils/runner-env";
import {
runPythonSubprocess,
getPythonPath,
getRunnerPath,
validateGitHubModule,
buildRunnerArgs,
-} from './utils/subprocess-runner';
+} from "./utils/subprocess-runner";
/**
* Sanitize network data before writing to file
@@ -36,15 +43,34 @@ function sanitizeNetworkData(data: string, maxLength = 1000000): string {
// Remove null bytes and other control characters except newlines/tabs/carriage returns
// Using code points instead of escape sequences to avoid no-control-regex ESLint rule
const controlCharsPattern = new RegExp(
- '[' +
- String.fromCharCode(0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08) + // \x00-\x08
- String.fromCharCode(0x0B, 0x0C) + // \x0B, \x0C (skip \x0A which is newline)
- String.fromCharCode(0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F) + // \x0E-\x1F
- String.fromCharCode(0x7F) + // \x7F (DEL)
- ']',
- 'g'
+ "[" +
+ String.fromCharCode(0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08) + // \x00-\x08
+ String.fromCharCode(0x0b, 0x0c) + // \x0B, \x0C (skip \x0A which is newline)
+ String.fromCharCode(
+ 0x0e,
+ 0x0f,
+ 0x10,
+ 0x11,
+ 0x12,
+ 0x13,
+ 0x14,
+ 0x15,
+ 0x16,
+ 0x17,
+ 0x18,
+ 0x19,
+ 0x1a,
+ 0x1b,
+ 0x1c,
+ 0x1d,
+ 0x1e,
+ 0x1f
+ ) + // \x0E-\x1F
+ String.fromCharCode(0x7f) + // \x7F (DEL)
+ "]",
+ "g"
);
- let sanitized = data.replace(controlCharsPattern, '');
+ let sanitized = data.replace(controlCharsPattern, "");
// Limit length to prevent DoS
if (sanitized.length > maxLength) {
@@ -55,13 +81,13 @@ function sanitizeNetworkData(data: string, maxLength = 1000000): string {
}
// Debug logging
-const { debug: debugLog } = createContextLogger('GitHub PR');
+const { debug: debugLog } = createContextLogger("GitHub PR");
/**
* Registry of running PR review processes
* Key format: `${projectId}:${prNumber}`
*/
-const runningReviews = new Map();
+const runningReviews = new Map();
/**
* Get the registry key for a PR review
@@ -70,13 +96,20 @@ function getReviewKey(projectId: string, prNumber: number): string {
return `${projectId}:${prNumber}`;
}
+/**
+ * Returns env vars for Claude.md usage; enabled unless explicitly opted out.
+ */
+function getClaudeMdEnv(project: Project): Record | undefined {
+ return project.settings?.useClaudeMd !== false ? { USE_CLAUDE_MD: "true" } : undefined;
+}
+
/**
* PR review finding from AI analysis
*/
export interface PRReviewFinding {
id: string;
- severity: 'critical' | 'high' | 'medium' | 'low';
- category: 'security' | 'quality' | 'style' | 'test' | 'docs' | 'pattern' | 'performance';
+ severity: "critical" | "high" | "medium" | "low";
+ category: "security" | "quality" | "style" | "test" | "docs" | "pattern" | "performance";
title: string;
description: string;
file: string;
@@ -95,12 +128,13 @@ export interface PRReviewResult {
success: boolean;
findings: PRReviewFinding[];
summary: string;
- overallStatus: 'approve' | 'request_changes' | 'comment';
+ overallStatus: "approve" | "request_changes" | "comment";
reviewId?: number;
reviewedAt: string;
error?: string;
// Follow-up review fields
reviewedCommitSha?: string;
+ reviewedFileBlobs?: Record; // filename → blob SHA for rebase-resistant follow-ups
isFollowupReview?: boolean;
previousReviewId?: number;
resolvedFindings?: string[];
@@ -124,6 +158,181 @@ export interface NewCommitsCheck {
hasCommitsAfterPosting?: boolean;
}
+/**
+ * Lightweight merge readiness check result
+ * Used for real-time validation of AI verdict freshness
+ */
+export interface MergeReadiness {
+ /** PR is in draft mode */
+ isDraft: boolean;
+ /** GitHub's mergeable status */
+ mergeable: "MERGEABLE" | "CONFLICTING" | "UNKNOWN";
+ /** Branch is behind base branch (out of date) */
+ isBehind: boolean;
+ /** Simplified CI status */
+ ciStatus: "passing" | "failing" | "pending" | "none";
+ /** List of blockers that contradict a "ready to merge" verdict */
+ blockers: string[];
+}
+
+/**
+ * PR review memory stored in the memory layer
+ * Represents key insights and learnings from a PR review
+ */
+export interface PRReviewMemory {
+ prNumber: number;
+ repo: string;
+ verdict: string;
+ timestamp: string;
+ summary: {
+ verdict: string;
+ verdict_reasoning?: string;
+ finding_counts?: Record;
+ total_findings?: number;
+ blockers?: string[];
+ risk_assessment?: Record;
+ };
+ keyFindings: Array<{
+ severity: string;
+ category: string;
+ title: string;
+ description: string;
+ file: string;
+ line: number;
+ }>;
+ patterns: string[];
+ gotchas: string[];
+ isFollowup: boolean;
+}
+
+/**
+ * Save PR review insights to the Electron memory layer (LadybugDB)
+ *
+ * Called after a PR review completes to persist learnings for cross-session context.
+ * Extracts key findings, patterns, and gotchas from the review result.
+ *
+ * @param result The completed PR review result
+ * @param repo Repository name (owner/repo)
+ * @param isFollowup Whether this is a follow-up review
+ */
+async function savePRReviewToMemory(
+ result: PRReviewResult,
+ repo: string,
+ isFollowup: boolean = false
+): Promise {
+ const settings = readSettingsFile();
+ if (!settings?.memoryEnabled) {
+ debugLog("Memory not enabled, skipping PR review memory save");
+ return;
+ }
+
+ try {
+ const memoryService = getMemoryService({
+ dbPath: getDefaultDbPath(),
+ database: "auto_claude_memory",
+ });
+
+ // Build the memory content with comprehensive insights
+ // We want to capture ALL meaningful findings so the AI can learn from patterns
+
+ // Prioritize findings: critical > high > medium > low
+ // Include all critical/high, top 5 medium, top 3 low
+ const criticalFindings = result.findings.filter((f) => f.severity === "critical");
+ const highFindings = result.findings.filter((f) => f.severity === "high");
+ const mediumFindings = result.findings.filter((f) => f.severity === "medium").slice(0, 5);
+ const lowFindings = result.findings.filter((f) => f.severity === "low").slice(0, 3);
+
+ const keyFindingsToSave = [
+ ...criticalFindings,
+ ...highFindings,
+ ...mediumFindings,
+ ...lowFindings,
+ ].map((f) => ({
+ severity: f.severity,
+ category: f.category,
+ title: f.title,
+ description: f.description.substring(0, 500), // Truncate for storage
+ file: f.file,
+ line: f.line,
+ }));
+
+ // Extract gotchas: security issues, critical bugs, and common mistakes
+ const gotchaCategories = ["security", "error_handling", "data_validation", "race_condition"];
+ const gotchasToSave = result.findings
+ .filter(
+ (f) =>
+ f.severity === "critical" ||
+ f.severity === "high" ||
+ gotchaCategories.includes(f.category?.toLowerCase() || "")
+ )
+ .map((f) => `[${f.category}] ${f.title}: ${f.description.substring(0, 300)}`);
+
+ // Extract patterns: group findings by category to identify recurring issues
+ const categoryGroups = result.findings.reduce(
+ (acc, f) => {
+ const cat = f.category || "general";
+ acc[cat] = (acc[cat] || 0) + 1;
+ return acc;
+ },
+ {} as Record
+ );
+
+ // Patterns are categories that appear multiple times (indicates a systematic issue)
+ const patternsToSave = Object.entries(categoryGroups)
+ .filter(([_, count]) => count >= 2)
+ .map(([category, count]) => `${category}: ${count} occurrences`);
+
+ const memoryContent: PRReviewMemory = {
+ prNumber: result.prNumber,
+ repo,
+ verdict: result.overallStatus || "unknown",
+ timestamp: new Date().toISOString(),
+ summary: {
+ verdict: result.overallStatus || "unknown",
+ finding_counts: {
+ critical: criticalFindings.length,
+ high: highFindings.length,
+ medium: result.findings.filter((f) => f.severity === "medium").length,
+ low: result.findings.filter((f) => f.severity === "low").length,
+ },
+ total_findings: result.findings.length,
+ },
+ keyFindings: keyFindingsToSave,
+ patterns: patternsToSave,
+ gotchas: gotchasToSave,
+ isFollowup,
+ };
+
+ // Add follow-up specific info if applicable
+ if (isFollowup && result.resolvedFindings && result.unresolvedFindings) {
+ memoryContent.summary.verdict_reasoning = `Resolved: ${result.resolvedFindings.length}, Unresolved: ${result.unresolvedFindings.length}`;
+ }
+
+ // Save to memory as a pr_review episode
+ const episodeName = `PR #${result.prNumber} ${isFollowup ? "Follow-up " : ""}Review - ${repo}`;
+ const saveResult = await memoryService.addEpisode(
+ episodeName,
+ memoryContent,
+ "pr_review",
+ `pr_review_${repo.replace("/", "_")}`
+ );
+
+ if (saveResult.success) {
+ debugLog("PR review saved to memory", {
+ prNumber: result.prNumber,
+ episodeId: saveResult.id,
+ });
+ } else {
+ debugLog("Failed to save PR review to memory", { error: saveResult.error });
+ }
+ } catch (error) {
+ // Don't fail the review if memory save fails
+ debugLog("Error saving PR review to memory", {
+ error: error instanceof Error ? error.message : error,
+ });
+ }
+}
+
/**
* PR data from GitHub API
*/
@@ -154,7 +363,7 @@ export interface PRData {
* PR review progress status
*/
export interface PRReviewProgress {
- phase: 'fetching' | 'analyzing' | 'generating' | 'posting' | 'complete';
+ phase: "fetching" | "analyzing" | "generating" | "posting" | "complete";
prNumber: number;
progress: number;
message: string;
@@ -164,18 +373,26 @@ export interface PRReviewProgress {
* Get the GitHub directory for a project
*/
function getGitHubDir(project: Project): string {
- return path.join(project.path, '.auto-claude', 'github');
+ return path.join(project.path, ".auto-claude", "github");
}
/**
* PR log phase type
*/
-type PRLogPhase = 'context' | 'analysis' | 'synthesis';
+type PRLogPhase = "context" | "analysis" | "synthesis";
/**
* PR log entry type
*/
-type PRLogEntryType = 'text' | 'tool_start' | 'tool_end' | 'phase_start' | 'phase_end' | 'error' | 'success' | 'info';
+type PRLogEntryType =
+ | "text"
+ | "tool_start"
+ | "tool_end"
+ | "phase_start"
+ | "phase_end"
+ | "error"
+ | "success"
+ | "info";
/**
* Single PR log entry
@@ -195,7 +412,7 @@ interface PRLogEntry {
*/
interface PRPhaseLog {
phase: PRLogPhase;
- status: 'pending' | 'active' | 'completed' | 'failed';
+ status: "pending" | "active" | "completed" | "failed";
started_at: string | null;
completed_at: string | null;
entries: PRLogEntry[];
@@ -249,7 +466,7 @@ function parseLogLine(line: string): { source: string; content: string; isError:
for (const pattern of patterns) {
const match = line.match(pattern);
if (match) {
- const isDebugOrError = pattern.source.includes('DEBUG') || pattern.source.includes('ERROR');
+ const isDebugOrError = pattern.source.includes("DEBUG") || pattern.source.includes("ERROR");
if (isDebugOrError && match.length >= 3) {
// Skip debug messages that only show message types (not useful)
if (match[2].match(/^Message #\d+: \w+Message/)) {
@@ -258,10 +475,10 @@ function parseLogLine(line: string): { source: string; content: string; isError:
return {
source: match[1],
content: match[2],
- isError: pattern.source.includes('ERROR'),
+ isError: pattern.source.includes("ERROR"),
};
}
- const source = line.match(/^\[(\w+(?:\s+\w+)*)\]/)?.[1] || 'Unknown';
+ const source = line.match(/^\[(\w+(?:\s+\w+)*)\]/)?.[1] || "Unknown";
return {
source,
content: match[1] || line,
@@ -274,7 +491,7 @@ function parseLogLine(line: string): { source: string; content: string; isError:
const prProgressMatch = line.match(/^\[PR #\d+\]\s*\[\s*(\d+)%\]\s*(.*)$/);
if (prProgressMatch) {
return {
- source: 'Progress',
+ source: "Progress",
content: `[${prProgressMatch[1]}%] ${prProgressMatch[2]}`,
isError: false,
};
@@ -284,7 +501,7 @@ function parseLogLine(line: string): { source: string; content: string; isError:
const progressMatch = line.match(/^\[(\d+)%\]\s*(.*)$/);
if (progressMatch) {
return {
- source: 'Progress',
+ source: "Progress",
content: `[${progressMatch[1]}%] ${progressMatch[2]}`,
isError: false,
};
@@ -313,7 +530,7 @@ function parseLogLine(line: string): { source: string; content: string; isError:
const match = line.match(pattern);
if (match) {
return {
- source: 'Summary',
+ source: "Summary",
content: line,
isError: false,
};
@@ -327,16 +544,23 @@ function parseLogLine(line: string): { source: string; content: string; isError:
* Determine the phase from source
*/
function getPhaseFromSource(source: string): PRLogPhase {
- const contextSources = ['Context', 'BotDetector'];
- const analysisSources = ['AI', 'Orchestrator', 'ParallelOrchestrator', 'ParallelFollowup', 'Followup', 'orchestrator'];
- const synthesisSources = ['PR Review Engine', 'Summary', 'Progress'];
+ const contextSources = ["Context", "BotDetector"];
+ const analysisSources = [
+ "AI",
+ "Orchestrator",
+ "ParallelOrchestrator",
+ "ParallelFollowup",
+ "Followup",
+ "orchestrator",
+ ];
+ const synthesisSources = ["PR Review Engine", "Summary", "Progress"];
- if (contextSources.includes(source)) return 'context';
- if (analysisSources.includes(source)) return 'analysis';
+ if (contextSources.includes(source)) return "context";
+ if (analysisSources.includes(source)) return "analysis";
// Specialist agents (Agent:xxx) are part of analysis phase
- if (source.startsWith('Agent:')) return 'analysis';
- if (synthesisSources.includes(source)) return 'synthesis';
- return 'synthesis'; // Default to synthesis for unknown sources
+ if (source.startsWith("Agent:")) return "analysis";
+ if (synthesisSources.includes(source)) return "synthesis";
+ return "synthesis"; // Default to synthesis for unknown sources
}
/**
@@ -346,7 +570,7 @@ function createEmptyPRLogs(prNumber: number, repo: string, isFollowup: boolean):
const now = new Date().toISOString();
const createEmptyPhase = (phase: PRLogPhase): PRPhaseLog => ({
phase,
- status: 'pending',
+ status: "pending",
started_at: null,
completed_at: null,
entries: [],
@@ -359,9 +583,9 @@ function createEmptyPRLogs(prNumber: number, repo: string, isFollowup: boolean):
updated_at: now,
is_followup: isFollowup,
phases: {
- context: createEmptyPhase('context'),
- analysis: createEmptyPhase('analysis'),
- synthesis: createEmptyPhase('synthesis'),
+ context: createEmptyPhase("context"),
+ analysis: createEmptyPhase("analysis"),
+ synthesis: createEmptyPhase("synthesis"),
},
};
}
@@ -370,7 +594,7 @@ function createEmptyPRLogs(prNumber: number, repo: string, isFollowup: boolean):
* Get PR logs file path
*/
function getPRLogsPath(project: Project, prNumber: number): string {
- return path.join(getGitHubDir(project), 'pr', `logs_${prNumber}.json`);
+ return path.join(getGitHubDir(project), "pr", `logs_${prNumber}.json`);
}
/**
@@ -380,7 +604,7 @@ function loadPRLogs(project: Project, prNumber: number): PRLogs | null {
const logsPath = getPRLogsPath(project, prNumber);
try {
- const rawData = fs.readFileSync(logsPath, 'utf-8');
+ const rawData = fs.readFileSync(logsPath, "utf-8");
const sanitizedData = sanitizeNetworkData(rawData);
return JSON.parse(sanitizedData) as PRLogs;
} catch {
@@ -400,7 +624,7 @@ function savePRLogs(project: Project, logs: PRLogs): void {
}
logs.updated_at = new Date().toISOString();
- fs.writeFileSync(logsPath, JSON.stringify(logs, null, 2), 'utf-8');
+ fs.writeFileSync(logsPath, JSON.stringify(logs, null, 2), "utf-8");
}
/**
@@ -412,8 +636,8 @@ function addLogEntry(logs: PRLogs, entry: PRLogEntry): boolean {
let statusChanged = false;
// Start the phase if it was pending
- if (phase.status === 'pending') {
- phase.status = 'active';
+ if (phase.status === "pending") {
+ phase.status = "active";
phase.started_at = entry.timestamp;
statusChanged = true;
}
@@ -429,7 +653,7 @@ function addLogEntry(logs: PRLogs, entry: PRLogEntry): boolean {
class PRLogCollector {
private logs: PRLogs;
private project: Project;
- private currentPhase: PRLogPhase = 'context';
+ private currentPhase: PRLogPhase = "context";
private entryCount: number = 0;
private saveInterval: number = 3; // Save every N entries for real-time streaming
@@ -451,14 +675,14 @@ class PRLogCollector {
// When moving to a new phase, mark the previous phase as complete
// Only mark complete if the phase was actually active (received log entries)
// This prevents marking phases as "completed" if they were skipped
- if (this.currentPhase === 'context' && (phase === 'analysis' || phase === 'synthesis')) {
- if (this.logs.phases.context.status === 'active') {
- this.markPhaseComplete('context', true);
+ if (this.currentPhase === "context" && (phase === "analysis" || phase === "synthesis")) {
+ if (this.logs.phases.context.status === "active") {
+ this.markPhaseComplete("context", true);
}
}
- if (this.currentPhase === 'analysis' && phase === 'synthesis') {
- if (this.logs.phases.analysis.status === 'active') {
- this.markPhaseComplete('analysis', true);
+ if (this.currentPhase === "analysis" && phase === "synthesis") {
+ if (this.logs.phases.analysis.status === "active") {
+ this.markPhaseComplete("analysis", true);
}
}
this.currentPhase = phase;
@@ -466,7 +690,7 @@ class PRLogCollector {
const entry: PRLogEntry = {
timestamp: new Date().toISOString(),
- type: parsed.isError ? 'error' : 'text',
+ type: parsed.isError ? "error" : "text",
content: parsed.content,
phase,
source: parsed.source,
@@ -484,7 +708,7 @@ class PRLogCollector {
markPhaseComplete(phase: PRLogPhase, success: boolean): void {
const phaseLog = this.logs.phases[phase];
- phaseLog.status = success ? 'completed' : 'failed';
+ phaseLog.status = success ? "completed" : "failed";
phaseLog.completed_at = new Date().toISOString();
// Save immediately so frontend sees the status change
this.save();
@@ -497,9 +721,9 @@ class PRLogCollector {
finalize(success: boolean): void {
// Mark active phases as completed based on success status
// Pending phases with no entries should stay pending (they never ran)
- for (const phase of ['context', 'analysis', 'synthesis'] as PRLogPhase[]) {
+ for (const phase of ["context", "analysis", "synthesis"] as PRLogPhase[]) {
const phaseLog = this.logs.phases[phase];
- if (phaseLog.status === 'active') {
+ if (phaseLog.status === "active") {
this.markPhaseComplete(phase, success);
}
// Note: Pending phases stay pending - they never received any log entries
@@ -513,35 +737,37 @@ class PRLogCollector {
* Get saved PR review result
*/
function getReviewResult(project: Project, prNumber: number): PRReviewResult | null {
- const reviewPath = path.join(getGitHubDir(project), 'pr', `review_${prNumber}.json`);
+ const reviewPath = path.join(getGitHubDir(project), "pr", `review_${prNumber}.json`);
try {
- const rawData = fs.readFileSync(reviewPath, 'utf-8');
+ const rawData = fs.readFileSync(reviewPath, "utf-8");
const sanitizedData = sanitizeNetworkData(rawData);
const data = JSON.parse(sanitizedData);
return {
prNumber: data.pr_number,
repo: data.repo,
success: data.success,
- findings: data.findings?.map((f: Record) => ({
- id: f.id,
- severity: f.severity,
- category: f.category,
- title: f.title,
- description: f.description,
- file: f.file,
- line: f.line,
- endLine: f.end_line,
- suggestedFix: f.suggested_fix,
- fixable: f.fixable ?? false,
- })) ?? [],
- summary: data.summary ?? '',
- overallStatus: data.overall_status ?? 'comment',
+ findings:
+ data.findings?.map((f: Record) => ({
+ id: f.id,
+ severity: f.severity,
+ category: f.category,
+ title: f.title,
+ description: f.description,
+ file: f.file,
+ line: f.line,
+ endLine: f.end_line,
+ suggestedFix: f.suggested_fix,
+ fixable: f.fixable ?? false,
+ })) ?? [],
+ summary: data.summary ?? "",
+ overallStatus: data.overall_status ?? "comment",
reviewId: data.review_id,
reviewedAt: data.reviewed_at ?? new Date().toISOString(),
error: data.error,
// Follow-up review fields (snake_case -> camelCase)
reviewedCommitSha: data.reviewed_commit_sha,
+ reviewedFileBlobs: data.reviewed_file_blobs,
isFollowupReview: data.is_followup_review ?? false,
previousReviewId: data.previous_review_id,
resolvedFindings: data.resolved_findings ?? [],
@@ -575,9 +801,9 @@ function getGitHubPRSettings(): { model: string; thinkingLevel: string } {
const thinkingLevel = featureThinking.githubPrs ?? DEFAULT_FEATURE_THINKING.githubPrs;
// Convert model short name to full model ID
- const model = MODEL_ID_MAP[modelShort] ?? MODEL_ID_MAP['opus'];
+ const model = MODEL_ID_MAP[modelShort] ?? MODEL_ID_MAP["opus"];
- debugLog('GitHub PR settings', { modelShort, model, thinkingLevel });
+ debugLog("GitHub PR settings", { modelShort, model, thinkingLevel });
return { model, thinkingLevel };
}
@@ -615,23 +841,20 @@ async function runPRReview(
const args = buildRunnerArgs(
getRunnerPath(backendPath),
project.path,
- 'review-pr',
+ "review-pr",
[prNumber.toString()],
{ model, thinkingLevel }
);
- debugLog('Spawning PR review process', { args, model, thinkingLevel });
+ debugLog("Spawning PR review process", { args, model, thinkingLevel });
// Create log collector for this review
const config = getGitHubConfig(project);
- const repo = config?.repo || project.name || 'unknown';
+ const repo = config?.repo || project.name || "unknown";
const logCollector = new PRLogCollector(project, prNumber, repo, false);
// Build environment with project settings
- const subprocessEnv: Record = {};
- if (project.settings?.useClaudeMd !== false) {
- subprocessEnv['USE_CLAUDE_MD'] = 'true';
- }
+ const subprocessEnv = await getRunnerEnv(getClaudeMdEnv(project));
const { process: childProcess, promise } = runPythonSubprocess({
pythonPath: getPythonPath(backendPath),
@@ -639,27 +862,27 @@ async function runPRReview(
cwd: backendPath,
env: subprocessEnv,
onProgress: (percent, message) => {
- debugLog('Progress update', { percent, message });
+ debugLog("Progress update", { percent, message });
sendProgress({
- phase: 'analyzing',
+ phase: "analyzing",
prNumber,
progress: percent,
message,
});
},
onStdout: (line) => {
- debugLog('STDOUT:', line);
+ debugLog("STDOUT:", line);
// Collect log entries
logCollector.processLine(line);
},
- onStderr: (line) => debugLog('STDERR:', line),
+ onStderr: (line) => debugLog("STDERR:", line),
onComplete: () => {
// Load the result from disk
const reviewResult = getReviewResult(project, prNumber);
if (!reviewResult) {
- throw new Error('Review completed but result not found');
+ throw new Error("Review completed but result not found");
}
- debugLog('Review result loaded', { findingsCount: reviewResult.findings.length });
+ debugLog("Review result loaded", { findingsCount: reviewResult.findings.length });
return reviewResult;
},
});
@@ -667,7 +890,7 @@ async function runPRReview(
// Register the running process
const reviewKey = getReviewKey(project.id, prNumber);
runningReviews.set(reviewKey, childProcess);
- debugLog('Registered review process', { reviewKey, pid: childProcess.pid });
+ debugLog("Registered review process", { reviewKey, pid: childProcess.pid });
try {
// Wait for the process to complete
@@ -676,44 +899,49 @@ async function runPRReview(
if (!result.success) {
// Finalize logs with failure
logCollector.finalize(false);
- throw new Error(result.error ?? 'Review failed');
+ throw new Error(result.error ?? "Review failed");
}
// Finalize logs with success
logCollector.finalize(true);
+
+ // Save PR review insights to memory (async, non-blocking)
+ savePRReviewToMemory(result.data!, repo, false).catch((err) => {
+ debugLog("Failed to save PR review to memory", { error: err.message });
+ });
+
return result.data!;
} finally {
// Clean up the registry when done (success or error)
runningReviews.delete(reviewKey);
- debugLog('Unregistered review process', { reviewKey });
+ debugLog("Unregistered review process", { reviewKey });
}
}
/**
* Register PR-related handlers
*/
-export function registerPRHandlers(
- getMainWindow: () => BrowserWindow | null
-): void {
- debugLog('Registering PR handlers');
+export function registerPRHandlers(getMainWindow: () => BrowserWindow | null): void {
+ debugLog("Registering PR handlers");
- // List open PRs
+ // List open PRs with pagination support
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_LIST,
- async (_, projectId: string): Promise => {
- debugLog('listPRs handler called', { projectId });
+ async (_, projectId: string, page: number = 1): Promise => {
+ debugLog("listPRs handler called", { projectId, page });
const result = await withProjectOrNull(projectId, async (project) => {
const config = getGitHubConfig(project);
if (!config) {
- debugLog('No GitHub config found for project');
+ debugLog("No GitHub config found for project");
return [];
}
try {
- const prs = await githubFetch(
+ // Use pagination: per_page=100 (GitHub max), page=1,2,3...
