@aion0/forge 0.10.51 → 0.10.55

package/RELEASE_NOTES.md

@@ -1,8 +1,8 @@
-# Forge v0.10.51
+# Forge v0.10.55
 
 Released: 2026-06-09
 
-## Changes since v0.10.50
+## Changes since v0.10.54
 
 
-**Full Changelog**: https://github.com/aiwatching/forge/compare/v0.10.50...v0.10.51
+**Full Changelog**: https://github.com/aiwatching/forge/compare/v0.10.54...v0.10.55

package/app/api/cache/route.ts

@@ -1,18 +1,32 @@
 /**
- * GET  /api/cache    → list cached cloned-project dirs + total size.
- * DELETE /api/cache  → wipe the whole cloned-projects cache.
- * DELETE /api/cache?name=<entry>  → wipe a single entry.
+ * GET  /api/cache    → cache contents + total size.
+ * DELETE /api/cache  → wipe everything cacheable.
+ * DELETE /api/cache?name=<entry>&category=<cat>  → wipe a single entry.
  *
- * Backs the "Cache" item in the user dropdown. Same data the CLI's
- * `forge clean cache` shows, surfaced in the UI for users who don't
- * touch the terminal.
+ * Backs the "Cache" item in the user dropdown. Three categories:
+ *   • cloned-projects — git clones Forge made for pipeline runs
+ *   • tmp             — chat-saved files (save_tmp_file, new default)
+ *   • scratch         — top-level files in <dataDir>/scratch/. Includes
+ *                       legacy save_scratch_file output (pre-rename) and
+ *                       anything else dropped at scratch root. Subdirs
+ *                       (task workdirs) are NOT listed — they belong to
+ *                       live workspaces, not cache. CLAUDE.md (scratch-
+ *                       project marker) is skipped.
+ *
+ * The `entries` array is flat (categories mixed) so existing Dashboard
+ * UI keeps working without changes — each entry carries a `category`
+ * field for display / per-category deletion. Janitor scope matches:
+ * lib/scratch-cleanup.ts sweeps tmp/ + scratch/ top-level files.
  */
 
 import { NextResponse } from 'next/server';
-import { existsSync, readdirSync, rmSync, statSync } from 'node:fs';
+import { existsSync, readdirSync, rmSync, statSync, unlinkSync } from 'node:fs';
 import { join } from 'node:path';
 import { getDataDir } from '@/lib/dirs';
 
+type Category = 'cloned-projects' | 'tmp' | 'scratch';
+interface CacheEntry { name: string; bytes: number; category: Category }
+
 function dirSizeBytes(p: string): number {
   let total = 0;
   try {
@@ -27,16 +41,89 @@ function dirSizeBytes(p: string): number {
   return total;
 }
 
