@ait-co/devtools 0.1.62 → 0.1.64

package/dist/mcp/server.js

@@ -964,7 +964,7 @@ function createDevServer(deps = {}) {
 	const aitSource = deps.aitSource ?? new HttpAitSource({ stateEndpoint });
 	const server = new Server({
 		name: "ait-devtools",
-		version: "0.1.62"
+		version: "0.1.64"
 	}, { capabilities: { tools: {} } });
 	server.setRequestHandler(ListToolsRequestSchema, () => ({ tools: DEV_TOOL_DEFINITIONS.map((tool) => ({ ...tool })) }));
 	server.setRequestHandler(CallToolRequestSchema, async (request) => {

package/dist/panel/index.js

@@ -26432,7 +26432,7 @@ function readGlobalString(key) {
 }
 const TELEMETRY_ENDPOINT = readGlobalString("__TELEMETRY_ENDPOINT__") ?? "https://t.aitc.dev";
 function getVersion() {
-	return "0.1.62";
+	return "0.1.64";
 }
 let panelVisibleSince = null;
 let accumulatedMs = 0;
@@ -30683,7 +30683,7 @@ function Panel() {
 								color: "#666",
 								fontWeight: 400
 							},
-							children: ["v", "0.1.62"]
+							children: ["v", "0.1.64"]
 						}),
 						/* @__PURE__ */ (0, import_jsx_runtime.jsx)("button", {
 							type: "button",

package/dist/{tunnel-EVTPTwlb.js → tunnel-CIc0oSit.js}

@@ -148,12 +148,22 @@ async function startTunnelDashboard(opts) {
 	} catch {
 		return;
 	}
+	let totpRefreshHandle = setInterval(() => {
+		server.notifyStateChange();
+	}, 2e4);
+	totpRefreshHandle.unref();
 	const dashboardUrl = `http://127.0.0.1:${server.port}`;
 	const { openUrlInBrowser } = await import("./devtools-opener-BbUXBzgA.js");
 	log(openUrlInBrowser(dashboardUrl) ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}` : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`);
 	return {
 		url: dashboardUrl,
-		close: () => server.close()
+		close: () => {
+			if (totpRefreshHandle) {
+				clearInterval(totpRefreshHandle);
+				totpRefreshHandle = null;
+			}
+			return server.close();
+		}
 	};
 }
 /**
@@ -248,4 +258,4 @@ async function startQuickTunnel(port) {
 //#endregion
 export { printTunnelBanner, startQuickTunnel, startTunnelDashboard };
 
-//# sourceMappingURL=tunnel-EVTPTwlb.js.map
+//# sourceMappingURL=tunnel-CIc0oSit.js.map

package/dist/{tunnel-EVTPTwlb.js.map → tunnel-CIc0oSit.js.map}

@@ -1 +1 @@
-{"version":3,"file":"tunnel-EVTPTwlb.js","names":[],"sources":["../src/unplugin/tunnel.ts"],"sourcesContent":["/**\n * Cloudflare quick-tunnel helper for the devtools unplugin.\n *\n * Loaded lazily (`await import('./tunnel.js')`) only when the `tunnel` option is\n * on, so `cloudflared` / `qrcode-terminal` are never pulled in for the common\n * case. This is the one place in `@ait-co/devtools` that depends on Node-only\n * APIs (`child_process` via the `cloudflared` wrapper) — keep it thin and out of\n * jsdom unit tests; the spawn path is verified by hand / e2e (same spirit as the\n * \"web 모드는 e2e\" rule in CLAUDE.md). The pure helpers below\n * (`parseTrycloudflareUrl`, `printTunnelBanner`) are unit-tested.\n */\n\nimport { existsSync } from 'node:fs';\nimport { mkdir } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\n/** Matches the public URL cloudflared prints for an unauthenticated quick tunnel. */\nconst TRYCLOUDFLARE_RE = /https:\\/\\/[a-z0-9-]+\\.trycloudflare\\.com/i;\n\n/**\n * Extract the `https://<sub>.trycloudflare.com` URL from a line of cloudflared\n * output, or `null` if the line doesn't contain one. Pulled out as a pure\n * function so it can be unit-tested without spawning anything.