+ const prs = (await githubFetch(
config.token,
- `/repos/${config.repo}/pulls?state=open&per_page=50`
- ) as Array<{
+ `/repos/${config.repo}/pulls?state=open&per_page=100&page=${page}`
+ )) as Array<{
number: number;
title: string;
body?: string;
@@ -730,18 +958,18 @@ export function registerPRHandlers(
html_url: string;
}>;
- debugLog('Fetched PRs', { count: prs.length });
- return prs.map(pr => ({
+ debugLog("Fetched PRs", { count: prs.length, page, samplePr: prs[0] });
+ return prs.map((pr) => ({
number: pr.number,
title: pr.title,
- body: pr.body ?? '',
+ body: pr.body ?? "",
state: pr.state,
author: { login: pr.user.login },
headRefName: pr.head.ref,
baseRefName: pr.base.ref,
- additions: pr.additions,
- deletions: pr.deletions,
- changedFiles: pr.changed_files,
+ additions: pr.additions ?? 0,
+ deletions: pr.deletions ?? 0,
+ changedFiles: pr.changed_files ?? 0,
assignees: pr.assignees?.map((a: { login: string }) => ({ login: a.login })) ?? [],
files: [],
createdAt: pr.created_at,
@@ -749,7 +977,9 @@ export function registerPRHandlers(
htmlUrl: pr.html_url,
}));
} catch (error) {
- debugLog('Failed to fetch PRs', { error: error instanceof Error ? error.message : error });
+ debugLog("Failed to fetch PRs", {
+ error: error instanceof Error ? error.message : error,
+ });
return [];
}
});
@@ -761,16 +991,16 @@ export function registerPRHandlers(
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_GET,
async (_, projectId: string, prNumber: number): Promise => {
- debugLog('getPR handler called', { projectId, prNumber });
+ debugLog("getPR handler called", { projectId, prNumber });
return withProjectOrNull(projectId, async (project) => {
const config = getGitHubConfig(project);
if (!config) return null;
try {
- const pr = await githubFetch(
+ const pr = (await githubFetch(
config.token,
`/repos/${config.repo}/pulls/${prNumber}`
- ) as {
+ )) as {
number: number;
title: string;
body?: string;
@@ -787,10 +1017,10 @@ export function registerPRHandlers(
html_url: string;
};
- const files = await githubFetch(
+ const files = (await githubFetch(
config.token,
`/repos/${config.repo}/pulls/${prNumber}/files`
- ) as Array<{
+ )) as Array<{
filename: string;
additions: number;
deletions: number;
@@ -800,19 +1030,19 @@ export function registerPRHandlers(
return {
number: pr.number,
title: pr.title,
- body: pr.body ?? '',
+ body: pr.body ?? "",
state: pr.state,
author: { login: pr.user.login },
headRefName: pr.head.ref,
baseRefName: pr.base.ref,
- additions: pr.additions,
- deletions: pr.deletions,
- changedFiles: pr.changed_files,
+ additions: pr.additions ?? 0,
+ deletions: pr.deletions ?? 0,
+ changedFiles: pr.changed_files ?? 0,
assignees: pr.assignees?.map((a: { login: string }) => ({ login: a.login })) ?? [],
- files: files.map(f => ({
+ files: files.map((f) => ({
path: f.filename,
- additions: f.additions,
- deletions: f.deletions,
+ additions: f.additions ?? 0,
+ deletions: f.deletions ?? 0,
status: f.status,
})),
createdAt: pr.created_at,
@@ -835,15 +1065,15 @@ export function registerPRHandlers(
if (!config) return null;
try {
- const { execFileSync } = await import('child_process');
+ const { execFileSync } = await import("child_process");
// Validate prNumber to prevent command injection
if (!Number.isInteger(prNumber) || prNumber <= 0) {
- throw new Error('Invalid PR number');
+ throw new Error("Invalid PR number");
}
// Use execFileSync with arguments array to prevent command injection
- const diff = execFileSync('gh', ['pr', 'diff', String(prNumber)], {
+ const diff = execFileSync("gh", ["pr", "diff", String(prNumber)], {
cwd: project.path,
- encoding: 'utf-8',
+ encoding: "utf-8",
env: getAugmentedEnv(),
});
return diff;
@@ -864,6 +1094,29 @@ export function registerPRHandlers(
}
);
+ // Batch get saved reviews - more efficient than individual calls
+ ipcMain.handle(
+ IPC_CHANNELS.GITHUB_PR_GET_REVIEWS_BATCH,
+ async (
+ _,
+ projectId: string,
+ prNumbers: number[]
+ ): Promise> => {
+ debugLog("getReviewsBatch handler called", { projectId, count: prNumbers.length });
+ const result = await withProjectOrNull(projectId, async (project) => {
+ const reviews: Record = {};
+ for (const prNumber of prNumbers) {
+ reviews[prNumber] = getReviewResult(project, prNumber);
+ }
+ debugLog("Batch loaded reviews", {
+ count: Object.values(reviews).filter((r) => r !== null).length,
+ });
+ return reviews;
+ });
+ return result ?? {};
+ }
+ );
+
// Get PR review logs
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_GET_LOGS,
@@ -875,82 +1128,20 @@ export function registerPRHandlers(
);
// Run AI review
- ipcMain.on(
- IPC_CHANNELS.GITHUB_PR_REVIEW,
- async (_, projectId: string, prNumber: number) => {
- debugLog('runPRReview handler called', { projectId, prNumber });
- const mainWindow = getMainWindow();
- if (!mainWindow) {
- debugLog('No main window available');
- return;
- }
-
- try {
- await withProjectOrNull(projectId, async (project) => {
- const { sendProgress, sendComplete } = createIPCCommunicators(
- mainWindow,
- {
- progress: IPC_CHANNELS.GITHUB_PR_REVIEW_PROGRESS,
- error: IPC_CHANNELS.GITHUB_PR_REVIEW_ERROR,
- complete: IPC_CHANNELS.GITHUB_PR_REVIEW_COMPLETE,
- },
- projectId
- );
-
- debugLog('Starting PR review', { prNumber });
- sendProgress({
- phase: 'fetching',
- prNumber,
- progress: 5,
- message: 'Assigning you to PR...',
- });
-
- // Auto-assign current user to PR
- const config = getGitHubConfig(project);
- if (config) {
- try {
- // Get current user
- const user = await githubFetch(config.token, '/user') as { login: string };
- debugLog('Auto-assigning user to PR', { prNumber, username: user.login });
-
- // Assign to PR
- await githubFetch(
- config.token,
- `/repos/${config.repo}/issues/${prNumber}/assignees`,
- {
- method: 'POST',
- body: JSON.stringify({ assignees: [user.login] }),
- }
- );
- debugLog('User assigned successfully', { prNumber, username: user.login });
- } catch (assignError) {
- // Don't fail the review if assignment fails, just log it
- debugLog('Failed to auto-assign user', { prNumber, error: assignError instanceof Error ? assignError.message : assignError });
- }
- }
-
- sendProgress({
- phase: 'fetching',
- prNumber,
- progress: 10,
- message: 'Fetching PR data...',
- });
-
- const result = await runPRReview(project, prNumber, mainWindow);
-
- debugLog('PR review completed', { prNumber, findingsCount: result.findings.length });
- sendProgress({
- phase: 'complete',
- prNumber,
- progress: 100,
- message: 'Review complete!',
- });
+ ipcMain.on(IPC_CHANNELS.GITHUB_PR_REVIEW, async (_, projectId: string, prNumber: number) => {
+ debugLog("runPRReview handler called", { projectId, prNumber });
+ const mainWindow = getMainWindow();
+ if (!mainWindow) {
+ debugLog("No main window available");
+ return;
+ }
- sendComplete(result);
- });
- } catch (error) {
- debugLog('PR review failed', { prNumber, error: error instanceof Error ? error.message : error });
- const { sendError } = createIPCCommunicators(
+ try {
+ await withProjectOrNull(projectId, async (project) => {
+ const { sendProgress, sendComplete } = createIPCCommunicators<
+ PRReviewProgress,
+ PRReviewResult
+ >(
mainWindow,
{
progress: IPC_CHANNELS.GITHUB_PR_REVIEW_PROGRESS,
@@ -959,26 +1150,101 @@ export function registerPRHandlers(
},
projectId
);
- sendError(error instanceof Error ? error.message : 'Failed to run PR review');
- }
+
+ debugLog("Starting PR review", { prNumber });
+ sendProgress({
+ phase: "fetching",
+ prNumber,
+ progress: 5,
+ message: "Assigning you to PR...",
+ });
+
+ // Auto-assign current user to PR
+ const config = getGitHubConfig(project);
+ if (config) {
+ try {
+ // Get current user
+ const user = (await githubFetch(config.token, "/user")) as { login: string };
+ debugLog("Auto-assigning user to PR", { prNumber, username: user.login });
+
+ // Assign to PR
+ await githubFetch(config.token, `/repos/${config.repo}/issues/${prNumber}/assignees`, {
+ method: "POST",
+ body: JSON.stringify({ assignees: [user.login] }),
+ });
+ debugLog("User assigned successfully", { prNumber, username: user.login });
+ } catch (assignError) {
+ // Don't fail the review if assignment fails, just log it
+ debugLog("Failed to auto-assign user", {
+ prNumber,
+ error: assignError instanceof Error ? assignError.message : assignError,
+ });
+ }
+ }
+
+ sendProgress({
+ phase: "fetching",
+ prNumber,
+ progress: 10,
+ message: "Fetching PR data...",
+ });
+
+ const result = await runPRReview(project, prNumber, mainWindow);
+
+ debugLog("PR review completed", { prNumber, findingsCount: result.findings.length });
+ sendProgress({
+ phase: "complete",
+ prNumber,
+ progress: 100,
+ message: "Review complete!",
+ });
+
+ sendComplete(result);
+ });
+ } catch (error) {
+ debugLog("PR review failed", {
+ prNumber,
+ error: error instanceof Error ? error.message : error,
+ });
+ const { sendError } = createIPCCommunicators(
+ mainWindow,
+ {
+ progress: IPC_CHANNELS.GITHUB_PR_REVIEW_PROGRESS,
+ error: IPC_CHANNELS.GITHUB_PR_REVIEW_ERROR,
+ complete: IPC_CHANNELS.GITHUB_PR_REVIEW_COMPLETE,
+ },
+ projectId
+ );
+ sendError(error instanceof Error ? error.message : "Failed to run PR review");
}
- );
+ });
// Post review to GitHub
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_POST_REVIEW,
- async (_, projectId: string, prNumber: number, selectedFindingIds?: string[]): Promise => {
- debugLog('postPRReview handler called', { projectId, prNumber, selectedCount: selectedFindingIds?.length });
+ async (
+ _,
+ projectId: string,
+ prNumber: number,
+ selectedFindingIds?: string[],
+ options?: { forceApprove?: boolean }
+ ): Promise => {
+ debugLog("postPRReview handler called", {
+ projectId,
+ prNumber,
+ selectedCount: selectedFindingIds?.length,
+ forceApprove: options?.forceApprove,
+ });
const postResult = await withProjectOrNull(projectId, async (project) => {
const result = getReviewResult(project, prNumber);
if (!result) {
- debugLog('No review result found', { prNumber });
+ debugLog("No review result found", { prNumber });
return false;
}
const config = getGitHubConfig(project);
if (!config) {
- debugLog('No GitHub config found');
+ debugLog("No GitHub config found");
return false;
}
@@ -986,115 +1252,179 @@ export function registerPRHandlers(
// Filter findings if selection provided
const selectedSet = selectedFindingIds ? new Set(selectedFindingIds) : null;
const findings = selectedSet
- ? result.findings.filter(f => selectedSet.has(f.id))
+ ? result.findings.filter((f) => selectedSet.has(f.id))
: result.findings;
- debugLog('Posting findings', { total: result.findings.length, selected: findings.length });
-
- // Build review body
- let body = `## 🤖 Auto Claude PR Review\n\n${result.summary}\n\n`;
-
- if (findings.length > 0) {
- // Show selected count vs total if filtered
- const countText = selectedSet
- ? `${findings.length} selected of ${result.findings.length} total`
- : `${findings.length} total`;
- body += `### Findings (${countText})\n\n`;
-
- for (const f of findings) {
- const emoji = { critical: '🔴', high: '🟠', medium: '🟡', low: '🔵' }[f.severity] || '⚪';
- body += `#### ${emoji} [${f.severity.toUpperCase()}] ${f.title}\n`;
- body += `📁 \`${f.file}:${f.line}\`\n\n`;
- body += `${f.description}\n\n`;
- // Only show suggested fix if it has actual content
- const suggestedFix = f.suggestedFix?.trim();
- if (suggestedFix) {
- body += `**Suggested fix:**\n\`\`\`\n${suggestedFix}\n\`\`\`\n\n`;
+ debugLog("Posting findings", {
+ total: result.findings.length,
+ selected: findings.length,
+ });
+
+ // Build review body - different format for auto-approve with suggestions
+ let body: string;
+
+ if (options?.forceApprove) {
+ // Auto-approve format: clean approval message with optional suggestions
+ body = `## ✅ Auto Claude Review - APPROVED\n\n`;
+ body += `**Status:** Ready to Merge\n\n`;
+ body += `**Summary:** ${result.summary}\n\n`;
+
+ if (findings.length > 0) {
+ body += `---\n\n`;
+ body += `### 💡 Suggestions (${findings.length})\n\n`;
+ body += `*These are non-blocking suggestions for consideration:*\n\n`;
+
+ for (const f of findings) {
+ const emoji =
+ { critical: "🔴", high: "🟠", medium: "🟡", low: "🔵" }[f.severity] || "⚪";
+ body += `#### ${emoji} [${f.id}] [${f.severity.toUpperCase()}] ${f.title}\n`;
+ body += `📁 \`${f.file}:${f.line}\`\n\n`;
+ body += `${f.description}\n\n`;
+ const suggestedFix = f.suggestedFix?.trim();
+ if (suggestedFix) {
+ body += `**Suggested fix:**\n\`\`\`\n${suggestedFix}\n\`\`\`\n\n`;
+ }
}
}
+
+ body += `---\n*This automated review found no blocking issues. The PR can be safely merged.*\n\n`;
+ body += `*Generated by Auto Claude*`;
} else {
- body += `*No findings selected for this review.*\n\n`;
- }
+ // Standard review format
+ body = `## 🤖 Auto Claude PR Review\n\n${result.summary}\n\n`;
+
+ if (findings.length > 0) {
+ // Show selected count vs total if filtered
+ const countText = selectedSet
+ ? `${findings.length} selected of ${result.findings.length} total`
+ : `${findings.length} total`;
+ body += `### Findings (${countText})\n\n`;
+
+ for (const f of findings) {
+ const emoji =
+ { critical: "🔴", high: "🟠", medium: "🟡", low: "🔵" }[f.severity] || "⚪";
+ body += `#### ${emoji} [${f.id}] [${f.severity.toUpperCase()}] ${f.title}\n`;
+ body += `📁 \`${f.file}:${f.line}\`\n\n`;
+ body += `${f.description}\n\n`;
+ // Only show suggested fix if it has actual content
+ const suggestedFix = f.suggestedFix?.trim();
+ if (suggestedFix) {
+ body += `**Suggested fix:**\n\`\`\`\n${suggestedFix}\n\`\`\`\n\n`;
+ }
+ }
+ } else {
+ body += `*No findings selected for this review.*\n\n`;
+ }
- body += `---\n*This review was generated by Auto Claude.*`;
+ body += `---\n*This review was generated by Auto Claude.*`;
+ }
- // Determine review status based on selected findings
+ // Determine review status based on selected findings (or force approve)
let overallStatus = result.overallStatus;
- if (selectedSet) {
- const hasBlocker = findings.some(f => f.severity === 'critical' || f.severity === 'high');
- overallStatus = hasBlocker ? 'request_changes' : (findings.length > 0 ? 'comment' : 'approve');
+ if (options?.forceApprove) {
+ // Force approve regardless of findings
+ overallStatus = "approve";
+ } else if (selectedSet) {
+ const hasBlocker = findings.some(
+ (f) => f.severity === "critical" || f.severity === "high"
+ );
+ overallStatus = hasBlocker
+ ? "request_changes"
+ : findings.length > 0
+ ? "comment"
+ : "approve";
}
// Map to GitHub API event type
- const event = overallStatus === 'approve' ? 'APPROVE' :
- overallStatus === 'request_changes' ? 'REQUEST_CHANGES' : 'COMMENT';
-
- debugLog('Posting review to GitHub', { prNumber, status: overallStatus, event, findingsCount: findings.length });
+ const event =
+ overallStatus === "approve"
+ ? "APPROVE"
+ : overallStatus === "request_changes"
+ ? "REQUEST_CHANGES"
+ : "COMMENT";
+
+ debugLog("Posting review to GitHub", {
+ prNumber,
+ status: overallStatus,
+ event,
+ findingsCount: findings.length,
+ });
// Post review via GitHub API to capture review ID
let reviewId: number;
try {
- const reviewResponse = await githubFetch(
+ const reviewResponse = (await githubFetch(
config.token,
`/repos/${config.repo}/pulls/${prNumber}/reviews`,
{
- method: 'POST',
+ method: "POST",
body: JSON.stringify({
body,
event,
}),
}
- ) as { id: number };
+ )) as { id: number };
reviewId = reviewResponse.id;
} catch (error) {
// GitHub doesn't allow REQUEST_CHANGES or APPROVE on your own PR
// Fall back to COMMENT if that's the error
const errorMsg = error instanceof Error ? error.message : String(error);
- if (errorMsg.includes('Can not request changes on your own pull request') ||
- errorMsg.includes('Can not approve your own pull request')) {
- debugLog('Cannot use REQUEST_CHANGES/APPROVE on own PR, falling back to COMMENT', { prNumber });
- const fallbackResponse = await githubFetch(
+ if (
+ errorMsg.includes("Can not request changes on your own pull request") ||
+ errorMsg.includes("Can not approve your own pull request")
+ ) {
+ debugLog("Cannot use REQUEST_CHANGES/APPROVE on own PR, falling back to COMMENT", {
+ prNumber,
+ });
+ const fallbackResponse = (await githubFetch(
config.token,
`/repos/${config.repo}/pulls/${prNumber}/reviews`,
{
- method: 'POST',
+ method: "POST",
body: JSON.stringify({
body,
- event: 'COMMENT',
+ event: "COMMENT",
}),
}
- ) as { id: number };
+ )) as { id: number };
reviewId = fallbackResponse.id;
} else {
throw error;
}
}
- debugLog('Review posted successfully', { prNumber, reviewId });
+ debugLog("Review posted successfully", { prNumber, reviewId });
// Update the stored review result with the review ID and posted findings
- const reviewPath = path.join(getGitHubDir(project), 'pr', `review_${prNumber}.json`);
+ const reviewPath = path.join(getGitHubDir(project), "pr", `review_${prNumber}.json`);
try {
- const rawData = fs.readFileSync(reviewPath, 'utf-8');
+ const rawData = fs.readFileSync(reviewPath, "utf-8");
// Sanitize network data before parsing (review may contain data from GitHub API)
const sanitizedData = sanitizeNetworkData(rawData);
const data = JSON.parse(sanitizedData);
data.review_id = reviewId;
// Track posted findings to enable follow-up review
data.has_posted_findings = true;
- const newPostedIds = findings.map(f => f.id);
+ const newPostedIds = findings.map((f) => f.id);
const existingPostedIds = data.posted_finding_ids || [];
data.posted_finding_ids = [...new Set([...existingPostedIds, ...newPostedIds])];
data.posted_at = new Date().toISOString();
- fs.writeFileSync(reviewPath, JSON.stringify(data, null, 2), 'utf-8');
- debugLog('Updated review result with review ID and posted findings', { prNumber, reviewId, postedCount: newPostedIds.length });
+ fs.writeFileSync(reviewPath, JSON.stringify(data, null, 2), "utf-8");
+ debugLog("Updated review result with review ID and posted findings", {
+ prNumber,
+ reviewId,
+ postedCount: newPostedIds.length,
+ });
} catch {
// File doesn't exist or couldn't be read - this is expected for new reviews
- debugLog('Review result file not found or unreadable, skipping update', { prNumber });
+ debugLog("Review result file not found or unreadable, skipping update", { prNumber });
}
return true;
} catch (error) {
- debugLog('Failed to post review', { prNumber, error: error instanceof Error ? error.message : error });
+ debugLog("Failed to post review", {
+ prNumber,
+ error: error instanceof Error ? error.message : error,
+ });
return false;
}
});
@@ -1106,41 +1436,46 @@ export function registerPRHandlers(
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_POST_COMMENT,
async (_, projectId: string, prNumber: number, body: string): Promise => {
- debugLog('postPRComment handler called', { projectId, prNumber });
+ debugLog("postPRComment handler called", { projectId, prNumber });
const postResult = await withProjectOrNull(projectId, async (project) => {
try {