-function listCache(): { entries: { name: string; bytes: number }[]; total_bytes: number; root: string } {
-  const root = join(getDataDir(), 'cloned-projects');
-  if (!existsSync(root)) return { entries: [], total_bytes: 0, root };
-  const entries: { name: string; bytes: number }[] = [];
-  for (const ent of readdirSync(root, { withFileTypes: true })) {
-    if (!ent.isDirectory()) continue;
-    entries.push({ name: ent.name, bytes: dirSizeBytes(join(root, ent.name)) });
+function listCache(): { entries: CacheEntry[]; total_bytes: number; roots: Record<Category, string> } {
+  const dataDir = getDataDir();
+  const clonedRoot = join(dataDir, 'cloned-projects');
+  const tmpRoot = join(dataDir, 'tmp');
+  const scratchRoot = join(dataDir, 'scratch');
+  const entries: CacheEntry[] = [];
+
+  if (existsSync(clonedRoot)) {
+    for (const ent of readdirSync(clonedRoot, { withFileTypes: true })) {
+      if (!ent.isDirectory()) continue;
+      entries.push({ name: ent.name, bytes: dirSizeBytes(join(clonedRoot, ent.name)), category: 'cloned-projects' });
+    }
   }
+  if (existsSync(tmpRoot)) {
+    for (const ent of readdirSync(tmpRoot, { withFileTypes: true })) {
+      // tmp/ holds bare files written by save_tmp_file (the tool rejects
+      // any filename containing `/`). Subdirs aren't expected — if one
+      // shows up (manual touch, older code) measure recursively so the
+      // entry is still wipable from the UI rather than left dangling.
+      if (ent.name.startsWith('.')) continue;
+      const p = join(tmpRoot, ent.name);
+      try {
+        const st = statSync(p);
+        const bytes = st.isDirectory() ? dirSizeBytes(p) : st.size;
+        entries.push({ name: ent.name, bytes, category: 'tmp' });
+      } catch { /* skip unreadable */ }
+    }
+  }
+  if (existsSync(scratchRoot)) {
+    // scratch/ has two coexisting kinds of content:
+    //   1. Top-level files from legacy save_scratch_file (now renamed
+    //      save_tmp_file → tmp/). Janitor sweeps these at 7d. Listed.
+    //   2. Subdirs that are LIVE workdirs for dispatched tasks (every
+    //      dispatch_task into the scratch project gets one). Deleting
+    //      these mid-run breaks the running task — NOT listed.
+    // CLAUDE.md is the scratch-project marker; preserved by janitor and
+    // hidden here so users can't nuke it from the UI.
+    for (const ent of readdirSync(scratchRoot, { withFileTypes: true })) {
+      if (ent.name.startsWith('.') || ent.name === 'CLAUDE.md') continue;
+      if (!ent.isFile()) continue;
+      const p = join(scratchRoot, ent.name);
+      try {
+        const st = statSync(p);
+        entries.push({ name: ent.name, bytes: st.size, category: 'scratch' });
+      } catch { /* skip unreadable */ }
+    }
+  }
+
   entries.sort((a, b) => b.bytes - a.bytes);
-  return { entries, total_bytes: entries.reduce((s, e) => s + e.bytes, 0), root };
+  return {
+    entries,
+    total_bytes: entries.reduce((s, e) => s + e.bytes, 0),
+    roots: { 'cloned-projects': clonedRoot, tmp: tmpRoot, scratch: scratchRoot },
+  };
+}
+
+function isValidName(name: string): boolean {
+  return !!name && !name.includes('/') && !name.includes('\\') && !name.includes('..');
+}
+
+function rmEntry(category: Category, name: string, dataDir: string): { ok: boolean; bytes: number; error?: string } {
+  // scratch/CLAUDE.md is the project marker — refuse to delete even if
+  // a caller asks for it by name. Same instinct as the listCache filter.
+  if (category === 'scratch' && (name === 'CLAUDE.md' || name.startsWith('.'))) {
+    return { ok: false, bytes: 0, error: 'refused: scratch marker / dotfile' };
+  }
+  const root = join(dataDir, category);
+  const target = join(root, name);
+  if (!existsSync(target)) return { ok: false, bytes: 0, error: 'not found' };
+  let bytes = 0;
+  try {
+    const st = statSync(target);
+    // scratch/ category only deletes top-level files — never the dir
+    // contents of a task workdir subdir. listCache already hides subdirs;
+    // this is belt-and-suspenders for direct API callers.
+    if (category === 'scratch' && st.isDirectory()) {
+      return { ok: false, bytes: 0, error: 'refused: scratch subdir is a live task workdir, not cache' };
+    }
+    bytes = st.isDirectory() ? dirSizeBytes(target) : st.size;
+    if (st.isDirectory()) rmSync(target, { recursive: true, force: true });
+    else unlinkSync(target);
+  } catch (e) { return { ok: false, bytes: 0, error: (e as Error).message }; }
+  return { ok: true, bytes };
 }
 
 export async function GET() {
@@ -46,38 +133,35 @@ export async function GET() {
 export async function DELETE(req: Request) {
   const url = new URL(req.url);
   const name = url.searchParams.get('name');
-  const root = join(getDataDir(), 'cloned-projects');
-  if (!existsSync(root)) {
-    return NextResponse.json({ ok: true, deleted: 0, freed_bytes: 0 });
-  }
-  // Reject anything that escapes the cache root or contains separators —
-  // we accept ONLY a direct subdirectory name (e.g. "fortinet-fortinac-dev").
-  if (name && (name.includes('/') || name.includes('\\') || name.includes('..'))) {
+  const categoryParam = url.searchParams.get('category') as Category | null;
+  const dataDir = getDataDir();
+
+  if (name && !isValidName(name)) {
     return NextResponse.json({ ok: false, error: 'invalid name' }, { status: 400 });
   }
 