\n */\nexport function parseTrycloudflareUrl(line: string): string | null {\n  const m = line.match(TRYCLOUDFLARE_RE);\n  return m ? m[0] : null;\n}\n\nexport interface PrintTunnelBannerOptions {\n  /** Print an ASCII QR encoding the tunnel URL (default: true). */\n  qr?: boolean;\n  /** Sink for the banner text (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n  /**\n   * The `wss://` relay URL of the env-2 CDP tunnel, if `tunnel.cdp` is on. When\n   * present the QR deep-link additionally carries `&debug=1&relay=<wss>` so the\n   * framed PWA passes the in-app debug gate and attaches a Chii target — the\n   * same single scan opens screen preview *and* CDP debugging.\n   */\n  relayWssUrl?: string;\n}\n\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Build the deep-link URL that QR codes encode: when the launcher PWA is\n * already on the phone's home screen, scanning this opens it directly into the\n * live view for `tunnelUrl` (the launcher consumes `?url=` and clears it).\n * Plain-text raw URL is no longer enough — the launcher gates its setup UI to\n * the installed PWA, so a raw tunnel URL opened in a normal browser tab would\n * land on a \"please install\" screen.\n *\n * When `relayWssUrl` is given (env-2 CDP wiring), the deep-link also carries\n * `&debug=1&relay=<wss>`; the launcher folds those onto the framed tunnel URL so\n * the in-app debug gate's Layer C (`debug=1` opt-in + `relay=<wss>`) is met and\n * a Chii target.js is injected into the live view.\n */\nexport function buildLauncherDeepLink(tunnelUrl: string, relayWssUrl?: string): string {\n  const base = `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}`;\n  if (!relayWssUrl) return base;\n  return `${base}&debug=1&relay=${encodeURIComponent(relayWssUrl)}`;\n}\n\n/**\n * Print the terminal banner announcing the live tunnel: the public URL, an ASCII\n * QR encoding a launcher deep-link, and a one-line note that quick tunnels are\n * ephemeral, unauthenticated and not for production. Pure w.r.t. side effects\n * other than the injected `log` sink and `qrcode-terminal` — unit-tested.\n */\nexport async function printTunnelBanner(\n  url: string,\n  opts: PrintTunnelBannerOptions = {},\n): Promise<void> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n  const deepLink = buildLauncherDeepLink(url, opts.relayWssUrl);\n  const lines: string[] = [\n    '',\n    '  ┌─ @ait-co/devtools · live tunnel ────────────────────────────',\n    `  │  ${url}`,\n    '  │',\n    `  │  Install the launcher PWA once:  ${LAUNCHER_URL}`,\n    '  │  Then scan the QR below — it opens the launcher directly',\n    '  │  into this tunnel URL (no manual paste needed).',\n    ...(opts.relayWssUrl\n      ? [\n          '  │  The same scan also attaches CDP — connect your AI host',\n          '  │  to the relay and debug the live view on-device.',\n        ]\n      : []),\n    '  │  Quick tunnels are unauthenticated, change every run, and are',\n    '  │  not for production use.',\n    '  └──────────────────────────────────────────────────────────────',\n    '',\n  ];\n  log(lines.join('\\n'));\n\n  if (opts.qr !== false) {\n    // qrcode-terminal is only pulled in on this code path (ambient types live\n    // in src/qrcode-terminal.d.ts).\n    const qrcode = (await import('qrcode-terminal')).default;\n    await new Promise<void>((resolve) => {\n      qrcode.generate(deepLink, { small: true }, (out) => {\n        log(out);\n        resolve();\n      });\n    });\n  }\n}\n\n/**\n * Heuristic: can this process open a GUI browser? Mirrors `canOpenBrowser` in\n * `src/mcp/tools.ts` but is re-declared here (not imported) so the tunnel path\n * does not statically pull the heavy MCP `tools.ts` module graph into the lazy\n * `import('./tunnel.js')` chunk. Kept in sync with the MCP copy.