- const { execFileSync } = await import('child_process');
- const { writeFileSync, unlinkSync } = await import('fs');
- const { join } = await import('path');
+ const { execFileSync } = await import("child_process");
+ const { writeFileSync, unlinkSync } = await import("fs");
+ const { join } = await import("path");
- debugLog('Posting comment to PR', { prNumber });
+ debugLog("Posting comment to PR", { prNumber });
// Validate prNumber to prevent command injection
if (!Number.isInteger(prNumber) || prNumber <= 0) {
- throw new Error('Invalid PR number');
+ throw new Error("Invalid PR number");
}
// Use temp file to avoid shell escaping issues
- const tmpFile = join(project.path, '.auto-claude', 'tmp_comment_body.txt');
+ const tmpFile = join(project.path, ".auto-claude", "tmp_comment_body.txt");
try {
- writeFileSync(tmpFile, body, 'utf-8');
+ writeFileSync(tmpFile, body, "utf-8");
// Use execFileSync with arguments array to prevent command injection
- execFileSync('gh', ['pr', 'comment', String(prNumber), '--body-file', tmpFile], {
+ execFileSync("gh", ["pr", "comment", String(prNumber), "--body-file", tmpFile], {
cwd: project.path,
env: getAugmentedEnv(),
});
unlinkSync(tmpFile);
} catch (error) {
- try { unlinkSync(tmpFile); } catch {
+ try {
+ unlinkSync(tmpFile);
+ } catch {
// Ignore cleanup errors
}
throw error;
}
- debugLog('Comment posted successfully', { prNumber });
+ debugLog("Comment posted successfully", { prNumber });
return true;
} catch (error) {
- debugLog('Failed to post comment', { prNumber, error: error instanceof Error ? error.message : error });
+ debugLog("Failed to post comment", {
+ prNumber,
+ error: error instanceof Error ? error.message : error,
+ });
return false;
}
});
@@ -1152,51 +1487,54 @@ export function registerPRHandlers(
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_DELETE_REVIEW,
async (_, projectId: string, prNumber: number): Promise => {
- debugLog('deletePRReview handler called', { projectId, prNumber });
+ debugLog("deletePRReview handler called", { projectId, prNumber });
const deleteResult = await withProjectOrNull(projectId, async (project) => {
const result = getReviewResult(project, prNumber);
if (!result || !result.reviewId) {
- debugLog('No review ID found for deletion', { prNumber });
+ debugLog("No review ID found for deletion", { prNumber });
return false;
}
const config = getGitHubConfig(project);
if (!config) {
- debugLog('No GitHub config found');
+ debugLog("No GitHub config found");
return false;
}
try {
- debugLog('Deleting review from GitHub', { prNumber, reviewId: result.reviewId });
+ debugLog("Deleting review from GitHub", { prNumber, reviewId: result.reviewId });
// Delete review via GitHub API
await githubFetch(
config.token,
`/repos/${config.repo}/pulls/${prNumber}/reviews/${result.reviewId}`,
{
- method: 'DELETE',
+ method: "DELETE",
}
);
- debugLog('Review deleted successfully', { prNumber, reviewId: result.reviewId });
+ debugLog("Review deleted successfully", { prNumber, reviewId: result.reviewId });
// Clear the review ID from the stored result
- const reviewPath = path.join(getGitHubDir(project), 'pr', `review_${prNumber}.json`);
+ const reviewPath = path.join(getGitHubDir(project), "pr", `review_${prNumber}.json`);
try {
- const rawData = fs.readFileSync(reviewPath, 'utf-8');
+ const rawData = fs.readFileSync(reviewPath, "utf-8");
const sanitizedData = sanitizeNetworkData(rawData);
const data = JSON.parse(sanitizedData);
delete data.review_id;
- fs.writeFileSync(reviewPath, JSON.stringify(data, null, 2), 'utf-8');
- debugLog('Cleared review ID from result file', { prNumber });
+ fs.writeFileSync(reviewPath, JSON.stringify(data, null, 2), "utf-8");
+ debugLog("Cleared review ID from result file", { prNumber });
} catch {
// File doesn't exist or couldn't be read - this is expected if review wasn't saved
- debugLog('Review result file not found or unreadable, skipping update', { prNumber });
+ debugLog("Review result file not found or unreadable, skipping update", { prNumber });
}
return true;
} catch (error) {
- debugLog('Failed to delete review', { prNumber, error: error instanceof Error ? error.message : error });
+ debugLog("Failed to delete review", {
+ prNumber,
+ error: error instanceof Error ? error.message : error,
+ });
return false;
}
});
@@ -1207,33 +1545,41 @@ export function registerPRHandlers(
// Merge PR
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_MERGE,
- async (_, projectId: string, prNumber: number, mergeMethod: 'merge' | 'squash' | 'rebase' = 'squash'): Promise => {
- debugLog('mergePR handler called', { projectId, prNumber, mergeMethod });
+ async (
+ _,
+ projectId: string,
+ prNumber: number,
+ mergeMethod: "merge" | "squash" | "rebase" = "squash"
+ ): Promise => {
+ debugLog("mergePR handler called", { projectId, prNumber, mergeMethod });
const mergeResult = await withProjectOrNull(projectId, async (project) => {
try {
- const { execFileSync } = await import('child_process');
- debugLog('Merging PR', { prNumber, method: mergeMethod });
+ const { execFileSync } = await import("child_process");
+ debugLog("Merging PR", { prNumber, method: mergeMethod });
// Validate prNumber to prevent command injection
if (!Number.isInteger(prNumber) || prNumber <= 0) {
- throw new Error('Invalid PR number');
+ throw new Error("Invalid PR number");
}
// Validate mergeMethod to prevent command injection
- const validMethods = ['merge', 'squash', 'rebase'];
+ const validMethods = ["merge", "squash", "rebase"];
if (!validMethods.includes(mergeMethod)) {
- throw new Error('Invalid merge method');
+ throw new Error("Invalid merge method");
}
// Use execFileSync with arguments array to prevent command injection
- execFileSync('gh', ['pr', 'merge', String(prNumber), `--${mergeMethod}`], {
+ execFileSync("gh", ["pr", "merge", String(prNumber), `--${mergeMethod}`], {
cwd: project.path,
env: getAugmentedEnv(),
});
- debugLog('PR merged successfully', { prNumber });
+ debugLog("PR merged successfully", { prNumber });
return true;
} catch (error) {
- debugLog('Failed to merge PR', { prNumber, error: error instanceof Error ? error.message : error });
+ debugLog("Failed to merge PR", {
+ prNumber,
+ error: error instanceof Error ? error.message : error,
+ });
return false;
}
});
@@ -1245,25 +1591,25 @@ export function registerPRHandlers(
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_ASSIGN,
async (_, projectId: string, prNumber: number, username: string): Promise => {
- debugLog('assignPR handler called', { projectId, prNumber, username });
+ debugLog("assignPR handler called", { projectId, prNumber, username });
const assignResult = await withProjectOrNull(projectId, async (project) => {
const config = getGitHubConfig(project);
if (!config) return false;
try {
// Use GitHub API to add assignee
- await githubFetch(
- config.token,
- `/repos/${config.repo}/issues/${prNumber}/assignees`,
- {
- method: 'POST',
- body: JSON.stringify({ assignees: [username] }),
- }
- );
- debugLog('User assigned successfully', { prNumber, username });
+ await githubFetch(config.token, `/repos/${config.repo}/issues/${prNumber}/assignees`, {
+ method: "POST",
+ body: JSON.stringify({ assignees: [username] }),
+ });
+ debugLog("User assigned successfully", { prNumber, username });
return true;
} catch (error) {
- debugLog('Failed to assign user', { prNumber, username, error: error instanceof Error ? error.message : error });
+ debugLog("Failed to assign user", {
+ prNumber,
+ username,
+ error: error instanceof Error ? error.message : error,
+ });
return false;
}
});
@@ -1275,33 +1621,36 @@ export function registerPRHandlers(
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_REVIEW_CANCEL,
async (_, projectId: string, prNumber: number): Promise => {
- debugLog('cancelPRReview handler called', { projectId, prNumber });
+ debugLog("cancelPRReview handler called", { projectId, prNumber });
const reviewKey = getReviewKey(projectId, prNumber);
const childProcess = runningReviews.get(reviewKey);
if (!childProcess) {
- debugLog('No running review found to cancel', { reviewKey });
+ debugLog("No running review found to cancel", { reviewKey });
return false;
}
try {
- debugLog('Killing review process', { reviewKey, pid: childProcess.pid });
- childProcess.kill('SIGTERM');
+ debugLog("Killing review process", { reviewKey, pid: childProcess.pid });
+ childProcess.kill("SIGTERM");
// Give it a moment to terminate gracefully, then force kill if needed
setTimeout(() => {
if (!childProcess.killed) {
- debugLog('Force killing review process', { reviewKey, pid: childProcess.pid });
- childProcess.kill('SIGKILL');
+ debugLog("Force killing review process", { reviewKey, pid: childProcess.pid });
+ childProcess.kill("SIGKILL");
}
}, 1000);
// Clean up the registry
runningReviews.delete(reviewKey);
- debugLog('Review process cancelled', { reviewKey });
+ debugLog("Review process cancelled", { reviewKey });
return true;
} catch (error) {
- debugLog('Failed to cancel review', { reviewKey, error: error instanceof Error ? error.message : error });
+ debugLog("Failed to cancel review", {
+ reviewKey,
+ error: error instanceof Error ? error.message : error,
+ });
return false;
}
}
@@ -1311,16 +1660,16 @@ export function registerPRHandlers(
ipcMain.handle(
IPC_CHANNELS.GITHUB_PR_CHECK_NEW_COMMITS,
async (_, projectId: string, prNumber: number): Promise => {
- debugLog('checkNewCommits handler called', { projectId, prNumber });
+ debugLog("checkNewCommits handler called", { projectId, prNumber });
const result = await withProjectOrNull(projectId, async (project) => {
// Check if review exists and has reviewed_commit_sha
- const githubDir = path.join(project.path, '.auto-claude', 'github');
- const reviewPath = path.join(githubDir, 'pr', `review_${prNumber}.json`);
+ const githubDir = path.join(project.path, ".auto-claude", "github");
+ const reviewPath = path.join(githubDir, "pr", `review_${prNumber}.json`);
let review: PRReviewResult;
try {
- const rawData = fs.readFileSync(reviewPath, 'utf-8');
+ const rawData = fs.readFileSync(reviewPath, "utf-8");
const sanitizedData = sanitizeNetworkData(rawData);
review = JSON.parse(sanitizedData);
} catch {
@@ -1328,10 +1677,10 @@ export function registerPRHandlers(
return { hasNewCommits: false, newCommitCount: 0 };
}
- // Convert snake_case to camelCase for the field
- const reviewedCommitSha = review.reviewedCommitSha || (review as any).reviewed_commit_sha;
+ // Normalize snake_case to camelCase for backwards compatibility with old saved files
+ const reviewedCommitSha = review.reviewedCommitSha ?? (review as any).reviewed_commit_sha;
if (!reviewedCommitSha) {
- debugLog('No reviewedCommitSha in review', { prNumber });
+ debugLog("No reviewedCommitSha in review", { prNumber });
return { hasNewCommits: false, newCommitCount: 0 };
}
@@ -1350,7 +1699,10 @@ export function registerPRHandlers(
)) as { head: { sha: string }; commits: number };
currentHeadSha = prData.head.sha;
} catch (error) {
- debugLog('Error fetching PR data', { prNumber, error: error instanceof Error ? error.message : error });
+ debugLog("Error fetching PR data", {
+ prNumber,
+ error: error instanceof Error ? error.message : error,
+ });
return { hasNewCommits: false, newCommitCount: 0 };
}
@@ -1371,7 +1723,11 @@ export function registerPRHandlers(
const comparison = (await githubFetch(
config.token,
`/repos/${config.repo}/compare/${reviewedCommitSha}...${currentHeadSha}`
- )) as { ahead_by?: number; total_commits?: number; commits?: Array<{ commit: { committer: { date: string } } }> };
+ )) as {
+ ahead_by?: number;
+ total_commits?: number;
+ commits?: Array<{ commit: { committer: { date: string } } }>;
+ };
// Check if findings have been posted and if new commits are after the posting date
const postedAt = review.postedAt || (review as any).posted_at;
@@ -1380,14 +1736,15 @@ export function registerPRHandlers(
if (postedAt && comparison.commits && comparison.commits.length > 0) {
const postedAtDate = new Date(postedAt);
// Check if any commit is newer than when findings were posted
- hasCommitsAfterPosting = comparison.commits.some(c => {
+ hasCommitsAfterPosting = comparison.commits.some((c) => {
const commitDate = new Date(c.commit.committer.date);
return commitDate > postedAtDate;
});
- debugLog('Comparing commit dates with posted_at', {
+ debugLog("Comparing commit dates with posted_at", {
prNumber,
postedAt,
- latestCommitDate: comparison.commits[comparison.commits.length - 1]?.commit.committer.date,
+ latestCommitDate:
+ comparison.commits[comparison.commits.length - 1]?.commit.committer.date,
hasCommitsAfterPosting,
});
} else if (!postedAt) {
@@ -1405,12 +1762,15 @@ export function registerPRHandlers(
} catch (error) {
// Comparison failed (e.g., force push made old commit unreachable)
// Since we already verified SHAs differ, treat as having new commits
- debugLog('Comparison failed but SHAs differ - likely force push, treating as new commits', {
- prNumber,
- reviewedCommitSha,
- currentHeadSha,
- error: error instanceof Error ? error.message : error
- });
+ debugLog(
+ "Comparison failed but SHAs differ - likely force push, treating as new commits",
+ {
+ prNumber,
+ reviewedCommitSha,
+ currentHeadSha,
+ error: error instanceof Error ? error.message : error,
+ }
+ );
return {
hasNewCommits: true,
newCommitCount: 1, // Unknown count due to force push
@@ -1425,20 +1785,165 @@ export function registerPRHandlers(
}
);
+ // Check merge readiness (lightweight freshness check for verdict validation)
+ ipcMain.handle(
+ IPC_CHANNELS.GITHUB_PR_CHECK_MERGE_READINESS,
+ async (_, projectId: string, prNumber: number): Promise => {
+ debugLog("checkMergeReadiness handler called", { projectId, prNumber });
+
+ const defaultResult: MergeReadiness = {
+ isDraft: false,
+ mergeable: "UNKNOWN",
+ isBehind: false,
+ ciStatus: "none",
+ blockers: [],
+ };
+
+ const result = await withProjectOrNull(projectId, async (project) => {
+ const config = getGitHubConfig(project);
+ if (!config) {
+ debugLog("No GitHub config found for checkMergeReadiness");
+ return defaultResult;
+ }
+
+ try {
+ // Fetch PR data including mergeable status
+ const pr = (await githubFetch(
+ config.token,
+ `/repos/${config.repo}/pulls/${prNumber}`
+ )) as {
+ draft: boolean;
+ mergeable: boolean | null;
+ mergeable_state: string;
+ head: { sha: string };
+ };
+
+ // Determine mergeable status
+ let mergeable: MergeReadiness["mergeable"] = "UNKNOWN";
+ if (pr.mergeable === true) {
+ mergeable = "MERGEABLE";
+ } else if (pr.mergeable === false || pr.mergeable_state === "dirty") {
+ mergeable = "CONFLICTING";
+ }
+
+ // Check if branch is behind base (out of date)
+ // GitHub's mergeable_state can be: 'behind', 'blocked', 'clean', 'dirty', 'has_hooks', 'unknown', 'unstable'
+ const isBehind = pr.mergeable_state === "behind";
+
+ // Fetch combined commit status for CI
+ let ciStatus: MergeReadiness["ciStatus"] = "none";
+ try {
+ const status = (await githubFetch(
+ config.token,
+ `/repos/${config.repo}/commits/${pr.head.sha}/status`
+ )) as {
+ state: "success" | "pending" | "failure" | "error";
+ total_count: number;
+ };
+
+ if (status.total_count === 0) {
+ // No status checks, check for check runs (GitHub Actions)
+ const checkRuns = (await githubFetch(
+ config.token,
+ `/repos/${config.repo}/commits/${pr.head.sha}/check-runs`
+ )) as {
+ total_count: number;
+ check_runs: Array<{ conclusion: string | null; status: string }>;
+ };
+
+ if (checkRuns.total_count > 0) {
+ const hasFailing = checkRuns.check_runs.some(
+ (cr) => cr.conclusion === "failure" || cr.conclusion === "cancelled"
+ );
+ const hasPending = checkRuns.check_runs.some((cr) => cr.status !== "completed");
+
+ if (hasFailing) {
+ ciStatus = "failing";
+ } else if (hasPending) {
+ ciStatus = "pending";
+ } else {
+ ciStatus = "passing";
+ }
+ }
+ } else {
+ // Use combined status
+ if (status.state === "success") {
+ ciStatus = "passing";
+ } else if (status.state === "pending") {
+ ciStatus = "pending";
+ } else {
+ ciStatus = "failing";
+ }
+ }
+ } catch (err) {
+ debugLog("Failed to fetch CI status", {
+ prNumber,
+ error: err instanceof Error ? err.message : err,
+ });
+ // Continue without CI status
+ }
+
+ // Build blockers list
+ const blockers: string[] = [];
+ if (pr.draft) {
+ blockers.push("PR is in draft mode");
+ }
+ if (mergeable === "CONFLICTING") {
+ blockers.push("Merge conflicts detected");
+ }
+ if (isBehind) {
+ blockers.push("Branch is out of date with base branch. Update to check for conflicts.");
+ }
+ if (ciStatus === "failing") {
+ blockers.push("CI checks are failing");
+ }
+
+ debugLog("checkMergeReadiness result", {
+ prNumber,
+ isDraft: pr.draft,
+ mergeable,
+ isBehind,
+ ciStatus,
+ blockers,
+ });
+
+ return {
+ isDraft: pr.draft,
+ mergeable,
+ isBehind,
+ ciStatus,
+ blockers,
+ };
+ } catch (error) {
+ debugLog("Failed to check merge readiness", {
+ prNumber,
+ error: error instanceof Error ? error.message : error,
+ });
+ return defaultResult;
+ }
+ });
+
+ return result ?? defaultResult;
+ }
+ );
+
// Run follow-up review
ipcMain.on(
IPC_CHANNELS.GITHUB_PR_FOLLOWUP_REVIEW,
async (_, projectId: string, prNumber: number) => {
- debugLog('followupReview handler called', { projectId, prNumber });
+ debugLog("followupReview handler called", { projectId, prNumber });
const mainWindow = getMainWindow();
if (!mainWindow) {
- debugLog('No main window available');
+ debugLog("No main window available");
return;
}
try {
await withProjectOrNull(projectId, async (project) => {
- const { sendProgress, sendError, sendComplete } = createIPCCommunicators(
+ const { sendProgress, sendError, sendComplete } = createIPCCommunicators<
+ PRReviewProgress,
+ PRReviewResult
+ >(
mainWindow,
{
progress: IPC_CHANNELS.GITHUB_PR_REVIEW_PROGRESS,
@@ -1451,7 +1956,7 @@ export function registerPRHandlers(
// Comprehensive validation of GitHub module
const validation = await validateGitHubModule(project);
if (!validation.valid) {
- sendError({ prNumber, error: validation.error || 'GitHub module validation failed' });
+ sendError({ prNumber, error: validation.error || "GitHub module validation failed" });
return;
}
@@ -1460,39 +1965,36 @@ export function registerPRHandlers(
// Check if already running
if (runningReviews.has(reviewKey)) {
- debugLog('Follow-up review already running', { reviewKey });
+ debugLog("Follow-up review already running", { reviewKey });
return;
}
- debugLog('Starting follow-up review', { prNumber });
+ debugLog("Starting follow-up review", { prNumber });
sendProgress({
- phase: 'fetching',
+ phase: "fetching",
prNumber,
progress: 5,
- message: 'Starting follow-up review...',
+ message: "Starting follow-up review...",
});
const { model, thinkingLevel } = getGitHubPRSettings();
const args = buildRunnerArgs(
getRunnerPath(backendPath),
project.path,
- 'followup-review-pr',
+ "followup-review-pr",
[prNumber.toString()],