-  const before = listCache();
+  // Single-entry delete: scan all categories if category not specified,
+  // so the existing Dashboard "delete by name" call (no category) keeps
+  // working — finds the entry in whichever category owns it.
   if (name) {
-    const target = join(root, name);
-    if (!existsSync(target)) {
-      return NextResponse.json({ ok: false, error: 'not found' }, { status: 404 });
-    }
-    const hit = before.entries.find((e) => e.name === name);
-    try {
-      rmSync(target, { recursive: true, force: true });
-    } catch (e) {
-      return NextResponse.json({ ok: false, error: (e as Error).message }, { status: 500 });
+    const cats: Category[] = categoryParam ? [categoryParam] : ['cloned-projects', 'tmp', 'scratch'];
+    for (const cat of cats) {
+      const r = rmEntry(cat, name, dataDir);
+      if (r.ok) return NextResponse.json({ ok: true, deleted: 1, freed_bytes: r.bytes, category: cat });
+      if (r.error && r.error !== 'not found') {
+        return NextResponse.json({ ok: false, error: r.error }, { status: 500 });
+      }
     }
-    return NextResponse.json({ ok: true, deleted: 1, freed_bytes: hit?.bytes || 0 });
+    return NextResponse.json({ ok: false, error: 'not found' }, { status: 404 });
   }
 
-  // Wipe all
-  let deleted = 0;
-  for (const e of before.entries) {
-    try {
-      rmSync(join(root, e.name), { recursive: true, force: true });
-      deleted++;
-    } catch { /* skip individual failures, report partial */ }
+  // Wipe-all (optionally scoped to one category).
+  const before = listCache();
+  const toDelete = categoryParam ? before.entries.filter((e) => e.category === categoryParam) : before.entries;
+  let deleted = 0, freed = 0;
+  for (const e of toDelete) {
+    const r = rmEntry(e.category, e.name, dataDir);
+    if (r.ok) { deleted++; freed += r.bytes; }
   }
-  return NextResponse.json({ ok: true, deleted, freed_bytes: before.total_bytes });
+  return NextResponse.json({ ok: true, deleted, freed_bytes: freed });
 }

package/app/api/chat/sessions/[id]/abort/route.ts

@@ -0,0 +1,14 @@
+/**
+ * POST /api/chat/sessions/<id>/abort → 200 { ok, running } | 409
+ *
+ * Stops the in-flight tool-call loop for this session. The chat-standalone
+ * agent loop breaks at the next iteration boundary and persists a
+ * "⏹ Stopped by user" assistant message. 409 if no turn is running.
+ */
+
+import { proxyToChat } from '@/lib/chat/proxy';
+
+export async function POST(req: Request, { params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params;
+  return proxyToChat(req, `/api/sessions/${encodeURIComponent(id)}/abort`);
+}

package/app/api/chat/sessions/[id]/note/route.ts

@@ -0,0 +1,16 @@
+/**
+ * POST /api/chat/sessions/<id>/note → 200 { ok, running } | 409
+ *
+ * Queues supplementary text for the running turn. The chat-standalone
+ * agent loop drains queued notes at the top of its next iteration and
+ * splices them in as a user message so the LLM sees them on its next
+ * step. 409 if no turn is running (client should send as a regular
+ * message via POST /messages instead — which also auto-merges).
+ */
+
+import { proxyToChat } from '@/lib/chat/proxy';
+
+export async function POST(req: Request, { params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params;
+  return proxyToChat(req, `/api/sessions/${encodeURIComponent(id)}/note`);
+}