\n *\n *   - macOS / Windows → assume yes (env-2 dev normally runs on the user's Mac).\n *   - Linux → require `DISPLAY` or `WAYLAND_DISPLAY`.\n *   - CI (`CI=true`/`CI=1`) → no.\n */\nfunction canOpenBrowser(): boolean {\n  if (process.env.CI === 'true' || process.env.CI === '1') return false;\n  const platform = process.platform;\n  if (platform === 'darwin' || platform === 'win32') return true;\n  if (platform === 'linux') {\n    return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n  }\n  return false;\n}\n\n/** Handle returned by {@link startTunnelDashboard}. */\nexport interface TunnelDashboard {\n  /** `http://127.0.0.1:<port>` — the local dashboard URL opened in the browser. */\n  url: string;\n  /** Tear down the local HTTP server. Idempotent via the underlying server. */\n  close: () => Promise<void>;\n}\n\nexport interface StartTunnelDashboardOptions {\n  /** The public `https://*.trycloudflare.com` app tunnel URL the launcher frames. */\n  tunnelUrl: string;\n  /** The `wss://` relay URL of the env-2 CDP tunnel. REQUIRED — the dashboard is a CDP-only UX. */\n  relayWssUrl: string;\n  /** Mirror of `tunnel.qr` — when `false` the dashboard is skipped (no browser open). */\n  qr?: boolean;\n  /**\n   * Override the GUI/opt-out gate (testing only). When omitted the real\n   * `canOpenBrowser()` + `AIT_AUTO_DEVTOOLS` checks decide.\n   */\n  shouldOpen?: () => boolean;\n  /** Sink for the one-line \"opened in browser\" note (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n}\n\n/**\n * Env-2 UX parity with env 3/4 (issue #408): when CDP wiring is on and a GUI is\n * available, start the SAME `127.0.0.1` HTML dashboard (QR image + connect steps\n * + FAQ) that the MCP `build_attach_url` path serves, and auto-open it in the\n * browser. headless / opt-out falls back to the terminal ASCII QR (printed\n * separately by {@link printTunnelBanner}).\n *\n * Every part the install-graph invariant depends on (`qrcode`, the MCP HTTP\n * server, the opener) is reached only through dynamic `import()` here, inside\n * the already-lazy `tunnel.js` chunk — nothing is added to the common build\n * graph or the MCP-only install graph.\n *\n * TOTP encapsulation: the dashboard's `getDashboardState` closure mints a FRESH\n * TOTP `at=` code on every call via `generateTotp(secret, Date.now())` and folds\n * it into a fresh `buildLauncherAttachUrl(...)`. Because the QR is re-rendered on\n * each SSE push / page reload from this closure, the code a phone scans is always\n * within its 30 s window — no stale code is baked into static HTML.\n *\n * SECRET-HANDLING: the tunnel host, relay wssUrl, TOTP code, and `.ait_relay`\n * value/path are NEVER written to stdout/stderr/logs here. They live only inside\n * the attach URL (HTML body + `/qr.png` query, per qr-http-server's invariant).\n * The only thing opened/logged is `http://127.0.0.1:<port>` (local, safe).\n *\n * @returns the dashboard handle when it started (caller wires `close()` into the\n *   tunnel cleanup), or `undefined` when skipped (no relay, `qr:false`, headless,\n *   opt-out, or a start failure) — in which case ASCII QR fallback stands alone.