{ model, thinkingLevel }
);
- debugLog('Spawning follow-up review process', { args, model, thinkingLevel });
+ debugLog("Spawning follow-up review process", { args, model, thinkingLevel });
// Create log collector for this follow-up review
const config = getGitHubConfig(project);
- const repo = config?.repo || project.name || 'unknown';
+ const repo = config?.repo || project.name || "unknown";
const logCollector = new PRLogCollector(project, prNumber, repo, true);
// Build environment with project settings
- const followupEnv: Record = {};
- if (project.settings?.useClaudeMd !== false) {
- followupEnv['USE_CLAUDE_MD'] = 'true';
- }
+ const followupEnv = await getRunnerEnv(getClaudeMdEnv(project));
const { process: childProcess, promise } = runPythonSubprocess({
pythonPath: getPythonPath(backendPath),
@@ -1500,34 +2002,36 @@ export function registerPRHandlers(
cwd: backendPath,
env: followupEnv,
onProgress: (percent, message) => {
- debugLog('Progress update', { percent, message });
+ debugLog("Progress update", { percent, message });
sendProgress({
- phase: 'analyzing',
+ phase: "analyzing",
prNumber,
progress: percent,
message,
});
},
onStdout: (line) => {
- debugLog('STDOUT:', line);
+ debugLog("STDOUT:", line);
// Collect log entries
logCollector.processLine(line);
},
- onStderr: (line) => debugLog('STDERR:', line),
+ onStderr: (line) => debugLog("STDERR:", line),
onComplete: () => {
// Load the result from disk
const reviewResult = getReviewResult(project, prNumber);
if (!reviewResult) {
- throw new Error('Follow-up review completed but result not found');
+ throw new Error("Follow-up review completed but result not found");
}
- debugLog('Follow-up review result loaded', { findingsCount: reviewResult.findings.length });
+ debugLog("Follow-up review result loaded", {
+ findingsCount: reviewResult.findings.length,
+ });
return reviewResult;
},
});
// Register the running process
runningReviews.set(reviewKey, childProcess);
- debugLog('Registered follow-up review process', { reviewKey, pid: childProcess.pid });
+ debugLog("Registered follow-up review process", { reviewKey, pid: childProcess.pid });
try {
const result = await promise;
@@ -1535,28 +2039,39 @@ export function registerPRHandlers(
if (!result.success) {
// Finalize logs with failure
logCollector.finalize(false);
- throw new Error(result.error ?? 'Follow-up review failed');
+ throw new Error(result.error ?? "Follow-up review failed");
}
// Finalize logs with success
logCollector.finalize(true);
- debugLog('Follow-up review completed', { prNumber, findingsCount: result.data?.findings.length });
+ // Save follow-up PR review insights to memory (async, non-blocking)
+ savePRReviewToMemory(result.data!, repo, true).catch((err) => {
+ debugLog("Failed to save follow-up PR review to memory", { error: err.message });
+ });
+
+ debugLog("Follow-up review completed", {
+ prNumber,
+ findingsCount: result.data?.findings.length,
+ });
sendProgress({
- phase: 'complete',
+ phase: "complete",
prNumber,
progress: 100,
- message: 'Follow-up review complete!',
+ message: "Follow-up review complete!",
});
sendComplete(result.data!);
} finally {
runningReviews.delete(reviewKey);
- debugLog('Unregistered follow-up review process', { reviewKey });
+ debugLog("Unregistered follow-up review process", { reviewKey });
}
});
} catch (error) {
- debugLog('Follow-up review failed', { prNumber, error: error instanceof Error ? error.message : error });
+ debugLog("Follow-up review failed", {
+ prNumber,
+ error: error instanceof Error ? error.message : error,
+ });
const { sendError } = createIPCCommunicators(
mainWindow,
{
@@ -1566,10 +2081,265 @@ export function registerPRHandlers(
},
projectId
);
- sendError({ prNumber, error: error instanceof Error ? error.message : 'Failed to run follow-up review' });
+ sendError({
+ prNumber,
+ error: error instanceof Error ? error.message : "Failed to run follow-up review",
+ });
}
}
);
- debugLog('PR handlers registered');
+ // Get workflows awaiting approval for a PR (fork PRs)
+ ipcMain.handle(
+ IPC_CHANNELS.GITHUB_WORKFLOWS_AWAITING_APPROVAL,
+ async (
+ _,
+ projectId: string,
+ prNumber: number
+ ): Promise<{
+ awaiting_approval: number;
+ workflow_runs: Array<{ id: number; name: string; html_url: string; workflow_name: string }>;
+ can_approve: boolean;
+ error?: string;
+ }> => {
+ debugLog("getWorkflowsAwaitingApproval handler called", { projectId, prNumber });
+ const result = await withProjectOrNull(projectId, async (project) => {
+ const config = getGitHubConfig(project);
+ if (!config) {
+ return {
+ awaiting_approval: 0,
+ workflow_runs: [],
+ can_approve: false,
+ error: "No GitHub config",
+ };
+ }
+
+ try {
+ // First get the PR's head SHA
+ const prData = (await githubFetch(
+ config.token,
+ `/repos/${config.repo}/pulls/${prNumber}`
+ )) as { head?: { sha?: string } };
+
+ const headSha = prData?.head?.sha;
+ if (!headSha) {
+ return { awaiting_approval: 0, workflow_runs: [], can_approve: false };
+ }
+
+ // Query workflow runs with action_required status
+ const runsData = (await githubFetch(
+ config.token,
+ `/repos/${config.repo}/actions/runs?status=action_required&per_page=100`
+ )) as {
+ workflow_runs?: Array<{
+ id: number;
+ name: string;
+ html_url: string;
+ head_sha: string;
+ workflow?: { name?: string };
+ }>;
+ };
+
+ const allRuns = runsData?.workflow_runs || [];
+
+ // Filter to only runs for this PR's head SHA
+ const prRuns = allRuns
+ .filter((run) => run.head_sha === headSha)
+ .map((run) => ({
+ id: run.id,
+ name: run.name,
+ html_url: run.html_url,
+ workflow_name: run.workflow?.name || "Unknown",
+ }));
+
+ debugLog("Found workflows awaiting approval", { prNumber, count: prRuns.length });
+
+ return {
+ awaiting_approval: prRuns.length,
+ workflow_runs: prRuns,
+ can_approve: true, // Assume token has permission; will fail if not
+ };
+ } catch (error) {
+ debugLog("Failed to get workflows awaiting approval", {
+ prNumber,
+ error: error instanceof Error ? error.message : error,
+ });
+ return {
+ awaiting_approval: 0,
+ workflow_runs: [],
+ can_approve: false,
+ error: error instanceof Error ? error.message : "Unknown error",
+ };
+ }
+ });
+
+ return result ?? { awaiting_approval: 0, workflow_runs: [], can_approve: false };
+ }
+ );
+
+ // Approve a workflow run
+ ipcMain.handle(
+ IPC_CHANNELS.GITHUB_WORKFLOW_APPROVE,
+ async (_, projectId: string, runId: number): Promise => {
+ debugLog("approveWorkflow handler called", { projectId, runId });
+ const result = await withProjectOrNull(projectId, async (project) => {
+ const config = getGitHubConfig(project);
+ if (!config) {
+ debugLog("No GitHub config found");
+ return false;
+ }
+
+ try {
+ // Approve the workflow run
+ await githubFetch(config.token, `/repos/${config.repo}/actions/runs/${runId}/approve`, {
+ method: "POST",
+ });
+
+ debugLog("Workflow approved successfully", { runId });
+ return true;
+ } catch (error) {
+ debugLog("Failed to approve workflow", {
+ runId,
+ error: error instanceof Error ? error.message : error,
+ });
+ return false;
+ }
+ });
+
+ return result ?? false;
+ }
+ );
+
+ // Get PR review memories from the memory layer
+ ipcMain.handle(
+ IPC_CHANNELS.GITHUB_PR_MEMORY_GET,
+ async (_, projectId: string, limit: number = 10): Promise => {
+ debugLog("getPRReviewMemories handler called", { projectId, limit });
+ const result = await withProjectOrNull(projectId, async (project) => {
+ const memoryDir = path.join(getGitHubDir(project), "memory", project.name || "unknown");
+ const memories: PRReviewMemory[] = [];
+
+ // Try to load from file-based storage
+ try {
+ const indexPath = path.join(memoryDir, "reviews_index.json");
+ if (!fs.existsSync(indexPath)) {
+ debugLog("No PR review memories found", { projectId });
+ return [];
+ }
+
+ const indexContent = fs.readFileSync(indexPath, "utf-8");
+ const index = JSON.parse(sanitizeNetworkData(indexContent));
+ const reviews = index.reviews || [];
+
+ // Load individual review memories
+ for (const entry of reviews.slice(0, limit)) {
+ try {
+ const reviewPath = path.join(memoryDir, `pr_${entry.pr_number}_review.json`);
+ if (fs.existsSync(reviewPath)) {
+ const reviewContent = fs.readFileSync(reviewPath, "utf-8");
+ const memory = JSON.parse(sanitizeNetworkData(reviewContent));
+ memories.push({
+ prNumber: memory.pr_number,
+ repo: memory.repo,
+ verdict: memory.summary?.verdict || "unknown",
+ timestamp: memory.timestamp,
+ summary: memory.summary,
+ keyFindings: memory.key_findings || [],
+ patterns: memory.patterns || [],
+ gotchas: memory.gotchas || [],
+ isFollowup: memory.is_followup || false,
+ });
+ }
+ } catch (err) {
+ debugLog("Failed to load PR review memory", {
+ prNumber: entry.pr_number,
+ error: err instanceof Error ? err.message : err,
+ });
+ }
+ }
+
+ debugLog("Loaded PR review memories", { count: memories.length });
+ return memories;
+ } catch (error) {
+ debugLog("Failed to load PR review memories", {
+ error: error instanceof Error ? error.message : error,
+ });
+ return [];
+ }
+ });
+ return result ?? [];
+ }
+ );
+
+ // Search PR review memories
+ ipcMain.handle(
+ IPC_CHANNELS.GITHUB_PR_MEMORY_SEARCH,
+ async (_, projectId: string, query: string, limit: number = 10): Promise => {
+ debugLog("searchPRReviewMemories handler called", { projectId, query, limit });
+ const result = await withProjectOrNull(projectId, async (project) => {
+ const memoryDir = path.join(getGitHubDir(project), "memory", project.name || "unknown");
+ const memories: PRReviewMemory[] = [];
+ const queryLower = query.toLowerCase();
+
+ // Search through file-based storage
+ try {
+ const indexPath = path.join(memoryDir, "reviews_index.json");
+ if (!fs.existsSync(indexPath)) {
+ return [];
+ }
+
+ const indexContent = fs.readFileSync(indexPath, "utf-8");
+ const index = JSON.parse(sanitizeNetworkData(indexContent));
+ const reviews = index.reviews || [];
+
+ // Search individual review memories
+ for (const entry of reviews) {
+ try {
+ const reviewPath = path.join(memoryDir, `pr_${entry.pr_number}_review.json`);
+ if (fs.existsSync(reviewPath)) {
+ const reviewContent = fs.readFileSync(reviewPath, "utf-8");
+
+ // Check if content matches query
+ if (reviewContent.toLowerCase().includes(queryLower)) {
+ const memory = JSON.parse(sanitizeNetworkData(reviewContent));
+ memories.push({
+ prNumber: memory.pr_number,
+ repo: memory.repo,
+ verdict: memory.summary?.verdict || "unknown",
+ timestamp: memory.timestamp,
+ summary: memory.summary,
+ keyFindings: memory.key_findings || [],
+ patterns: memory.patterns || [],
+ gotchas: memory.gotchas || [],
+ isFollowup: memory.is_followup || false,
+ });
+ }
+ }
+
+ // Stop if we have enough
+ if (memories.length >= limit) {
+ break;
+ }
+ } catch (err) {
+ debugLog("Failed to search PR review memory", {
+ prNumber: entry.pr_number,
+ error: err instanceof Error ? err.message : err,
+ });
+ }
+ }
+
+ debugLog("Found matching PR review memories", { count: memories.length, query });
+ return memories;
+ } catch (error) {
+ debugLog("Failed to search PR review memories", {
+ error: error instanceof Error ? error.message : error,
+ });
+ return [];
+ }
+ });
+ return result ?? [];
+ }
+ );
+
+ debugLog("PR handlers registered");
}
diff --git a/apps/frontend/src/main/ipc-handlers/github/spec-utils.ts b/apps/frontend/src/main/ipc-handlers/github/spec-utils.ts
index b233f59bb1..7e71b12640 100644
--- a/apps/frontend/src/main/ipc-handlers/github/spec-utils.ts
+++ b/apps/frontend/src/main/ipc-handlers/github/spec-utils.ts
@@ -8,6 +8,7 @@ import { AUTO_BUILD_PATHS, getSpecsDir } from '../../../shared/constants';
import type { Project, TaskMetadata } from '../../../shared/types';
import { withSpecNumberLock } from '../../utils/spec-number-lock';
import { debugLog } from './utils/logger';
+import { labelMatchesWholeWord } from '../shared/label-utils';
export interface SpecCreationData {
specId: string;
@@ -55,7 +56,14 @@ function determineCategoryFromLabels(labels: string[]): 'feature' | 'bug_fix' |
}
// Check for infrastructure labels
- if (lowerLabels.some(l => l.includes('infrastructure') || l.includes('devops') || l.includes('deployment') || l.includes('ci') || l.includes('cd'))) {
+ // Use whole-word matching for 'ci' and 'cd' to avoid false positives like 'acid' or 'decide'
+ if (lowerLabels.some(l =>
+ l.includes('infrastructure') ||
+ l.includes('devops') ||
+ l.includes('deployment') ||
+ labelMatchesWholeWord(l, 'ci') ||
+ labelMatchesWholeWord(l, 'cd')
+ )) {
return 'infrastructure';
}
@@ -89,7 +97,8 @@ export async function createSpecForIssue(
issueTitle: string,
taskDescription: string,
githubUrl: string,
- labels: string[] = []
+ labels: string[] = [],
+ baseBranch?: string
): Promise {
const specsBaseDir = getSpecsDir(project.autoBuildPath);
const specsDir = path.join(project.path, specsBaseDir);
@@ -144,7 +153,10 @@ export async function createSpecForIssue(
sourceType: 'github',
githubIssueNumber: issueNumber,
githubUrl,
- category
+ category,
+ // Store baseBranch for worktree creation and QA comparison
+ // This comes from project.settings.mainBranch or task-level override
+ ...(baseBranch && { baseBranch })
};
writeFileSync(
path.join(specDir, 'task_metadata.json'),
diff --git a/apps/frontend/src/main/ipc-handlers/github/triage-handlers.ts b/apps/frontend/src/main/ipc-handlers/github/triage-handlers.ts
index 7e0f960be5..a84e44a79c 100644
--- a/apps/frontend/src/main/ipc-handlers/github/triage-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/github/triage-handlers.ts
@@ -19,6 +19,7 @@ import type { Project, AppSettings } from '../../../shared/types';
import { createContextLogger } from './utils/logger';
import { withProjectOrNull } from './utils/project-middleware';
import { createIPCCommunicators } from './utils/ipc-communicator';
+import { getRunnerEnv } from './utils/runner-env';
import {
runPythonSubprocess,
getPythonPath,
@@ -254,10 +255,13 @@ async function runTriage(
debugLog('Spawning triage process', { args, model, thinkingLevel });
+ const subprocessEnv = await getRunnerEnv();
+
const { promise } = runPythonSubprocess({
pythonPath: getPythonPath(backendPath),
args,
cwd: backendPath,
+ env: subprocessEnv,
onProgress: (percent, message) => {
debugLog('Progress update', { percent, message });
sendProgress({
diff --git a/apps/frontend/src/main/ipc-handlers/github/utils/__tests__/runner-env.test.ts b/apps/frontend/src/main/ipc-handlers/github/utils/__tests__/runner-env.test.ts
new file mode 100644
index 0000000000..0ffd9fa29d
--- /dev/null
+++ b/apps/frontend/src/main/ipc-handlers/github/utils/__tests__/runner-env.test.ts
@@ -0,0 +1,122 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+
+const mockGetAPIProfileEnv = vi.fn();
+const mockGetOAuthModeClearVars = vi.fn();
+const mockGetPythonEnv = vi.fn();
+const mockGetProfileEnv = vi.fn();
+
+vi.mock('../../../../services/profile', () => ({
+ getAPIProfileEnv: (...args: unknown[]) => mockGetAPIProfileEnv(...args),
+}));
+
+vi.mock('../../../../agent/env-utils', () => ({
+ getOAuthModeClearVars: (...args: unknown[]) => mockGetOAuthModeClearVars(...args),
+}));
+
+vi.mock('../../../../python-env-manager', () => ({
+ pythonEnvManager: {
+ getPythonEnv: () => mockGetPythonEnv(),
+ },
+}));
+
+vi.mock('../../../../rate-limit-detector', () => ({
+ getProfileEnv: () => mockGetProfileEnv(),
+}));
+
+import { getRunnerEnv } from '../runner-env';
+
+describe('getRunnerEnv', () => {
+ beforeEach(() => {
+ vi.clearAllMocks();
+ // Default mock for Python env - minimal env for testing
+ mockGetPythonEnv.mockReturnValue({
+ PYTHONDONTWRITEBYTECODE: '1',
+ PYTHONIOENCODING: 'utf-8',
+ PYTHONNOUSERSITE: '1',
+ PYTHONPATH: '/bundled/site-packages',
+ });
+ // Default mock for profile env - returns empty by default
+ mockGetProfileEnv.mockReturnValue({});
+ });
+
+ it('merges Python env with API profile env and OAuth clear vars', async () => {
+ mockGetAPIProfileEnv.mockResolvedValue({
+ ANTHROPIC_AUTH_TOKEN: 'token',
+ ANTHROPIC_BASE_URL: 'https://api.example.com',
+ });
+ mockGetOAuthModeClearVars.mockReturnValue({
+ ANTHROPIC_AUTH_TOKEN: '',
+ });
+
+ const result = await getRunnerEnv();
+
+ expect(mockGetOAuthModeClearVars).toHaveBeenCalledWith({
+ ANTHROPIC_AUTH_TOKEN: 'token',
+ ANTHROPIC_BASE_URL: 'https://api.example.com',
+ });
+ // Python env is included first, then overridden by OAuth clear vars
+ expect(result).toMatchObject({
+ PYTHONPATH: '/bundled/site-packages',
+ PYTHONDONTWRITEBYTECODE: '1',
+ ANTHROPIC_AUTH_TOKEN: '',
+ ANTHROPIC_BASE_URL: 'https://api.example.com',
+ });
+ });
+
+ it('includes extra env values with highest precedence', async () => {
+ mockGetAPIProfileEnv.mockResolvedValue({
+ ANTHROPIC_AUTH_TOKEN: 'token',
+ });
+ mockGetOAuthModeClearVars.mockReturnValue({});
+
+ const result = await getRunnerEnv({ USE_CLAUDE_MD: 'true' });
+
+ expect(result).toMatchObject({
+ PYTHONPATH: '/bundled/site-packages',
+ ANTHROPIC_AUTH_TOKEN: 'token',
+ USE_CLAUDE_MD: 'true',
+ });
+ });
+
+ it('includes PYTHONPATH for bundled packages (fixes #139)', async () => {
+ mockGetAPIProfileEnv.mockResolvedValue({});
+ mockGetOAuthModeClearVars.mockReturnValue({});
+ mockGetPythonEnv.mockReturnValue({
+ PYTHONPATH: '/app/Contents/Resources/python-site-packages',
+ });
+
+ const result = await getRunnerEnv();
+
+ expect(result.PYTHONPATH).toBe('/app/Contents/Resources/python-site-packages');
+ });
+
+ it('includes profileEnv for OAuth token (fixes #563)', async () => {
+ mockGetAPIProfileEnv.mockResolvedValue({});
+ mockGetOAuthModeClearVars.mockReturnValue({});
+ mockGetProfileEnv.mockReturnValue({
+ CLAUDE_CODE_OAUTH_TOKEN: 'oauth-token-123',
+ });
+
+ const result = await getRunnerEnv();
+
+ expect(result.CLAUDE_CODE_OAUTH_TOKEN).toBe('oauth-token-123');
+ });
+
+ it('applies correct precedence order with profileEnv overriding pythonEnv', async () => {
+ mockGetPythonEnv.mockReturnValue({
+ SHARED_VAR: 'from-python',
+ });
+ mockGetAPIProfileEnv.mockResolvedValue({
+ SHARED_VAR: 'from-api-profile',
+ });
+ mockGetOAuthModeClearVars.mockReturnValue({});
+ mockGetProfileEnv.mockReturnValue({
+ SHARED_VAR: 'from-profile',
+ });
+
+ const result = await getRunnerEnv({ SHARED_VAR: 'from-extra' });
+
+ // extraEnv has highest precedence
+ expect(result.SHARED_VAR).toBe('from-extra');
+ });
+});
diff --git a/apps/frontend/src/main/ipc-handlers/github/utils/runner-env.ts b/apps/frontend/src/main/ipc-handlers/github/utils/runner-env.ts
new file mode 100644
index 0000000000..ace24490bc
--- /dev/null
+++ b/apps/frontend/src/main/ipc-handlers/github/utils/runner-env.ts
@@ -0,0 +1,38 @@
+import { getOAuthModeClearVars } from '../../../agent/env-utils';
+import { getAPIProfileEnv } from '../../../services/profile';
+import { getProfileEnv } from '../../../rate-limit-detector';
+import { pythonEnvManager } from '../../../python-env-manager';
+
+/**
+ * Get environment variables for Python runner subprocesses.