package/app/api/files/[...path]/route.ts

@@ -0,0 +1,94 @@
+/**
+ * GET /api/files/<path...>
+ *   ?download=1   → force Content-Disposition: attachment
+ *
+ * Dataset-wide file reader. Path is dataDir-relative — `tmp/foo.md`,
+ * `scratch/report.md`, `flows/x.yaml`, etc. Pairs with the chat builtin
+ * `read_forge_file` and the in-browser viewer at /files/<path>.
+ *
+ * Sensitive top-level items (encryption keys, sqlite DBs, server log,
+ * `*-tokens.json`) are refused — same blacklist as read_forge_file so
+ * chat-emitted links can't accidentally expose secrets.
+ *
+ * /api/scratch/<path> is the older route that resolves under
+ * <dataDir>/scratch/ only — kept for legacy URLs / link-pattern emits.
+ *
+ * Auth-gated by Forge's proxy middleware just like every other /api/*.
+ */
+
+import { NextResponse } from 'next/server';
+import { existsSync, readFileSync, statSync } from 'node:fs';
+import { join, resolve, extname } from 'node:path';
+import { getDataDir } from '@/lib/dirs';
+
+const MIME: Record<string, string> = {
+  '.md': 'text/markdown; charset=utf-8',
+  '.txt': 'text/plain; charset=utf-8',
+  '.json': 'application/json; charset=utf-8',
+  '.yaml': 'application/yaml; charset=utf-8',
+  '.yml': 'application/yaml; charset=utf-8',
+  '.csv': 'text/csv; charset=utf-8',
+  '.log': 'text/plain; charset=utf-8',
+  '.html': 'text/html; charset=utf-8',
+  '.pdf': 'application/pdf',
+  '.png': 'image/png',
+  '.jpg': 'image/jpeg',
+  '.jpeg': 'image/jpeg',
+  '.gif': 'image/gif',
+  '.svg': 'image/svg+xml',
+};
+
+function isSensitiveTop(top: string): string | null {
+  if (top.startsWith('.')) return 'dotfile';
+  if (/\.(db|db-wal|db-shm)$/i.test(top)) return 'sqlite';
+  if (/^forge\.log/i.test(top)) return 'log';
+  if (/-tokens\.json$/i.test(top)) return 'token cache';
+  return null;
+}
+
+export async function GET(
+  req: Request,
+  ctx: { params: Promise<{ path: string[] }> },
+) {
+  const { path: parts } = await ctx.params;
+  if (!parts || parts.length === 0) {
+    return NextResponse.json({ ok: false, error: 'missing path' }, { status: 400 });
+  }
+  for (const seg of parts) {
+    if (seg === '..' || seg.startsWith('..')) {
+      return NextResponse.json({ ok: false, error: 'path traversal rejected' }, { status: 400 });
+    }
+  }
+  const top = parts[0]!;
+  const blocked = isSensitiveTop(top);
+  if (blocked) {
+    return NextResponse.json({ ok: false, error: `top-level "${top}" is sensitive (${blocked})` }, { status: 403 });
+  }
+  const dataRoot = resolve(getDataDir());
+  const target = resolve(join(dataRoot, ...parts));
+  if (!target.startsWith(dataRoot + '/') && target !== dataRoot) {
+    return NextResponse.json({ ok: false, error: 'path traversal rejected' }, { status: 400 });
+  }
+  if (!existsSync(target)) {
+    return NextResponse.json({ ok: false, error: 'not found' }, { status: 404 });
+  }
+  const st = statSync(target);
+  if (!st.isFile()) {
+    return NextResponse.json({ ok: false, error: 'not a file' }, { status: 400 });
+  }
+  const url = new URL(req.url);
+  const download = url.searchParams.get('download') === '1';
+  const ext = extname(target).toLowerCase();
+  const mime = MIME[ext] || 'application/octet-stream';
+  const data = readFileSync(target);
+  const filename = parts[parts.length - 1];
+  return new NextResponse(new Uint8Array(data), {
+    status: 200,
+    headers: {
+      'Content-Type': mime,
+      'Content-Length': String(st.size),
+      'Content-Disposition': `${download ? 'attachment' : 'inline'}; filename="${filename.replace(/"/g, '\\"')}"`,
+      'Cache-Control': 'private, max-age=0, must-revalidate',
+    },
+  });
+}

package/app/api/scratch/[...path]/route.ts

@@ -7,6 +7,11 @@
  * Path-traversal protected: any segment containing `..` or any resolved
  * path escaping the scratch root is rejected.
  *
+ * For files outside scratch/ (e.g. `tmp/foo.md` from save_tmp_file,
+ * `flows/x.yaml`) the dataDir-wide route at /api/files/[...path] is the
+ * one to use — it shares the same MIME / download / size guards but
+ * roots at <dataDir>/ with a sensitive-file blacklist.
+ *
  * Auth-gated by Forge's proxy middleware just like every other /api/*.
  */