\n */\nexport async function startTunnelDashboard(\n  opts: StartTunnelDashboardOptions,\n): Promise<TunnelDashboard | undefined> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n\n  // Gate: dashboard is a CDP-only UX (needs a relay to attach to).\n  if (!opts.relayWssUrl) return undefined;\n  // Opt-out via `tunnel.qr:false` (same toggle that suppresses the ASCII QR).\n  if (opts.qr === false) return undefined;\n\n  // GUI + AIT_AUTO_DEVTOOLS gate. Reuse the MCP opener's opt-out predicate so\n  // the env-2 path honours the same `AIT_AUTO_DEVTOOLS=0` switch as env 3/4.\n  const { isAutoDevtoolsDisabled } = await import('../mcp/devtools-opener.js');\n  const gateOpen = opts.shouldOpen ?? (() => !isAutoDevtoolsDisabled() && canOpenBrowser());\n  if (!gateOpen()) return undefined;\n\n  const { startQrHttpServer } = await import('../mcp/qr-http-server.js');\n  const { buildLauncherAttachUrl } = await import('../mcp/deeplink.js');\n  const { generateTotp } = await import('../mcp/totp.js');\n\n  // getDashboardState — mints a fresh TOTP + attach URL on every call so the QR\n  // the dashboard renders (on load and on each SSE push) is never expired.\n  // SECRET-HANDLING: the secret is read from env AT CALL TIME (it was injected\n  // by ensureRelaySecret in the same CDP block) and is used only to compute the\n  // at= code folded into attachUrl. tunnel.up is always true here — the relay\n  // tunnel is already up by the time this runs.\n  const getDashboardState = () => {\n    const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n    const totpCode = secret ? generateTotp(secret, Date.now()) : undefined;\n    const attachUrl = buildLauncherAttachUrl(opts.tunnelUrl, opts.relayWssUrl, totpCode);\n    // pages: null — env 2(unplugin)는 데몬이 아니라 vite 플러그인 안이라\n    // startChiiRelay 핸들이 connected target을 노출하지 않는다. 라이브 page 목록을\n    // 알 수 없으므로 거짓 빈 목록 대신 \"연결된 Pages\" 섹션 자체를 숨긴다(#411).\n    // env 3/4(debug-server.ts)는 router.active.listTargets()로 실제 목록을 채운다.\n    return { tunnel: { up: true, wssUrl: opts.relayWssUrl }, pages: null, attachUrl };\n  };\n\n  let server: Awaited<ReturnType<typeof startQrHttpServer>>;\n  try {\n    server = await startQrHttpServer(getDashboardState);\n  } catch {\n    // SECRET-HANDLING: do not surface the error (could embed paths/hosts). The\n    // ASCII QR printed by printTunnelBanner stays as the fallback.\n    return undefined;\n  }\n\n  const dashboardUrl = `http://127.0.0.1:${server.port}`;\n\n  const { openUrlInBrowser } = await import('../mcp/devtools-opener.js');\n  const opened = openUrlInBrowser(dashboardUrl);\n  // SECRET-HANDLING: only the local 127.0.0.1 URL is logged — never the tunnel\n  // host, relay wssUrl, or TOTP code.\n  log(\n    opened\n      ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}`\n      : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`,\n  );\n\n  return {\n    url: dashboardUrl,\n    close: () => server.close(),\n  };\n}\n\nexport interface QuickTunnel {\n  /** The public `https://*.trycloudflare.com` URL. */\n  url: string;\n  /** Stop the underlying `cloudflared` process. Idempotent. */\n  stop: () => void;\n}\n\n/**\n * Sanitize cloudflared stderr output for error diagnostics (#421).\n *\n * Masks `*.trycloudflare.com` hostnames and full `https://` / `wss://` URLs\n * that carry those hostnames so tunnel host values never appear in error\n * messages. Diagnostic content (error codes, reasons, JSON blobs) is preserved.\n *\n * SECRET-HANDLING: tunnel host is SECRET-class per harness policy — only\n * placeholder text is emitted.