+ *
+ * Environment variable precedence (lowest to highest):
+ * 1. pythonEnv - Python environment including PYTHONPATH for bundled packages (fixes #139)
+ * 2. apiProfileEnv - Custom Anthropic-compatible API profile (ANTHROPIC_BASE_URL, ANTHROPIC_AUTH_TOKEN)
+ * 3. oauthModeClearVars - Clears stale ANTHROPIC_* vars when in OAuth mode
+ * 4. profileEnv - Claude OAuth token from profile manager (CLAUDE_CODE_OAUTH_TOKEN)
+ * 5. extraEnv - Caller-specific vars (e.g., USE_CLAUDE_MD)
+ *
+ * The pythonEnv is critical for packaged apps (#139) - without PYTHONPATH, Python
+ * cannot find bundled dependencies like dotenv, claude_agent_sdk, etc.
+ *
+ * The profileEnv is critical for OAuth authentication (#563) - it retrieves the
+ * decrypted OAuth token from the profile manager's encrypted storage (macOS Keychain
+ * via Electron's safeStorage API).
+ */
+export async function getRunnerEnv(
+ extraEnv?: Record
+): Promise> {
+ const pythonEnv = pythonEnvManager.getPythonEnv();
+ const apiProfileEnv = await getAPIProfileEnv();
+ const oauthModeClearVars = getOAuthModeClearVars(apiProfileEnv);
+ const profileEnv = getProfileEnv();
+
+ return {
+ ...pythonEnv, // Python environment including PYTHONPATH (fixes #139)
+ ...apiProfileEnv,
+ ...oauthModeClearVars,
+ ...profileEnv, // OAuth token from profile manager (fixes #563)
+ ...extraEnv,
+ };
+}
diff --git a/apps/frontend/src/main/ipc-handlers/github/utils/subprocess-runner.test.ts b/apps/frontend/src/main/ipc-handlers/github/utils/subprocess-runner.test.ts
index 8fe079820b..8e22bc2863 100644
--- a/apps/frontend/src/main/ipc-handlers/github/utils/subprocess-runner.test.ts
+++ b/apps/frontend/src/main/ipc-handlers/github/utils/subprocess-runner.test.ts
@@ -4,11 +4,15 @@ import { runPythonSubprocess } from './subprocess-runner';
import * as childProcess from 'child_process';
import EventEmitter from 'events';
-// Mock child_process.spawn
-vi.mock('child_process', () => ({
- spawn: vi.fn(),
- exec: vi.fn(),
-}));
+// Mock child_process with importOriginal to preserve all exports
+vi.mock('child_process', async (importOriginal) => {
+ const actual = await importOriginal();
+ return {
+ ...actual,
+ spawn: vi.fn(),
+ exec: vi.fn(),
+ };
+});
// Mock parsePythonCommand
vi.mock('../../../python-detector', () => ({
@@ -45,12 +49,12 @@ describe('runPythonSubprocess', () => {
// Arrange
const pythonPath = '/path/with spaces/python';
const mockArgs = ['-c', 'print("hello")'];
-
- // Mock parsePythonCommand to return the path split logic if needed,
- // or just rely on the mock above.
+
+ // Mock parsePythonCommand to return the path split logic if needed,
+ // or just rely on the mock above.
// Let's make sure our mock enables the scenario we want.
vi.mocked(parsePythonCommand).mockReturnValue(['/path/with spaces/python', []]);
-
+
// Act
runPythonSubprocess({
pythonPath,
@@ -72,7 +76,7 @@ describe('runPythonSubprocess', () => {
const pythonPath = 'python';
const pythonBaseArgs = ['-u', '-X', 'utf8'];
const userArgs = ['script.py', '--verbose'];
-
+
// Setup mock to simulate what parsePythonCommand would return for a standard python path
vi.mocked(parsePythonCommand).mockReturnValue(['python', pythonBaseArgs]);
@@ -87,11 +91,126 @@ describe('runPythonSubprocess', () => {
// The critical check: verify the ORDER of arguments in the second parameter of spawn
// expect call to be: spawn('python', ['-u', '-X', 'utf8', 'script.py', '--verbose'], ...)
const expectedArgs = [...pythonBaseArgs, ...userArgs];
-
+
expect(mockSpawn).toHaveBeenCalledWith(
expect.any(String),
expectedArgs, // Exact array match verifies order
expect.any(Object)
);
});
+
+ describe('environment handling', () => {
+ it('should use caller-provided env directly when options.env is set', () => {
+ // Arrange
+ const customEnv = {
+ PATH: '/custom/path',
+ PYTHONPATH: '/custom/pythonpath',
+ ANTHROPIC_AUTH_TOKEN: 'custom-token',
+ };
+ vi.mocked(parsePythonCommand).mockReturnValue(['python', []]);
+
+ // Act
+ runPythonSubprocess({
+ pythonPath: 'python',
+ args: ['script.py'],
+ cwd: '/tmp',
+ env: customEnv,
+ });
+
+ // Assert - should use the exact env provided
+ expect(mockSpawn).toHaveBeenCalledWith(
+ expect.any(String),
+ expect.any(Array),
+ expect.objectContaining({
+ env: customEnv,
+ })
+ );
+ });
+
+ it('should create fallback env when options.env is not provided', () => {
+ // Arrange
+ const originalEnv = process.env;
+ try {
+ process.env = {
+ PATH: '/usr/bin',
+ HOME: '/home/user',
+ USER: 'testuser',
+ SHELL: '/bin/bash',
+ LANG: 'en_US.UTF-8',
+ CLAUDE_CODE_OAUTH_TOKEN: 'oauth-token',
+ ANTHROPIC_API_KEY: 'api-key',
+ SENSITIVE_VAR: 'should-not-leak',
+ };
+
+ vi.mocked(parsePythonCommand).mockReturnValue(['python', []]);
+
+ // Act
+ runPythonSubprocess({
+ pythonPath: 'python',
+ args: ['script.py'],
+ cwd: '/tmp',
+ // No env provided - should use fallback
+ });
+
+ // Assert - should only include safe vars
+ const spawnCall = mockSpawn.mock.calls[0];
+ const envArg = spawnCall[2].env;
+
+ // Safe vars should be included
+ expect(envArg.PATH).toBe('/usr/bin');
+ expect(envArg.HOME).toBe('/home/user');
+ expect(envArg.USER).toBe('testuser');
+
+ // CLAUDE_ and ANTHROPIC_ prefixed vars should be included
+ expect(envArg.CLAUDE_CODE_OAUTH_TOKEN).toBe('oauth-token');
+ expect(envArg.ANTHROPIC_API_KEY).toBe('api-key');
+
+ // Sensitive vars should NOT be included
+ expect(envArg.SENSITIVE_VAR).toBeUndefined();
+ } finally {
+ // Restore - always runs even if assertions fail
+ process.env = originalEnv;
+ }
+ });
+
+ it('fallback env should include platform-specific vars on Windows', () => {
+ // Arrange
+ const originalEnv = process.env;
+ try {
+ process.env = {
+ PATH: 'C:\\Windows\\System32',
+ SYSTEMROOT: 'C:\\Windows',
+ COMSPEC: 'C:\\Windows\\System32\\cmd.exe',
+ PATHEXT: '.COM;.EXE;.BAT',
+ WINDIR: 'C:\\Windows',
+ USERPROFILE: 'C:\\Users\\test',
+ APPDATA: 'C:\\Users\\test\\AppData\\Roaming',
+ LOCALAPPDATA: 'C:\\Users\\test\\AppData\\Local',
+ };
+
+ vi.mocked(parsePythonCommand).mockReturnValue(['python', []]);
+
+ // Act
+ runPythonSubprocess({
+ pythonPath: 'python',
+ args: ['script.py'],
+ cwd: '/tmp',
+ // No env provided - should use fallback
+ });
+
+ // Assert - Windows-specific vars should be included
+ const spawnCall = mockSpawn.mock.calls[0];
+ const envArg = spawnCall[2].env;
+
+ expect(envArg.SYSTEMROOT).toBe('C:\\Windows');
+ expect(envArg.COMSPEC).toBe('C:\\Windows\\System32\\cmd.exe');
+ expect(envArg.PATHEXT).toBe('.COM;.EXE;.BAT');
+ expect(envArg.USERPROFILE).toBe('C:\\Users\\test');
+ expect(envArg.APPDATA).toBe('C:\\Users\\test\\AppData\\Roaming');
+ } finally {
+ // Restore - always runs even if assertions fail
+ process.env = originalEnv;
+ }
+ });
+ });
});
diff --git a/apps/frontend/src/main/ipc-handlers/github/utils/subprocess-runner.ts b/apps/frontend/src/main/ipc-handlers/github/utils/subprocess-runner.ts
index db6ae7dc0e..5b1700cf1b 100644
--- a/apps/frontend/src/main/ipc-handlers/github/utils/subprocess-runner.ts
+++ b/apps/frontend/src/main/ipc-handlers/github/utils/subprocess-runner.ts
@@ -15,6 +15,36 @@ import { parsePythonCommand } from '../../../python-detector';
const execAsync = promisify(exec);
+/**
+ * Create a fallback environment for Python subprocesses when no env is provided.
+ * This is used for backwards compatibility when callers don't use getRunnerEnv().
+ *
+ * Includes:
+ * - Platform-specific vars needed for shell commands and CLI tools
+ * - CLAUDE_ and ANTHROPIC_ prefixed vars for authentication
+ */
+function createFallbackRunnerEnv(): Record {
+ // Include platform-specific vars needed for shell commands and CLI tools
+ // Windows: SYSTEMROOT, COMSPEC, PATHEXT, WINDIR for shell; USERPROFILE, APPDATA, LOCALAPPDATA for gh CLI auth
+ const safeEnvVars = ['PATH', 'HOME', 'USER', 'SHELL', 'LANG', 'LC_ALL', 'TERM', 'TMPDIR', 'TMP', 'TEMP', 'DEBUG', 'SYSTEMROOT', 'COMSPEC', 'PATHEXT', 'WINDIR', 'USERPROFILE', 'APPDATA', 'LOCALAPPDATA', 'HOMEDRIVE', 'HOMEPATH'];
+ const fallbackEnv: Record = {};
+
+ for (const key of safeEnvVars) {
+ if (process.env[key]) {
+ fallbackEnv[key] = process.env[key]!;
+ }
+ }
+
+ // Also include any CLAUDE_ or ANTHROPIC_ prefixed vars needed for auth
+ for (const [key, value] of Object.entries(process.env)) {
+ if ((key.startsWith('CLAUDE_') || key.startsWith('ANTHROPIC_')) && value) {
+ fallbackEnv[key] = value;
+ }
+ }
+
+ return fallbackEnv;
+}
+
/**
* Options for running a Python subprocess
*/
@@ -54,41 +84,30 @@ export interface SubprocessResult {
export function runPythonSubprocess(
options: SubprocessOptions
): { process: ChildProcess; promise: Promise> } {
- // Don't set PYTHONPATH - let runner.py manage its own import paths
- // Setting PYTHONPATH can interfere with runner.py's sys.path manipulation
- // Filter environment variables to only include necessary ones (prevent leaking secrets)
+ // Use the environment provided by the caller (from getRunnerEnv()).
+ // getRunnerEnv() provides:
+ // - pythonEnvManager.getPythonEnv() which includes PYTHONPATH for bundled packages (fixes #139)
+ // - API profile environment (ANTHROPIC_BASE_URL, ANTHROPIC_AUTH_TOKEN)
+ // - OAuth mode clearing vars
+ // - Claude OAuth token (CLAUDE_CODE_OAUTH_TOKEN)
+ //
+ // If no env is provided, fall back to filtered process.env for backwards compatibility.
// Note: DEBUG is included for PR review debugging (shows LLM thinking blocks).
- // This is safe because: (1) user must explicitly enable via npm run dev:debug,
- // (2) it only enables our internal debug logging, not third-party framework debugging,
- // (3) no sensitive values are logged - only LLM reasoning and response text.
- // Include platform-specific vars needed for shell commands and CLI tools
- // Windows: SYSTEMROOT, COMSPEC, PATHEXT, WINDIR for shell; USERPROFILE, APPDATA, LOCALAPPDATA for gh CLI auth
- const safeEnvVars = ['PATH', 'HOME', 'USER', 'SHELL', 'LANG', 'LC_ALL', 'TERM', 'TMPDIR', 'TMP', 'TEMP', 'DEBUG', 'SYSTEMROOT', 'COMSPEC', 'PATHEXT', 'WINDIR', 'USERPROFILE', 'APPDATA', 'LOCALAPPDATA', 'HOMEDRIVE', 'HOMEPATH'];
- const filteredEnv: Record = {};
- for (const key of safeEnvVars) {
- if (process.env[key]) {
- filteredEnv[key] = process.env[key]!;
- }
- }
- // Also include any CLAUDE_ or ANTHROPIC_ prefixed vars needed for auth
- for (const [key, value] of Object.entries(process.env)) {
- if ((key.startsWith('CLAUDE_') || key.startsWith('ANTHROPIC_')) && value) {
- filteredEnv[key] = value;
- }
- }
+ let subprocessEnv: Record;
- // Merge in any additional env vars passed by the caller (e.g., USE_CLAUDE_MD)
if (options.env) {
- for (const [key, value] of Object.entries(options.env)) {
- filteredEnv[key] = value;
- }
+ // Caller provided a complete environment (from getRunnerEnv()), use it directly
+ subprocessEnv = { ...options.env };
+ } else {
+ // Fallback: build a filtered environment for backwards compatibility
+ subprocessEnv = createFallbackRunnerEnv();
}
// Parse Python command to handle paths with spaces (e.g., ~/Library/Application Support/...)
const [pythonCommand, pythonBaseArgs] = parsePythonCommand(options.pythonPath);
const child = spawn(pythonCommand, [...pythonBaseArgs, ...options.args], {
cwd: options.cwd,
- env: filteredEnv,
+ env: subprocessEnv,
});
const promise = new Promise>((resolve) => {
diff --git a/apps/frontend/src/main/ipc-handlers/gitlab/import-handlers.ts b/apps/frontend/src/main/ipc-handlers/gitlab/import-handlers.ts
index eea6215d90..7b343efb27 100644
--- a/apps/frontend/src/main/ipc-handlers/gitlab/import-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/gitlab/import-handlers.ts
@@ -63,7 +63,7 @@ export function registerImportIssues(): void {
) as GitLabAPIIssue;
// Create a spec/task from the issue
- const task = await createSpecForIssue(project, apiIssue, config);
+ const task = await createSpecForIssue(project, apiIssue, config, project.settings?.mainBranch);
if (task) {
tasks.push(task);
diff --git a/apps/frontend/src/main/ipc-handlers/gitlab/investigation-handlers.ts b/apps/frontend/src/main/ipc-handlers/gitlab/investigation-handlers.ts
index 20b1a422cd..f383f03204 100644
--- a/apps/frontend/src/main/ipc-handlers/gitlab/investigation-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/gitlab/investigation-handlers.ts
@@ -158,7 +158,7 @@ export function registerInvestigateIssue(
});
// Create spec for the issue
- const task = await createSpecForIssue(project, issue, config);
+ const task = await createSpecForIssue(project, issue, config, project.settings?.mainBranch);
if (!task) {
sendError(getMainWindow, project.id, 'Failed to create task from issue');
diff --git a/apps/frontend/src/main/ipc-handlers/gitlab/mr-review-handlers.ts b/apps/frontend/src/main/ipc-handlers/gitlab/mr-review-handlers.ts
index 62cb9e0e8e..b4c310804d 100644
--- a/apps/frontend/src/main/ipc-handlers/gitlab/mr-review-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/gitlab/mr-review-handlers.ts
@@ -33,6 +33,7 @@ import {
getPythonPath,
buildRunnerArgs,
} from '../github/utils/subprocess-runner';
+import { getRunnerEnv } from '../github/utils/runner-env';
/**
* Get the GitLab runner path
@@ -216,10 +217,14 @@ async function runMRReview(
debugLog('Spawning MR review process', { args, model, thinkingLevel });
+ // Get runner environment with PYTHONPATH for bundled packages (fixes #139)
+ const subprocessEnv = await getRunnerEnv();
+
const { process: childProcess, promise } = runPythonSubprocess({
pythonPath: getPythonPath(backendPath),
args,
cwd: backendPath,
+ env: subprocessEnv,
onProgress: (percent, message) => {
debugLog('Progress update', { percent, message });
sendProgress({
@@ -821,10 +826,14 @@ export function registerMRReviewHandlers(
debugLog('Spawning follow-up review process', { args, model, thinkingLevel });
+ // Get runner environment with PYTHONPATH for bundled packages (fixes #139)
+ const followupSubprocessEnv = await getRunnerEnv();
+
const { process: childProcess, promise } = runPythonSubprocess({
pythonPath: getPythonPath(backendPath),
args,
cwd: backendPath,
+ env: followupSubprocessEnv,
onProgress: (percent, message) => {
debugLog('Progress update', { percent, message });
sendProgress({
diff --git a/apps/frontend/src/main/ipc-handlers/gitlab/spec-utils.ts b/apps/frontend/src/main/ipc-handlers/gitlab/spec-utils.ts
index a8830ca320..c624a63f70 100644
--- a/apps/frontend/src/main/ipc-handlers/gitlab/spec-utils.ts
+++ b/apps/frontend/src/main/ipc-handlers/gitlab/spec-utils.ts
@@ -7,6 +7,7 @@ import { mkdir, writeFile, readFile, stat } from 'fs/promises';
import path from 'path';
import type { Project } from '../../../shared/types';
import type { GitLabAPIIssue, GitLabConfig } from './types';
+import { labelMatchesWholeWord } from '../shared/label-utils';
/**
* Simplified task info returned when creating a spec from a GitLab issue.
@@ -60,6 +61,47 @@ function debugLog(message: string, data?: unknown): void {
}
}
+/**
+ * Determine task category based on GitLab issue labels
+ * Maps to TaskCategory type from shared/types/task.ts
+ */
+function determineCategoryFromLabels(labels: string[]): 'feature' | 'bug_fix' | 'refactoring' | 'documentation' | 'security' | 'performance' | 'ui_ux' | 'infrastructure' | 'testing' {
+ const lowerLabels = labels.map(l => l.toLowerCase());
+
+ if (lowerLabels.some(l => l.includes('bug') || l.includes('defect') || l.includes('error') || l.includes('fix'))) {
+ return 'bug_fix';
+ }
+ if (lowerLabels.some(l => l.includes('security') || l.includes('vulnerability') || l.includes('cve'))) {
+ return 'security';
+ }
+ if (lowerLabels.some(l => l.includes('performance') || l.includes('optimization') || l.includes('speed'))) {
+ return 'performance';
+ }
+ if (lowerLabels.some(l => l.includes('ui') || l.includes('ux') || l.includes('design') || l.includes('styling'))) {
+ return 'ui_ux';
+ }
+ // Use whole-word matching for 'ci' and 'cd' to avoid false positives like 'acid' or 'decide'
+ if (lowerLabels.some(l =>
+ l.includes('infrastructure') ||
+ l.includes('devops') ||
+ l.includes('deployment') ||
+ labelMatchesWholeWord(l, 'ci') ||
+ labelMatchesWholeWord(l, 'cd')
+ )) {
+ return 'infrastructure';
+ }
+ if (lowerLabels.some(l => l.includes('test') || l.includes('testing') || l.includes('qa'))) {
+ return 'testing';
+ }
+ if (lowerLabels.some(l => l.includes('refactor') || l.includes('cleanup') || l.includes('maintenance') || l.includes('chore') || l.includes('tech-debt') || l.includes('technical debt'))) {
+ return 'refactoring';
+ }
+ if (lowerLabels.some(l => l.includes('documentation') || l.includes('docs'))) {
+ return 'documentation';
+ }
+ return 'feature';
+}
+
function stripControlChars(value: string, allowNewlines: boolean): string {
let sanitized = '';
for (let i = 0; i < value.length; i += 1) {
@@ -258,7 +300,8 @@ async function pathExists(filePath: string): Promise {
export async function createSpecForIssue(
project: Project,
issue: GitLabAPIIssue,
- config: GitLabConfig
+ config: GitLabConfig,
+ baseBranch?: string
): Promise {
try {
// Validate and sanitize network data before writing to disk
@@ -321,7 +364,7 @@ export async function createSpecForIssue(
const taskContent = buildIssueContext(safeIssue, safeProject, config.instanceUrl);
await writeFile(path.join(specDir, 'TASK.md'), taskContent, 'utf-8');
- // Create metadata.json
+ // Create metadata.json (legacy format for GitLab-specific data)
const metadata = {
source: 'gitlab',
gitlab: {
@@ -339,6 +382,21 @@ export async function createSpecForIssue(
};
await writeFile(metadataPath, JSON.stringify(metadata, null, 2), 'utf-8');
+ // Create task_metadata.json (consistent with GitHub format for backend compatibility)
+ const taskMetadata = {
+ sourceType: 'gitlab' as const,
+ gitlabIssueIid: safeIssue.iid,
+ gitlabUrl: safeIssue.web_url,
+ category: determineCategoryFromLabels(safeIssue.labels || []),
+ // Store baseBranch for worktree creation and QA comparison
+ ...(baseBranch && { baseBranch })
+ };
+ await writeFile(
+ path.join(specDir, 'task_metadata.json'),
+ JSON.stringify(taskMetadata, null, 2),
+ 'utf-8'
+ );
+
debugLog('Created spec for issue:', { iid: safeIssue.iid, specDir });
// Return task info
diff --git a/apps/frontend/src/main/ipc-handlers/ideation/transformers.ts b/apps/frontend/src/main/ipc-handlers/ideation/transformers.ts
index 60cd110582..fed2d2bc8a 100644
--- a/apps/frontend/src/main/ipc-handlers/ideation/transformers.ts
+++ b/apps/frontend/src/main/ipc-handlers/ideation/transformers.ts
@@ -13,11 +13,45 @@ import type {
CodeQualityIdea,
IdeationStatus,
IdeationType,
- IdeationSession
+ IdeationSession,
+ PersonaRelevanceScore
} from '../../../shared/types';
import { debugLog } from '../../../shared/utils/debug-logger';
import type { RawIdea } from './types';
+/**
+ * Raw persona relevance item that can be in snake_case or camelCase
+ */
+interface RawPersonaRelevanceItem {
+ persona_id?: string;
+ personaId?: string;
+ relevance_score?: number;
+ relevanceScore?: number;
+ addressed_goal_ids?: string[];
+ addressedGoalIds?: string[];
+ addressed_pain_point_ids?: string[];
+ addressedPainPointIds?: string[];
+ rationale?: string;
+}
+
+/**
+ * Transform persona_relevance from snake_case to camelCase
+ */
+function transformPersonaRelevance(idea: RawIdea): PersonaRelevanceScore[] | undefined {
+ const rawRelevance = idea.persona_relevance || idea.personaRelevance;
+ if (!rawRelevance || !Array.isArray(rawRelevance)) {
+ return undefined;
+ }
+
+ return rawRelevance.map((r: RawPersonaRelevanceItem) => ({
+ personaId: r.persona_id || r.personaId || '',
+ relevanceScore: r.relevance_score ?? r.relevanceScore ?? 0,
+ addressedGoalIds: r.addressed_goal_ids || r.addressedGoalIds,
+ addressedPainPointIds: r.addressed_pain_point_ids || r.addressedPainPointIds,
+ rationale: r.rationale
+ }));
+}
+
const VALID_IDEATION_TYPES: ReadonlySet = new Set([
'code_improvements',
'ui_ux_improvements',
@@ -57,6 +91,8 @@ export function transformIdeaFromSnakeCase(idea: RawIdea): Idea {
const status = (idea.status || 'draft') as IdeationStatus;
const createdAt = idea.created_at ? new Date(idea.created_at) : new Date();
+ const personaRelevance = transformPersonaRelevance(idea);
+
if (idea.type === 'code_improvements') {
return {
id: idea.id,
@@ -66,6 +102,7 @@ export function transformIdeaFromSnakeCase(idea: RawIdea): Idea {
rationale: idea.rationale,
status,
createdAt,
+ personaRelevance,
buildsUpon: idea.builds_upon || idea.buildsUpon || [],
estimatedEffort: idea.estimated_effort || idea.estimatedEffort || 'small',
affectedFiles: idea.affected_files || idea.affectedFiles || [],
@@ -81,6 +118,7 @@ export function transformIdeaFromSnakeCase(idea: RawIdea): Idea {
rationale: idea.rationale,
status,
createdAt,
+ personaRelevance,
category: idea.category || 'usability',
affectedComponents: idea.affected_components || idea.affectedComponents || [],
screenshots: idea.screenshots || [],
@@ -97,6 +135,7 @@ export function transformIdeaFromSnakeCase(idea: RawIdea): Idea {
rationale: idea.rationale,
status,
createdAt,
+ personaRelevance,
category: idea.category || 'readme',
targetAudience: idea.target_audience || idea.targetAudience || 'developers',
affectedAreas: idea.affected_areas || idea.affectedAreas || [],
@@ -114,6 +153,7 @@ export function transformIdeaFromSnakeCase(idea: RawIdea): Idea {
rationale: idea.rationale,
status,
createdAt,
+ personaRelevance,
category: idea.category || 'configuration',
severity: idea.severity || 'medium',
affectedFiles: idea.affected_files || idea.affectedFiles || [],
@@ -132,6 +172,7 @@ export function transformIdeaFromSnakeCase(idea: RawIdea): Idea {
rationale: idea.rationale,
status,
createdAt,
+ personaRelevance,
category: idea.category || 'runtime',
impact: idea.impact || 'medium',
affectedAreas: idea.affected_areas || idea.affectedAreas || [],
@@ -150,6 +191,7 @@ export function transformIdeaFromSnakeCase(idea: RawIdea): Idea {
rationale: idea.rationale,
status,
createdAt,
+ personaRelevance,
category: idea.category || 'code_smells',
severity: idea.severity || 'minor',
affectedFiles: idea.affected_files || idea.affectedFiles || [],
@@ -173,6 +215,7 @@ export function transformIdeaFromSnakeCase(idea: RawIdea): Idea {
rationale: idea.rationale,
status,
createdAt,
+ personaRelevance,
buildsUpon: [],
estimatedEffort: 'small',
affectedFiles: [],
diff --git a/apps/frontend/src/main/ipc-handlers/ideation/types.ts b/apps/frontend/src/main/ipc-handlers/ideation/types.ts
index aebbf10153..03b3fe2bd1 100644
--- a/apps/frontend/src/main/ipc-handlers/ideation/types.ts
+++ b/apps/frontend/src/main/ipc-handlers/ideation/types.ts
@@ -72,6 +72,22 @@ export interface RawIdea extends Record {
// Linked task
linked_task_id?: string;
+
+ // Persona relevance (snake_case from Python)
+ persona_relevance?: {
+ persona_id: string;
+ relevance_score: number;
+ addressed_goal_ids?: string[];
+ addressed_pain_point_ids?: string[];
+ rationale?: string;
+ }[];
+ personaRelevance?: {
+ personaId: string;
+ relevanceScore: number;
+ addressedGoalIds?: string[];
+ addressedPainPointIds?: string[];
+ rationale?: string;
+ }[];
}
export interface RawIdeationData {
diff --git a/apps/frontend/src/main/ipc-handlers/index.ts b/apps/frontend/src/main/ipc-handlers/index.ts
index 3501abd8bc..308ea819d0 100644
--- a/apps/frontend/src/main/ipc-handlers/index.ts
+++ b/apps/frontend/src/main/ipc-handlers/index.ts
@@ -18,12 +18,12 @@ import { registerAgenteventsHandlers } from './agent-events-handlers';
import { registerSettingsHandlers } from './settings-handlers';
import { registerFileHandlers } from './file-handlers';
import { registerRoadmapHandlers } from './roadmap-handlers';
+import { registerPersonaHandlers } from './persona-handlers';
import { registerContextHandlers } from './context-handlers';
import { registerEnvHandlers } from './env-handlers';
import { registerLinearHandlers } from './linear-handlers';
import { registerGithubHandlers } from './github-handlers';
import { registerGitlabHandlers } from './gitlab-handlers';
-import { registerAutobuildSourceHandlers } from './autobuild-source-handlers';
import { registerIdeationHandlers } from './ideation-handlers';
import { registerChangelogHandlers } from './changelog-handlers';
import { registerInsightsHandlers } from './insights-handlers';
@@ -32,6 +32,8 @@ import { registerAppUpdateHandlers } from './app-update-handlers';
import { registerDebugHandlers } from './debug-handlers';
import { registerClaudeCodeHandlers } from './claude-code-handlers';
import { registerMcpHandlers } from './mcp-handlers';
+import { registerProfileHandlers } from './profile-handlers';
+import { registerTerminalWorktreeIpcHandlers } from './terminal';
import { notificationService } from '../notification-service';
/**
@@ -60,6 +62,9 @@ export function setupIpcHandlers(
// Terminal and Claude profile handlers
registerTerminalHandlers(terminalManager, getMainWindow);
+ // Terminal worktree handlers (isolated development in worktrees)
+ registerTerminalWorktreeIpcHandlers();
+
// Agent event handlers (event forwarding from agent manager to renderer)
registerAgenteventsHandlers(agentManager, getMainWindow);
@@ -72,6 +77,9 @@ export function setupIpcHandlers(
// Roadmap handlers
registerRoadmapHandlers(agentManager, getMainWindow);
+ // Persona handlers
+ registerPersonaHandlers(agentManager, getMainWindow);
+
// Context and memory handlers
registerContextHandlers(getMainWindow);
@@ -87,9 +95,6 @@ export function setupIpcHandlers(
// GitLab integration handlers
registerGitlabHandlers(agentManager, getMainWindow);
- // Auto-build source update handlers
- registerAutobuildSourceHandlers(getMainWindow);
-
// Ideation handlers
registerIdeationHandlers(agentManager, getMainWindow);
@@ -114,6 +119,9 @@ export function setupIpcHandlers(
// MCP server health check handlers
registerMcpHandlers();
+ // API Profile handlers (custom Anthropic-compatible endpoints)
+ registerProfileHandlers();
+
console.warn('[IPC] All handler modules registered successfully');
}
@@ -122,16 +130,17 @@ export {
registerProjectHandlers,
registerTaskHandlers,
registerTerminalHandlers,
+ registerTerminalWorktreeIpcHandlers,
registerAgenteventsHandlers,
registerSettingsHandlers,
registerFileHandlers,
registerRoadmapHandlers,
+ registerPersonaHandlers,
registerContextHandlers,
registerEnvHandlers,
registerLinearHandlers,
registerGithubHandlers,
registerGitlabHandlers,
- registerAutobuildSourceHandlers,
registerIdeationHandlers,
registerChangelogHandlers,
registerInsightsHandlers,
@@ -139,5 +148,6 @@ export {
registerAppUpdateHandlers,
registerDebugHandlers,
registerClaudeCodeHandlers,
- registerMcpHandlers
+ registerMcpHandlers,
+ registerProfileHandlers
};
diff --git a/apps/frontend/src/main/ipc-handlers/insights-handlers.ts b/apps/frontend/src/main/ipc-handlers/insights-handlers.ts
index cef96a6d7d..11a18c0b88 100644
--- a/apps/frontend/src/main/ipc-handlers/insights-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/insights-handlers.ts
@@ -42,9 +42,27 @@ export function registerInsightsHandlers(
return;
}
- // Note: Python environment initialization should be handled by insightsService
- // or added here with proper dependency injection if needed
- insightsService.sendMessage(projectId, project.path, message, modelConfig);
+ // Await the async sendMessage to ensure proper error handling and
+ // that all async operations (like getProcessEnv) complete before
+ // the handler returns. This fixes race conditions on Windows where
+ // environment setup wouldn't complete before process spawn.