\n */\nexport function sanitizeCloudflaredOutput(line: string): string {\n  // Full URL forms: https://xxx.trycloudflare.com/… and wss://xxx.trycloudflare.com/…\n  let s = line.replace(/(?:https?|wss?):\\/\\/[a-z0-9-]+\\.trycloudflare\\.com(?:\\/[^\\s]*)*/gi, (m) =>\n    m.replace(/[a-z0-9-]+\\.trycloudflare\\.com/i, '<HOST>.trycloudflare.com'),\n  );\n  // Bare hostname without scheme (e.g. printed in cloudflared JSON logs)\n  s = s.replace(/[a-z0-9-]+\\.trycloudflare\\.com/gi, '<HOST>.trycloudflare.com');\n  return s;\n}\n\nconst URL_TIMEOUT_MS = 20_000;\n\n/**\n * Start an unauthenticated Cloudflare quick tunnel to `http://localhost:<port>`\n * and resolve once the public URL is known. Downloads the `cloudflared` binary\n * on first use if it is not already installed. Rejects with a friendly error if\n * no URL appears within {@link URL_TIMEOUT_MS}.\n */\nexport async function startQuickTunnel(port: number): Promise<QuickTunnel> {\n  const cloudflared = await import('cloudflared');\n  const { bin, install, Tunnel } = cloudflared;\n\n  if (!existsSync(bin)) {\n    await mkdir(dirname(bin), { recursive: true });\n    await install(bin);\n  }\n\n  const tunnel = Tunnel.quick(`http://localhost:${port}`);\n  let stopped = false;\n  const stop = () => {\n    if (stopped) return;\n    stopped = true;\n    try {\n      tunnel.stop();\n    } catch {\n      // process may already be gone\n    }\n  };\n\n  return new Promise<QuickTunnel>((resolve, reject) => {\n    // #421: accumulate stderr to attach as diagnostics on failure.\n    // SECRET-HANDLING: lines are sanitized before inclusion in error messages.\n    const stderrLines: string[] = [];\n\n    /**\n     * Format the last `n` sanitized stderr lines as a diagnostic appendix.\n     * Returns an empty string when no lines have been collected.\n     */\n    const stderrTail = (n = 15): string => {\n      if (stderrLines.length === 0) return '';\n      const tail = stderrLines.slice(-n).map(sanitizeCloudflaredOutput).join('');\n      return `\\ncloudflared 출력 (마지막 ${Math.min(n, stderrLines.length)}줄):\\n${tail}`;\n    };\n\n    const timer = setTimeout(() => {\n      cleanup();\n      stop();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared did not report a tunnel URL within ${\n            URL_TIMEOUT_MS / 1000\n          }s. Check your network connection, or run \\`cloudflared tunnel --url http://localhost:${port}\\` manually.${stderrTail()}`,\n        ),\n      );\n    }, URL_TIMEOUT_MS);\n\n    const onUrl = (line: string) => {\n      const found = parseTrycloudflareUrl(line);\n      if (!found) return;\n      clearTimeout(timer);\n      // Stop scanning further output once we have the URL.\n      cleanup();\n      resolve({ url: found, stop });\n    };\n\n    // Accumulate stderr lines for diagnostics (#421). Named so it can be\n    // removed from the listener list when cleanup() runs.\n    const pushStderr = (line: string) => {\n      stderrLines.push(line);\n    };\n\n    const cleanup = () => {\n      tunnel.off('stdout', onUrl);\n      tunnel.off('stderr', onUrl);\n      tunnel.off('stderr', pushStderr);\n    };\n\n    // The library emits a parsed `url` event; we also scan raw stdout/stderr in\n    // case the output format shifts.\n    tunnel.once('url', onUrl);\n    tunnel.on('stdout', onUrl);\n    tunnel.on('stderr', onUrl);\n    // Second stderr listener: accumulate all lines for error diagnostics.