+ try {
+ await insightsService.sendMessage(projectId, project.path, message, modelConfig);
+ } catch (error) {
+ // Errors during sendMessage (executor errors) are already emitted via
+ // the 'error' event, but we catch here to prevent unhandled rejection
+ // and ensure all error types are reported to the UI
+ console.error('[Insights IPC] Error in sendMessage:', error);
+ const mainWindow = getMainWindow();
+ if (mainWindow) {
+ const errorMessage = error instanceof Error ? error.message : String(error);
+ mainWindow.webContents.send(
+ IPC_CHANNELS.INSIGHTS_ERROR,
+ projectId,
+ `Failed to send message: ${errorMessage}`
+ );
+ }
+ }
}
);
diff --git a/apps/frontend/src/main/ipc-handlers/mcp-handlers.ts b/apps/frontend/src/main/ipc-handlers/mcp-handlers.ts
index 0515529973..50e16973e4 100644
--- a/apps/frontend/src/main/ipc-handlers/mcp-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/mcp-handlers.ts
@@ -28,6 +28,12 @@ const DANGEROUS_FLAGS = new Set([
'--require', '-r'
]);
+/**
+ * Defense-in-depth: Shell metacharacters that could enable command injection
+ * when shell: true is used on Windows
+ */
+const SHELL_METACHARACTERS = ['&', '|', '>', '<', '^', '%', ';', '$', '`', '\n', '\r'];
+
/**
* Validate that a command is in the safe allowlist
*/
@@ -39,11 +45,22 @@ function isCommandSafe(command: string | undefined): boolean {
}
/**
- * Validate that args don't contain dangerous interpreter flags
+ * Validate that args don't contain dangerous interpreter flags or shell metacharacters
*/
function areArgsSafe(args: string[] | undefined): boolean {
if (!args || args.length === 0) return true;
- return !args.some(arg => DANGEROUS_FLAGS.has(arg));
+
+ // Check for dangerous interpreter flags
+ if (args.some(arg => DANGEROUS_FLAGS.has(arg))) return false;
+
+ // On Windows with shell: true, check for shell metacharacters that could enable injection
+ if (process.platform === 'win32') {
+ if (args.some(arg => SHELL_METACHARACTERS.some(char => arg.includes(char)))) {
+ return false;
+ }
+ }
+
+ return true;
}
/**
@@ -171,7 +188,7 @@ async function checkCommandHealth(server: CustomMcpServer, startTime: number): P
return resolve({
serverId: server.id,
status: 'unhealthy',
- message: 'Args contain dangerous interpreter flags',
+ message: 'Args contain dangerous flags or shell metacharacters',
checkedAt: new Date().toISOString(),
});
}
@@ -394,14 +411,17 @@ async function testCommandConnection(server: CustomMcpServer, startTime: number)
return resolve({
serverId: server.id,
success: false,
- message: 'Args contain dangerous interpreter flags',
+ message: 'Args contain dangerous flags or shell metacharacters',
});
}
const args = server.args || [];
+
+ // On Windows, use shell: true to properly handle .cmd/.bat scripts like npx
const proc = spawn(server.command!, args, {
stdio: ['pipe', 'pipe', 'pipe'],
timeout: 15000, // OS-level timeout for reliable process termination
+ shell: process.platform === 'win32', // Required for Windows to run npx.cmd
});
let stdout = '';
diff --git a/apps/frontend/src/main/ipc-handlers/memory-handlers.ts b/apps/frontend/src/main/ipc-handlers/memory-handlers.ts
index 5b8c6d0504..9ea2b79ab4 100644
--- a/apps/frontend/src/main/ipc-handlers/memory-handlers.ts
+++ b/apps/frontend/src/main/ipc-handlers/memory-handlers.ts
@@ -25,7 +25,7 @@ import {
} from '../memory-service';
import { validateOpenAIApiKey } from '../api-validation-service';
import { parsePythonCommand } from '../python-detector';
-import { getConfiguredPythonPath } from '../python-env-manager';
+import { getConfiguredPythonPath, pythonEnvManager } from '../python-env-manager';
import { openTerminalWithCommand } from './claude-code-handlers';
/**
@@ -212,7 +212,11 @@ function checkOllamaInstalled(): OllamaInstallStatus {
* - Official method per https://winstall.app/apps/Ollama.Ollama
* - Winget is pre-installed on Windows 10 (1709+) and Windows 11
*
- * macOS/Linux: Uses official install script from https://ollama.com/download
+ * macOS: Uses Homebrew (most common package manager on macOS)
+ * - Official method: brew install ollama
+ * - Reference: https://ollama.com/download/mac
+ *
+ * Linux: Uses official install script from https://ollama.com/download
*
* @returns {string} The install command to run in terminal
*/
@@ -222,8 +226,13 @@ function getOllamaInstallCommand(): string {
// This is an official installation method for Ollama on Windows
// Reference: https://winstall.app/apps/Ollama.Ollama
return 'winget install --id Ollama.Ollama --accept-source-agreements';
+ } else if (process.platform === 'darwin') {
+ // macOS: Use Homebrew (most widely used package manager on macOS)
+ // Official Ollama installation method for macOS
+ // Reference: https://ollama.com/download/mac
+ return 'brew install ollama';
} else {
- // macOS/Linux: Use shell script from official Ollama
+ // Linux: Use shell script from official Ollama
// Reference: https://ollama.com/download
return 'curl -fsSL https://ollama.com/install.sh | sh';
}
@@ -296,6 +305,9 @@ async function executeOllamaDetector(
let resolved = false;
const proc = spawn(pythonExe, args, {
stdio: ['ignore', 'pipe', 'pipe'],
+ // Use sanitized Python environment to prevent PYTHONHOME contamination
+ // Fixes "Could not find platform independent libraries" error on Windows
+ env: pythonEnvManager.getPythonEnv(),
});
let stdout = '';
@@ -769,6 +781,9 @@ export function registerMemoryHandlers(): void {
const proc = spawn(pythonExe, args, {
stdio: ['ignore', 'pipe', 'pipe'],
timeout: 600000, // 10 minute timeout for large models
+ // Use sanitized Python environment to prevent PYTHONHOME contamination
+ // Fixes "Could not find platform independent libraries" error on Windows
+ env: pythonEnvManager.getPythonEnv(),
});
let stdout = '';
diff --git a/apps/frontend/src/main/ipc-handlers/persona-handlers.ts b/apps/frontend/src/main/ipc-handlers/persona-handlers.ts
new file mode 100644
index 0000000000..404edd437b
--- /dev/null
+++ b/apps/frontend/src/main/ipc-handlers/persona-handlers.ts
@@ -0,0 +1,747 @@
+import { ipcMain, app } from 'electron';
+import type { BrowserWindow } from 'electron';
+import { IPC_CHANNELS, AUTO_BUILD_PATHS, DEFAULT_APP_SETTINGS, DEFAULT_FEATURE_MODELS, DEFAULT_FEATURE_THINKING } from '../../shared/constants';
+import type { IPCResult, Persona, PersonasConfig, PersonaGenerationStatus, PersonaEnrichmentInput, PersonaEnrichmentStatus, AppSettings } from '../../shared/types';
+import type { PersonaConfig } from '../agent/types';
+import path from 'path';
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'fs';
+import { projectStore } from '../project-store';
+import { AgentManager } from '../agent';
+import { debugLog, debugError } from '../../shared/utils/debug-logger';
+
+/**
+ * Read feature settings from the settings file
+ */
+function getFeatureSettings(): { model?: string; thinkingLevel?: string } {
+ const settingsPath = path.join(app.getPath('userData'), 'settings.json');
+
+ try {
+ if (existsSync(settingsPath)) {
+ const content = readFileSync(settingsPath, 'utf-8');
+ const settings: AppSettings = { ...DEFAULT_APP_SETTINGS, ...JSON.parse(content) };
+
+ // Get persona-specific settings (use ideation settings as default since personas is similar)
+ const featureModels = settings.featureModels || DEFAULT_FEATURE_MODELS;
+ const featureThinking = settings.featureThinking || DEFAULT_FEATURE_THINKING;
+
+ return {
+ model: featureModels.ideation || 'sonnet', // Use ideation model for personas
+ thinkingLevel: featureThinking.ideation || 'medium'
+ };
+ }
+ } catch (error) {
+ debugError('[Persona Handler] Failed to read feature settings:', error);
+ }
+
+ // Return defaults if settings file doesn't exist or fails to parse
+ return {
+ model: 'sonnet',
+ thinkingLevel: 'medium'
+ };
+}
+
+/**
+ * Transform snake_case persona data from JSON to camelCase for frontend
+ */
+function transformPersonaFromFile(raw: Record): Persona {
+ return {
+ id: raw.id as string,
+ name: raw.name as string,
+ type: raw.type as 'primary' | 'secondary' | 'edge-case',
+ tagline: raw.tagline as string,
+ avatar: {
+ initials: (raw.avatar as Record)?.initials as string || '',
+ color: (raw.avatar as Record)?.color as string || '#4F46E5'
+ },
+ demographics: {
+ role: (raw.demographics as Record)?.role as string || '',
+ experienceLevel: (raw.demographics as Record)?.experienceLevel as Persona['demographics']['experienceLevel'] || 'mid',
+ industry: (raw.demographics as Record)?.industry as string,
+ companySize: (raw.demographics as Record)?.companySize as Persona['demographics']['companySize']
+ },
+ goals: ((raw.goals as Array>) || []).map(g => ({
+ id: g.id as string,
+ description: g.description as string,
+ priority: g.priority as 'must-have' | 'should-have' | 'nice-to-have'
+ })),
+ painPoints: ((raw.painPoints as Array>) || []).map(p => ({
+ id: p.id as string,
+ description: p.description as string,
+ severity: p.severity as 'high' | 'medium' | 'low',
+ currentWorkaround: p.currentWorkaround as string | undefined
+ })),
+ behaviors: {
+ usageFrequency: (raw.behaviors as Record)?.usageFrequency as Persona['behaviors']['usageFrequency'] || 'weekly',
+ preferredChannels: ((raw.behaviors as Record)?.preferredChannels as string[]) || [],
+ decisionFactors: ((raw.behaviors as Record)?.decisionFactors as string[]) || [],
+ toolStack: ((raw.behaviors as Record)?.toolStack as string[]) || []
+ },
+ quotes: (raw.quotes as string[]) || [],
+ scenarios: ((raw.scenarios as Array>) || []).map(s => ({
+ id: s.id as string,
+ title: s.title as string,
+ context: s.context as string,
+ action: s.action as string,
+ outcome: s.outcome as string
+ })),
+ featurePreferences: {
+ mustHave: ((raw.featurePreferences as Record)?.mustHave as string[]) || [],
+ niceToHave: ((raw.featurePreferences as Record)?.niceToHave as string[]) || [],
+ avoid: ((raw.featurePreferences as Record)?.avoid as string[]) || []
+ },
+ discoverySource: {
+ userTypeId: (raw.discoverySource as Record)?.userTypeId as string || '',
+ confidence: (raw.discoverySource as Record)?.confidence as 'high' | 'medium' | 'low' || 'medium',
+ researchEnriched: (raw.discoverySource as Record)?.researchEnriched as boolean || false
+ },
+ createdAt: raw.createdAt as string || new Date().toISOString(),
+ updatedAt: raw.updatedAt as string || new Date().toISOString()
+ };
+}
+
+/**
+ * Register all persona-related IPC handlers
+ */
+export function registerPersonaHandlers(
+ agentManager: AgentManager,
+ getMainWindow: () => BrowserWindow | null
+): void {
+ // ============================================
+ // Persona Operations
+ // ============================================
+
+ ipcMain.handle(
+ IPC_CHANNELS.PERSONA_GET,
+ async (_, projectId: string): Promise> => {
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ return { success: false, error: 'Project not found' };
+ }
+
+ const personasPath = path.join(
+ project.path,
+ AUTO_BUILD_PATHS.PERSONAS_DIR,
+ AUTO_BUILD_PATHS.PERSONAS_FILE
+ );
+
+ if (!existsSync(personasPath)) {
+ return { success: true, data: null };
+ }
+
+ try {
+ const content = readFileSync(personasPath, 'utf-8');
+ const rawData = JSON.parse(content);
+
+ // Transform to frontend format
+ const config: PersonasConfig = {
+ version: rawData.version || '1.0',
+ projectId: rawData.projectId || projectId,
+ personas: (rawData.personas || []).map(transformPersonaFromFile),
+ metadata: {
+ generatedAt: rawData.metadata?.generatedAt || new Date().toISOString(),
+ discoverySynced: rawData.metadata?.discoverySynced ?? true,
+ researchEnriched: rawData.metadata?.researchEnriched ?? false,
+ roadmapSynced: rawData.metadata?.roadmapSynced ?? false,
+ personaCount: (rawData.personas || []).length
+ }
+ };
+
+ return { success: true, data: config };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to read personas'
+ };
+ }
+ }
+ );
+
+ ipcMain.on(
+ IPC_CHANNELS.PERSONA_GENERATE,
+ (_, projectId: string, options: { enableResearch: boolean }) => {
+ const featureSettings = getFeatureSettings();
+ const config: PersonaConfig = {
+ model: featureSettings.model,
+ thinkingLevel: featureSettings.thinkingLevel,
+ enableResearch: options.enableResearch
+ };
+
+ debugLog('[Persona Handler] Generate request:', {
+ projectId,
+ enableResearch: options.enableResearch,
+ config
+ });
+
+ const mainWindow = getMainWindow();
+ if (!mainWindow) return;
+
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ debugError('[Persona Handler] Project not found:', projectId);
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_ERROR,
+ projectId,
+ 'Project not found'
+ );
+ return;
+ }
+
+ debugLog('[Persona Handler] Starting agent manager generation:', {
+ projectId,
+ projectPath: project.path,
+ config
+ });
+
+ // Start persona generation via agent manager
+ agentManager.startPersonaGeneration(
+ projectId,
+ project.path,
+ false, // refresh (not a refresh operation)
+ config
+ );
+
+ // Send initial progress
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_PROGRESS,
+ projectId,
+ {
+ phase: 'analyzing',
+ progress: 10,
+ message: 'Analyzing project structure...'
+ } as PersonaGenerationStatus
+ );
+ }
+ );
+
+ ipcMain.on(
+ IPC_CHANNELS.PERSONA_REFRESH,
+ (_, projectId: string, options: { enableResearch: boolean }) => {
+ const featureSettings = getFeatureSettings();
+ const config: PersonaConfig = {
+ model: featureSettings.model,
+ thinkingLevel: featureSettings.thinkingLevel,
+ enableResearch: options.enableResearch
+ };
+
+ debugLog('[Persona Handler] Refresh request:', {
+ projectId,
+ enableResearch: options.enableResearch,
+ config
+ });
+
+ const mainWindow = getMainWindow();
+ if (!mainWindow) return;
+
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_ERROR,
+ projectId,
+ 'Project not found'
+ );
+ return;
+ }
+
+ // Start persona regeneration with refresh flag
+ agentManager.startPersonaGeneration(
+ projectId,
+ project.path,
+ true, // refresh (this is a refresh operation)
+ config
+ );
+
+ // Send initial progress
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_PROGRESS,
+ projectId,
+ {
+ phase: 'analyzing',
+ progress: 10,
+ message: 'Refreshing personas...'
+ } as PersonaGenerationStatus
+ );
+ }
+ );
+
+ ipcMain.handle(
+ IPC_CHANNELS.PERSONA_STOP,
+ async (_, projectId: string): Promise => {
+ debugLog('[Persona Handler] Stop generation request:', { projectId });
+
+ const mainWindow = getMainWindow();
+
+ // Stop persona generation for this project
+ const wasStopped = agentManager.stopPersonas(projectId);
+
+ debugLog('[Persona Handler] Stop result:', { projectId, wasStopped });
+
+ if (wasStopped && mainWindow) {
+ debugLog('[Persona Handler] Sending stopped event to renderer');
+ mainWindow.webContents.send(IPC_CHANNELS.PERSONA_STOPPED, projectId);
+ }
+
+ return { success: wasStopped };
+ }
+ );
+
+ // ============================================
+ // Persona Save (full state persistence)
+ // ============================================
+
+ ipcMain.handle(
+ IPC_CHANNELS.PERSONA_SAVE,
+ async (
+ _,
+ projectId: string,
+ personas: Persona[]
+ ): Promise => {
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ return { success: false, error: 'Project not found' };
+ }
+
+ const personasDir = path.join(project.path, AUTO_BUILD_PATHS.PERSONAS_DIR);
+ const personasPath = path.join(personasDir, AUTO_BUILD_PATHS.PERSONAS_FILE);
+
+ // Ensure directory exists
+ if (!existsSync(personasDir)) {
+ mkdirSync(personasDir, { recursive: true });
+ }
+
+ try {
+ let existingData: Record = {};
+ if (existsSync(personasPath)) {
+ const content = readFileSync(personasPath, 'utf-8');
+ existingData = JSON.parse(content);
+ }
+
+ // Update personas and metadata
+ existingData.personas = personas;
+ existingData.metadata = {
+ ...(existingData.metadata as Record || {}),
+ personaCount: personas.length,
+ updatedAt: new Date().toISOString()
+ };
+
+ writeFileSync(personasPath, JSON.stringify(existingData, null, 2));
+
+ return { success: true };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to save personas'
+ };
+ }
+ }
+ );
+
+ ipcMain.handle(
+ IPC_CHANNELS.PERSONA_UPDATE,
+ async (
+ _,
+ projectId: string,
+ personaId: string,
+ updates: Partial
+ ): Promise => {
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ return { success: false, error: 'Project not found' };
+ }
+
+ const personasPath = path.join(
+ project.path,
+ AUTO_BUILD_PATHS.PERSONAS_DIR,
+ AUTO_BUILD_PATHS.PERSONAS_FILE
+ );
+
+ if (!existsSync(personasPath)) {
+ return { success: false, error: 'Personas not found' };
+ }
+
+ try {
+ const content = readFileSync(personasPath, 'utf-8');
+ const data = JSON.parse(content);
+
+ // Find and update the persona
+ const personaIndex = data.personas?.findIndex((p: { id: string }) => p.id === personaId);
+ if (personaIndex === -1 || personaIndex === undefined) {
+ return { success: false, error: 'Persona not found' };
+ }
+
+ data.personas[personaIndex] = {
+ ...data.personas[personaIndex],
+ ...updates,
+ updatedAt: new Date().toISOString()
+ };
+ data.metadata = data.metadata || {};
+ data.metadata.updatedAt = new Date().toISOString();
+
+ writeFileSync(personasPath, JSON.stringify(data, null, 2));
+
+ return { success: true };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to update persona'
+ };
+ }
+ }
+ );
+
+ ipcMain.handle(
+ IPC_CHANNELS.PERSONA_DELETE,
+ async (
+ _,
+ projectId: string,
+ personaId: string
+ ): Promise => {
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ return { success: false, error: 'Project not found' };
+ }
+
+ const personasPath = path.join(
+ project.path,
+ AUTO_BUILD_PATHS.PERSONAS_DIR,
+ AUTO_BUILD_PATHS.PERSONAS_FILE
+ );
+
+ if (!existsSync(personasPath)) {
+ return { success: false, error: 'Personas not found' };
+ }
+
+ try {
+ const content = readFileSync(personasPath, 'utf-8');
+ const data = JSON.parse(content);
+
+ // Filter out the persona
+ const originalCount = data.personas?.length || 0;
+ data.personas = (data.personas || []).filter((p: { id: string }) => p.id !== personaId);
+
+ if (data.personas.length === originalCount) {
+ return { success: false, error: 'Persona not found' };
+ }
+
+ data.metadata = data.metadata || {};
+ data.metadata.personaCount = data.personas.length;
+ data.metadata.updatedAt = new Date().toISOString();
+
+ writeFileSync(personasPath, JSON.stringify(data, null, 2));
+
+ return { success: true };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to delete persona'
+ };
+ }
+ }
+ );
+
+ ipcMain.handle(
+ IPC_CHANNELS.PERSONA_ADD,
+ async (
+ _,
+ projectId: string,
+ persona: Persona
+ ): Promise => {
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ return { success: false, error: 'Project not found' };
+ }
+
+ const personasDir = path.join(project.path, AUTO_BUILD_PATHS.PERSONAS_DIR);
+ const personasPath = path.join(personasDir, AUTO_BUILD_PATHS.PERSONAS_FILE);
+
+ // Ensure directory exists
+ if (!existsSync(personasDir)) {
+ mkdirSync(personasDir, { recursive: true });
+ }
+
+ try {
+ let data: Record = {
+ version: '1.0',
+ projectId,
+ personas: [],
+ metadata: {
+ generatedAt: new Date().toISOString(),
+ discoverySynced: false,
+ researchEnriched: false,
+ roadmapSynced: false,
+ personaCount: 0
+ }
+ };
+
+ if (existsSync(personasPath)) {
+ const content = readFileSync(personasPath, 'utf-8');
+ data = JSON.parse(content);
+ }
+
+ // Add the new persona
+ const personas = data.personas as Persona[] || [];
+ personas.push({
+ ...persona,
+ createdAt: new Date().toISOString(),
+ updatedAt: new Date().toISOString()
+ });
+ data.personas = personas;
+
+ data.metadata = data.metadata || {};
+ (data.metadata as Record).personaCount = personas.length;
+ (data.metadata as Record).updatedAt = new Date().toISOString();
+
+ writeFileSync(personasPath, JSON.stringify(data, null, 2));
+
+ return { success: true };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to add persona'
+ };
+ }
+ }
+ );
+
+ // ============================================
+ // Persona Enrichment Operations (AI-assisted creation)
+ // ============================================
+
+ ipcMain.on(
+ IPC_CHANNELS.PERSONA_ENRICH_NEW,
+ (_, projectId: string, input: PersonaEnrichmentInput) => {
+ debugLog('[Persona Handler] Enrich new persona request:', {
+ projectId,
+ role: input.role,
+ type: input.type
+ });
+
+ const mainWindow = getMainWindow();
+ if (!mainWindow) return;
+
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ debugError('[Persona Handler] Project not found:', projectId);
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_ENRICHMENT_ERROR,
+ projectId,
+ 'Project not found'
+ );
+ return;
+ }
+
+ // Send initial progress
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_ENRICHMENT_PROGRESS,
+ projectId,
+ {
+ phase: 'researching',
+ progress: 10,
+ message: 'Starting AI-assisted persona creation...'
+ } as PersonaEnrichmentStatus
+ );
+
+ // Start enrichment via agent manager
+ agentManager.startPersonaEnrichment(
+ projectId,
+ project.path,
+ input
+ );
+ }
+ );
+
+ ipcMain.on(
+ IPC_CHANNELS.PERSONA_ENRICH_EXISTING,
+ (_, projectId: string, personaId: string) => {
+ debugLog('[Persona Handler] Enrich existing persona request:', {
+ projectId,
+ personaId
+ });
+
+ const mainWindow = getMainWindow();
+ if (!mainWindow) return;
+
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ debugError('[Persona Handler] Project not found:', projectId);
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_ENRICHMENT_ERROR,
+ projectId,
+ 'Project not found'
+ );
+ return;
+ }
+
+ // Load the existing persona from file
+ const personasPath = path.join(
+ project.path,
+ AUTO_BUILD_PATHS.PERSONAS_DIR,
+ AUTO_BUILD_PATHS.PERSONAS_FILE
+ );
+
+ if (!existsSync(personasPath)) {
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_ENRICHMENT_ERROR,
+ projectId,
+ 'Personas file not found'
+ );
+ return;
+ }
+
+ try {
+ const content = readFileSync(personasPath, 'utf-8');
+ const data = JSON.parse(content);
+ const persona = data.personas?.find((p: { id: string }) => p.id === personaId);
+
+ if (!persona) {
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_ENRICHMENT_ERROR,
+ projectId,
+ 'Persona not found'
+ );
+ return;
+ }
+
+ // Send initial progress
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_ENRICHMENT_PROGRESS,
+ projectId,
+ {
+ phase: 'researching',
+ progress: 10,
+ message: 'Starting AI enrichment for existing persona...'
+ } as PersonaEnrichmentStatus
+ );
+
+ // Start enrichment via agent manager
+ agentManager.startPersonaEnrichmentExisting(
+ projectId,
+ project.path,
+ personaId,
+ transformPersonaFromFile(persona)
+ );
+ } catch (error) {
+ debugError('[Persona Handler] Failed to read persona:', error);
+ mainWindow.webContents.send(
+ IPC_CHANNELS.PERSONA_ENRICHMENT_ERROR,
+ projectId,
+ error instanceof Error ? error.message : 'Failed to read persona'
+ );
+ }
+ }
+ );
+
+ ipcMain.handle(
+ IPC_CHANNELS.PERSONA_ADD_MANUAL,
+ async (
+ _,
+ projectId: string,
+ persona: Persona
+ ): Promise> => {
+ const project = projectStore.getProject(projectId);
+ if (!project) {
+ return { success: false, error: 'Project not found' };
+ }
+
+ const personasDir = path.join(project.path, AUTO_BUILD_PATHS.PERSONAS_DIR);
+ const personasPath = path.join(personasDir, AUTO_BUILD_PATHS.PERSONAS_FILE);
+
+ // Ensure directory exists
+ if (!existsSync(personasDir)) {
+ mkdirSync(personasDir, { recursive: true });
+ }
+
+ try {
+ let data: Record = {
+ version: '1.0',
+ projectId,
+ personas: [],
+ metadata: {
+ generatedAt: new Date().toISOString(),
+ discoverySynced: false,
+ researchEnriched: false,
+ roadmapSynced: false,
+ personaCount: 0
+ }
+ };
+
+ if (existsSync(personasPath)) {
+ const content = readFileSync(personasPath, 'utf-8');
+ data = JSON.parse(content);
+ }
+
+ // Generate ID if not provided
+ const newPersona: Persona = {
+ ...persona,
+ id: persona.id || `persona-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`,
+ createdAt: new Date().toISOString(),
+ updatedAt: new Date().toISOString()
+ };
+
+ // Add the new persona
+ const personas = data.personas as Persona[] || [];
+ personas.push(newPersona);
+ data.personas = personas;
+
+ data.metadata = data.metadata || {};
+ (data.metadata as Record).personaCount = personas.length;
+ (data.metadata as Record).updatedAt = new Date().toISOString();
+
+ writeFileSync(personasPath, JSON.stringify(data, null, 2));
+
+ return { success: true, data: newPersona };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to add manual persona'
+ };
+ }
+ }
+ );
+
+ // ============================================
+ // Persona Agent Events → Renderer
+ // ============================================
+
+ agentManager.on('persona-progress', (projectId: string, status: PersonaGenerationStatus) => {
+ const mainWindow = getMainWindow();
+ if (mainWindow) {
+ mainWindow.webContents.send(IPC_CHANNELS.PERSONA_PROGRESS, projectId, status);
+ }
+ });
+
+ agentManager.on('persona-complete', (projectId: string, config: PersonasConfig) => {
+ const mainWindow = getMainWindow();
+ if (mainWindow) {
+ mainWindow.webContents.send(IPC_CHANNELS.PERSONA_COMPLETE, projectId, config);
+ }
+ });
+
+ agentManager.on('persona-error', (projectId: string, error: string) => {
+ const mainWindow = getMainWindow();
+ if (mainWindow) {
+ mainWindow.webContents.send(IPC_CHANNELS.PERSONA_ERROR, projectId, error);
+ }
+ });
+
+ // Persona enrichment events
+ agentManager.on('persona-enrichment-progress', (projectId: string, status: PersonaEnrichmentStatus) => {
+ const mainWindow = getMainWindow();
+ if (mainWindow) {
+ mainWindow.webContents.send(IPC_CHANNELS.PERSONA_ENRICHMENT_PROGRESS, projectId, status);
+ }
+ });
+
+ agentManager.on('persona-enrichment-complete', (projectId: string, persona: Persona) => {
+ const mainWindow = getMainWindow();
+ if (mainWindow) {
+ mainWindow.webContents.send(IPC_CHANNELS.PERSONA_ENRICHMENT_COMPLETE, projectId, persona);
+ }
+ });
+
+ agentManager.on('persona-enrichment-error', (projectId: string, error: string) => {
+ const mainWindow = getMainWindow();
+ if (mainWindow) {
+ mainWindow.webContents.send(IPC_CHANNELS.PERSONA_ENRICHMENT_ERROR, projectId, error);
+ }
+ });
+}
diff --git a/apps/frontend/src/main/ipc-handlers/profile-handlers.test.ts b/apps/frontend/src/main/ipc-handlers/profile-handlers.test.ts
new file mode 100644
index 0000000000..0e115e4647
--- /dev/null
+++ b/apps/frontend/src/main/ipc-handlers/profile-handlers.test.ts
@@ -0,0 +1,341 @@
+/**
+ * Tests for profile IPC handlers
+ *
+ * Tests profiles:set-active handler with support for:
+ * - Setting valid profile as active
+ * - Switching to OAuth (null profileId)
+ */
+
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import type { APIProfile, ProfilesFile } from '@shared/types/profile';
+
+// Hoist mocked functions to avoid circular dependency in atomicModifyProfiles
+const { mockedLoadProfilesFile, mockedSaveProfilesFile } = vi.hoisted(() => ({
+ mockedLoadProfilesFile: vi.fn(),
+ mockedSaveProfilesFile: vi.fn()
+}));
+
+// Mock electron before importing
+vi.mock('electron', () => ({
+ ipcMain: {
+ handle: vi.fn(),
+ on: vi.fn()
+ }
+}));
+
+// Mock profile service
+vi.mock('../services/profile', () => ({
+ loadProfilesFile: mockedLoadProfilesFile,
+ saveProfilesFile: mockedSaveProfilesFile,
+ validateFilePermissions: vi.fn(),
+ getProfilesFilePath: vi.fn(() => '/test/profiles.json'),
+ createProfile: vi.fn(),
+ updateProfile: vi.fn(),
+ deleteProfile: vi.fn(),
+ testConnection: vi.fn(),
+ discoverModels: vi.fn(),
+ atomicModifyProfiles: vi.fn(async (modifier: (file: unknown) => unknown) => {
+ const file = await mockedLoadProfilesFile();
+ const modified = modifier(file);
+ await mockedSaveProfilesFile(modified as never);
+ return modified;
+ })
+}));
+
+import { registerProfileHandlers } from './profile-handlers';
+import { ipcMain } from 'electron';
+import { IPC_CHANNELS } from '../../shared/constants';
+import {
+ loadProfilesFile,
+ saveProfilesFile,
+ validateFilePermissions,
+ testConnection
+} from '../services/profile';
+import type { TestConnectionResult } from '@shared/types/profile';
+
+// Get the handler function for testing
+function getSetActiveHandler() {
+ const calls = (ipcMain.handle as unknown as ReturnType).mock.calls;
+ const setActiveCall = calls.find(
+ (call) => call[0] === IPC_CHANNELS.PROFILES_SET_ACTIVE
+ );
+ return setActiveCall?.[1];
+}
+
+// Get the testConnection handler function for testing
+function getTestConnectionHandler() {
+ const calls = (ipcMain.handle as unknown as ReturnType).mock.calls;
+ const testConnectionCall = calls.find(
+ (call) => call[0] === IPC_CHANNELS.PROFILES_TEST_CONNECTION
+ );
+ return testConnectionCall?.[1];
+}
+
+describe('profile-handlers - setActiveProfile', () => {
+ beforeEach(() => {
+ vi.clearAllMocks();
+ registerProfileHandlers();
+ });
+ const mockProfiles: APIProfile[] = [
+ {
+ id: 'profile-1',
+ name: 'Test Profile 1',
+ baseUrl: 'https://api.anthropic.com',
+ apiKey: 'sk-ant-test-key-1',
+ createdAt: Date.now(),
+ updatedAt: Date.now()
+ },
+ {
+ id: 'profile-2',
+ name: 'Test Profile 2',
+ baseUrl: 'https://custom.api.com',
+ apiKey: 'sk-custom-key-2',
+ createdAt: Date.now(),
+ updatedAt: Date.now()
+ }
+ ];
+
+ describe('setting valid profile as active', () => {
+ it('should set active profile with valid profileId', async () => {
+ const mockFile: ProfilesFile = {
+ profiles: mockProfiles,
+ activeProfileId: null,
+ version: 1
+ };
+
+ vi.mocked(loadProfilesFile).mockResolvedValue(mockFile);
+ vi.mocked(saveProfilesFile).mockResolvedValue(undefined);
+ vi.mocked(validateFilePermissions).mockResolvedValue(true);
+
+ const handler = getSetActiveHandler();
+ const result = await handler({}, 'profile-1');
+
+ expect(result).toEqual({ success: true });
+ expect(saveProfilesFile).toHaveBeenCalledWith(
+ expect.objectContaining({
+ activeProfileId: 'profile-1'
+ })
+ );
+ });
+
+ it('should return error for non-existent profile', async () => {
+ const mockFile: ProfilesFile = {
+ profiles: mockProfiles,
+ activeProfileId: null,
+ version: 1
+ };
+
+ vi.mocked(loadProfilesFile).mockResolvedValue(mockFile);
+
+ const handler = getSetActiveHandler();
+ const result = await handler({}, 'non-existent-id');
+
+ expect(result).toEqual({
+ success: false,
+ error: 'Profile not found'
+ });
+ });
+ });
+
+ describe('switching to OAuth (null profileId)', () => {
+ it('should accept null profileId to switch to OAuth', async () => {
+ const mockFile: ProfilesFile = {
+ profiles: mockProfiles,
+ activeProfileId: 'profile-1',
+ version: 1
+ };
+
+ vi.mocked(loadProfilesFile).mockResolvedValue(mockFile);
+ vi.mocked(saveProfilesFile).mockResolvedValue(undefined);
+ vi.mocked(validateFilePermissions).mockResolvedValue(true);
+
+ const handler = getSetActiveHandler();
+ const result = await handler({}, null);
+
+ // Should succeed and clear activeProfileId
+ expect(result).toEqual({ success: true });
+ expect(saveProfilesFile).toHaveBeenCalledWith(
+ expect.objectContaining({
+ activeProfileId: null
+ })
+ );
+ });
+
+ it('should handle null when no profile was active', async () => {
+ const mockFile: ProfilesFile = {
+ profiles: mockProfiles,
+ activeProfileId: null,
+ version: 1
+ };
+
+ vi.mocked(loadProfilesFile).mockResolvedValue(mockFile);
+ vi.mocked(saveProfilesFile).mockResolvedValue(undefined);
+ vi.mocked(validateFilePermissions).mockResolvedValue(true);
+
+ const handler = getSetActiveHandler();
+ const result = await handler({}, null);
+
+ // Should succeed (idempotent operation)
+ expect(result).toEqual({ success: true });
+ expect(saveProfilesFile).toHaveBeenCalled();
+ });
+ });
+
+ describe('error handling', () => {
+ it('should handle loadProfilesFile errors', async () => {
+ vi.mocked(loadProfilesFile).mockRejectedValue(
+ new Error('Failed to load profiles')
+ );
+
+ const handler = getSetActiveHandler();
+ const result = await handler({}, 'profile-1');
+
+ expect(result).toEqual({
+ success: false,
+ error: 'Failed to load profiles'
+ });
+ });
+
+ it('should handle saveProfilesFile errors', async () => {
+ const mockFile: ProfilesFile = {
+ profiles: mockProfiles,
+ activeProfileId: null,
+ version: 1
+ };
+
+ vi.mocked(loadProfilesFile).mockResolvedValue(mockFile);
+ vi.mocked(saveProfilesFile).mockRejectedValue(
+ new Error('Failed to save')
+ );
+
+ const handler = getSetActiveHandler();
+ const result = await handler({}, 'profile-1');
+
+ expect(result).toEqual({
+ success: false,
+ error: 'Failed to save'
+ });
+ });
+ });
+});
+
+describe('profile-handlers - testConnection', () => {
+ beforeEach(() => {
+ vi.clearAllMocks();
+ registerProfileHandlers();
+ });
+
+ describe('successful connection tests', () => {
+ it('should return success result for valid connection', async () => {
+ const mockResult: TestConnectionResult = {
+ success: true,
+ message: 'Connection successful'
+ };
+
+ vi.mocked(testConnection).mockResolvedValue(mockResult);
+
+ const handler = getTestConnectionHandler();
+ const result = await handler({}, 'https://api.anthropic.com', 'sk-test-key-12chars');
+
+ expect(result).toEqual({
+ success: true,
+ data: mockResult
+ });
+ expect(testConnection).toHaveBeenCalledWith(
+ 'https://api.anthropic.com',
+ 'sk-test-key-12chars',
+ expect.any(AbortSignal)
+ );
+ });
+ });
+
+ describe('input validation', () => {
+ it('should return error for empty baseUrl', async () => {
+ const handler = getTestConnectionHandler();
+ const result = await handler({}, '', 'sk-test-key-12chars');
+
+ expect(result).toEqual({
+ success: false,
+ error: 'Base URL is required'
+ });
+ expect(testConnection).not.toHaveBeenCalled();
+ });
+
+ it('should return error for whitespace-only baseUrl', async () => {
+ const handler = getTestConnectionHandler();
+ const result = await handler({}, ' ', 'sk-test-key-12chars');
+
+ expect(result).toEqual({
+ success: false,
+ error: 'Base URL is required'
+ });
+ expect(testConnection).not.toHaveBeenCalled();
+ });
+
+ it('should return error for empty apiKey', async () => {
+ const handler = getTestConnectionHandler();
+ const result = await handler({}, 'https://api.anthropic.com', '');
+
+ expect(result).toEqual({
+ success: false,
+ error: 'API key is required'
+ });
+ expect(testConnection).not.toHaveBeenCalled();
+ });
+
+ it('should return error for whitespace-only apiKey', async () => {
+ const handler = getTestConnectionHandler();
+ const result = await handler({}, 'https://api.anthropic.com', ' ');
+
+ expect(result).toEqual({
+ success: false,
+ error: 'API key is required'
+ });
+ expect(testConnection).not.toHaveBeenCalled();
+ });
+ });
+
+ describe('error handling', () => {
+ it('should return IPCResult with TestConnectionResult data for service errors', async () => {
+ const mockResult: TestConnectionResult = {
+ success: false,
+ errorType: 'auth',
+ message: 'Authentication failed. Please check your API key.'
+ };
+
+ vi.mocked(testConnection).mockResolvedValue(mockResult);
+
+ const handler = getTestConnectionHandler();
+ const result = await handler({}, 'https://api.anthropic.com', 'invalid-key');
+
+ expect(result).toEqual({
+ success: true,
+ data: mockResult
+ });
+ });
+
+ it('should return error for unexpected exceptions', async () => {
+ vi.mocked(testConnection).mockRejectedValue(new Error('Unexpected error'));
+
+ const handler = getTestConnectionHandler();
+ const result = await handler({}, 'https://api.anthropic.com', 'sk-test-key-12chars');
+
+ expect(result).toEqual({
+ success: false,
+ error: 'Unexpected error'
+ });
+ });
+
+ it('should return error for non-Error exceptions', async () => {
+ vi.mocked(testConnection).mockRejectedValue('String error');
+
+ const handler = getTestConnectionHandler();
+ const result = await handler({}, 'https://api.anthropic.com', 'sk-test-key-12chars');
+
+ expect(result).toEqual({
+ success: false,
+ error: 'Failed to test connection'
+ });
+ });
+ });
+});
diff --git a/apps/frontend/src/main/ipc-handlers/profile-handlers.ts b/apps/frontend/src/main/ipc-handlers/profile-handlers.ts
new file mode 100644
index 0000000000..6d4cfacbb7
--- /dev/null
+++ b/apps/frontend/src/main/ipc-handlers/profile-handlers.ts
@@ -0,0 +1,358 @@
+/**
+ * Profile IPC Handlers
+ *
+ * IPC handlers for API profile management:
+ * - profiles:get - Get all profiles
+ * - profiles:save - Save/create a profile
+ * - profiles:update - Update an existing profile
+ * - profiles:delete - Delete a profile
+ * - profiles:setActive - Set active profile
+ * - profiles:test-connection - Test API profile connection
+ */
+
+import { ipcMain } from 'electron';
+import { IPC_CHANNELS } from '../../shared/constants';
+import type { IPCResult } from '../../shared/types';
+import type { APIProfile, ProfileFormData, ProfilesFile, TestConnectionResult, DiscoverModelsResult } from '@shared/types/profile';
+import {
+ loadProfilesFile,
+ saveProfilesFile,
+ validateFilePermissions,
+ getProfilesFilePath,
+ atomicModifyProfiles,
+ createProfile,
+ updateProfile,
+ deleteProfile,
+ testConnection,
+ discoverModels
+} from '../services/profile';
+
+// Track active test connection requests for cancellation
+const activeTestConnections = new Map();
+
+// Track active discover models requests for cancellation
+const activeDiscoverModelsRequests = new Map();
+
+/**
+ * Register all profile-related IPC handlers
+ */
+export function registerProfileHandlers(): void {
+ /**
+ * Get all profiles
+ */
+ ipcMain.handle(
+ IPC_CHANNELS.PROFILES_GET,
+ async (): Promise> => {
+ try {
+ const profiles = await loadProfilesFile();
+ return { success: true, data: profiles };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to load profiles'
+ };
+ }
+ }
+ );
+
+ /**
+ * Save/create a profile
+ */
+ ipcMain.handle(
+ IPC_CHANNELS.PROFILES_SAVE,
+ async (
+ _,
+ profileData: ProfileFormData
+ ): Promise> => {
+ try {
+ // Use createProfile from service layer (handles validation)
+ const newProfile = await createProfile(profileData);
+
+ // Set file permissions to user-readable only
+ await validateFilePermissions(getProfilesFilePath()).catch((err) => {
+ console.warn('[profile-handlers] Failed to set secure file permissions:', err);
+ });
+
+ return { success: true, data: newProfile };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to save profile'
+ };
+ }
+ }
+ );
+
+ /**
+ * Update an existing profile
+ */
+ ipcMain.handle(
+ IPC_CHANNELS.PROFILES_UPDATE,
+ async (_, profileData: APIProfile): Promise> => {
+ try {
+ // Use updateProfile from service layer (handles validation)
+ const updatedProfile = await updateProfile({
+ id: profileData.id,
+ name: profileData.name,
+ baseUrl: profileData.baseUrl,
+ apiKey: profileData.apiKey,
+ models: profileData.models
+ });
+
+ // Set file permissions to user-readable only
+ await validateFilePermissions(getProfilesFilePath()).catch((err) => {
+ console.warn('[profile-handlers] Failed to set secure file permissions:', err);
+ });
+
+ return { success: true, data: updatedProfile };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to update profile'
+ };
+ }
+ }
+ );
+
+ /**
+ * Delete a profile
+ */
+ ipcMain.handle(
+ IPC_CHANNELS.PROFILES_DELETE,
+ async (_, profileId: string): Promise => {
+ try {
+ // Use deleteProfile from service layer (handles validation)
+ await deleteProfile(profileId);
+
+ return { success: true };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to delete profile'
+ };
+ }
+ }
+ );
+
+ /**
+ * Set active profile
+ * - If profileId is provided, set that profile as active
+ * - If profileId is null, clear active profile (switch to OAuth)
+ * Uses atomic operation to prevent race conditions
+ */
+ ipcMain.handle(
+ IPC_CHANNELS.PROFILES_SET_ACTIVE,
+ async (_, profileId: string | null): Promise => {
+ try {
+ await atomicModifyProfiles((file) => {
+ // If switching to OAuth (null), clear active profile
+ if (profileId === null) {
+ file.activeProfileId = null;
+ return file;
+ }
+
+ // Check if profile exists
+ const profileExists = file.profiles.some((p) => p.id === profileId);
+ if (!profileExists) {
+ throw new Error('Profile not found');
+ }
+
+ // Set active profile
+ file.activeProfileId = profileId;
+ return file;
+ });
+
+ return { success: true };
+ } catch (error) {
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to set active profile'
+ };
+ }
+ }
+ );
+
+ /**
+ * Test API profile connection
+ * - Tests credentials by making a minimal API request
+ * - Returns detailed error information for different failure types
+ * - Includes configurable timeout (defaults to 15 seconds)
+ * - Supports cancellation via PROFILES_TEST_CONNECTION_CANCEL
+ */
+ ipcMain.handle(
+ IPC_CHANNELS.PROFILES_TEST_CONNECTION,
+ async (_event, baseUrl: string, apiKey: string, requestId: number): Promise> => {
+ // Create AbortController for timeout and cancellation
+ const controller = new AbortController();
+ const timeoutMs = 15000; // 15 seconds
+
+ // Track this request for cancellation
+ activeTestConnections.set(requestId, controller);
+
+ // Set timeout to abort the request
+ const timeoutId = setTimeout(() => {
+ controller.abort();
+ }, timeoutMs);
+
+ try {
+ // Validate inputs (null/empty checks)
+ if (!baseUrl || baseUrl.trim() === '') {
+ clearTimeout(timeoutId);
+ activeTestConnections.delete(requestId);
+ return {
+ success: false,
+ error: 'Base URL is required'
+ };
+ }
+
+ if (!apiKey || apiKey.trim() === '') {
+ clearTimeout(timeoutId);
+ activeTestConnections.delete(requestId);
+ return {
+ success: false,
+ error: 'API key is required'
+ };
+ }
+
+ // Call testConnection from service layer with abort signal
+ const result = await testConnection(baseUrl, apiKey, controller.signal);
+
+ // Clear timeout on success
+ clearTimeout(timeoutId);
+ activeTestConnections.delete(requestId);
+
+ return { success: true, data: result };
+ } catch (error) {
+ // Clear timeout on error
+ clearTimeout(timeoutId);
+ activeTestConnections.delete(requestId);
+
+ // Handle abort errors (timeout or explicit cancellation)
+ if (error instanceof Error && error.name === 'AbortError') {
+ return {
+ success: false,
+ error: 'Connection timeout. The request took too long to complete.'
+ };
+ }
+
+ return {
+ success: false,
+ error: error instanceof Error ? error.message : 'Failed to test connection'
+ };
+ }
+ }
+ );
+
+ /**
+ * Cancel an active test connection request
+ */
+ ipcMain.on(
+ IPC_CHANNELS.PROFILES_TEST_CONNECTION_CANCEL,
+ (_event, requestId: number) => {
+ const controller = activeTestConnections.get(requestId);
+ if (controller) {
+ controller.abort();
+ activeTestConnections.delete(requestId);
+ }
+ }
+ );
+
+ /**
+ * Discover available models from API endpoint
+ * - Fetches list of models from /v1/models endpoint
+ * - Returns model IDs and display names for dropdown selection
+ * - Supports cancellation via PROFILES_DISCOVER_MODELS_CANCEL
+ */
+ ipcMain.handle(
+ IPC_CHANNELS.PROFILES_DISCOVER_MODELS,
+ async (_event, baseUrl: string, apiKey: string, requestId: number): Promise