\n    tunnel.on('stderr', pushStderr);\n    tunnel.once('error', (err: Error) => {\n      clearTimeout(timer);\n      cleanup();\n      stop();\n      reject(err);\n    });\n    tunnel.once('exit', (code: number | null) => {\n      if (stopped) return;\n      clearTimeout(timer);\n      cleanup();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared exited (code ${code ?? 'null'}) before reporting a tunnel URL.${stderrTail()}`,\n        ),\n      );\n    });\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAiBA,MAAM,mBAAmB;;;;;;AAOzB,SAAgB,sBAAsB,MAA6B;CACjE,MAAM,IAAI,KAAK,MAAM,iBAAiB;AACtC,QAAO,IAAI,EAAE,KAAK;;AAiBpB,MAAM,eAAe;;;;;;;;;;;;;;AAerB,SAAgB,sBAAsB,WAAmB,aAA8B;CACrF,MAAM,OAAO,GAAG,aAAa,OAAO,mBAAmB,UAAU;AACjE,KAAI,CAAC,YAAa,QAAO;AACzB,QAAO,GAAG,KAAK,iBAAiB,mBAAmB,YAAY;;;;;;;;AASjE,eAAsB,kBACpB,KACA,OAAiC,EAAE,EACpB;CACf,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;CACtD,MAAM,WAAW,sBAAsB,KAAK,KAAK,YAAY;AAoB7D,KAnBwB;EACtB;EACA;EACA,QAAQ;EACR;EACA,wCAAwC;EACxC;EACA;EACA,GAAI,KAAK,cACL,CACE,+DACA,uDACD,GACD,EAAE;EACN;EACA;EACA;EACA;EACD,CACS,KAAK,KAAK,CAAC;AAErB,KAAI,KAAK,OAAO,OAAO;EAGrB,MAAM,UAAU,MAAM,OAAO,oBAAoB;AACjD,QAAM,IAAI,SAAe,YAAY;AACnC,UAAO,SAAS,UAAU,EAAE,OAAO,MAAM,GAAG,QAAQ;AAClD,QAAI,IAAI;AACR,aAAS;KACT;IACF;;;;;;;;;;;;;AAcN,SAAS,iBAA0B;AACjC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsDT,eAAsB,qBACpB,MACsC;CACtC,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;AAGtD,KAAI,CAAC,KAAK,YAAa,QAAO,KAAA;AAE9B,KAAI,KAAK,OAAO,MAAO,QAAO,KAAA;CAI9B,MAAM,EAAE,2BAA2B,MAAM,OAAO;AAEhD,KAAI,EADa,KAAK,qBAAqB,CAAC,wBAAwB,IAAI,gBAAgB,IACzE,CAAE,QAAO,KAAA;CAExB,MAAM,EAAE,sBAAsB,MAAM,OAAO;CAC3C,MAAM,EAAE,2BAA2B,MAAM,OAAO;CAChD,MAAM,EAAE,iBAAiB,MAAM,OAAO;CAQtC,MAAM,0BAA0B;EAC9B,MAAM,SAAS,QAAQ,IAAI;EAC3B,MAAM,WAAW,SAAS,aAAa,QAAQ,KAAK,KAAK,CAAC,GAAG,KAAA;EAC7D,MAAM,YAAY,uBAAuB,KAAK,WAAW,KAAK,aAAa,SAAS;AAKpF,SAAO;GAAE,QAAQ;IAAE,IAAI;IAAM,QAAQ,KAAK;IAAa;GAAE,OAAO;GAAM;GAAW;;CAGnF,IAAI;AACJ,KAAI;AACF,WAAS,MAAM,kBAAkB,kBAAkB;SAC7C;AAGN;;CAGF,MAAM,eAAe,oBAAoB,OAAO;CAEhD,MAAM,EAAE,qBAAqB,MAAM,OAAO;AAI1C,KAHe,iBAAiB,aAAa,GAKvC,+CAA+C,iBAC/C,gDAAgD,eACrD;AAED,QAAO;EACL,KAAK;EACL,aAAa,OAAO,OAAO;EAC5B;;;;;;;;;;;;AAoBH,SAAgB,0BAA0B,MAAsB;CAE9D,IAAI,IAAI,KAAK,QAAQ,sEAAsE,MACzF,EAAE,QAAQ,mCAAmC,2BAA2B,CACzE;AAED,KAAI,EAAE,QAAQ,oCAAoC,2BAA2B;AAC7E,QAAO;;AAGT,MAAM,iBAAiB;;;;;;;AAQvB,eAAsB,iBAAiB,MAAoC;CAEzE,MAAM,EAAE,KAAK,SAAS,WADF,MAAM,OAAO;AAGjC,KAAI,CAAC,WAAW,IAAI,EAAE;AACpB,QAAM,MAAM,QAAQ,IAAI,EAAE,EAAE,WAAW,MAAM,CAAC;AAC9C,QAAM,QAAQ,IAAI;;CAGpB,MAAM,SAAS,OAAO,MAAM,oBAAoB,OAAO;CACvD,IAAI,UAAU;CACd,MAAM,aAAa;AACjB,MAAI,QAAS;AACb,YAAU;AACV,MAAI;AACF,UAAO,MAAM;UACP;;AAKV,QAAO,IAAI,SAAsB,SAAS,WAAW;EAGnD,MAAM,cAAwB,EAAE;;;;;EAMhC,MAAM,cAAc,IAAI,OAAe;AACrC,OAAI,YAAY,WAAW,EAAG,QAAO;GACrC,MAAM,OAAO,YAAY,MAAM,CAAC,EAAE,CAAC,IAAI,0BAA0B,CAAC,KAAK,GAAG;AAC1E,UAAO,yBAAyB,KAAK,IAAI,GAAG,YAAY,OAAO,CAAC,OAAO;;EAGzE,MAAM,QAAQ,iBAAiB;AAC7B,YAAS;AACT,SAAM;AACN,0BACE,IAAI,MACF,qEACE,iBAAiB,IAClB,uFAAuF,KAAK,cAAc,YAAY,GACxH,CACF;KACA,eAAe;EAElB,MAAM,SAAS,SAAiB;GAC9B,MAAM,QAAQ,sBAAsB,KAAK;AACzC,OAAI,CAAC,MAAO;AACZ,gBAAa,MAAM;AAEnB,YAAS;AACT,WAAQ;IAAE,KAAK;IAAO;IAAM,CAAC;;EAK/B,MAAM,cAAc,SAAiB;AACnC,eAAY,KAAK,KAAK;;EAGxB,MAAM,gBAAgB;AACpB,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,WAAW;;AAKlC,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,GAAG,UAAU,MAAM;AAC1B,SAAO,GAAG,UAAU,MAAM;AAE1B,SAAO,GAAG,UAAU,WAAW;AAC/B,SAAO,KAAK,UAAU,QAAe;AACnC,gBAAa,MAAM;AACnB,YAAS;AACT,SAAM;AACN,UAAO,IAAI;IACX;AACF,SAAO,KAAK,SAAS,SAAwB;AAC3C,OAAI,QAAS;AACb,gBAAa,MAAM;AACnB,YAAS;AACT,0BACE,IAAI,MACF,+CAA+C,QAAQ,OAAO,kCAAkC,YAAY,GAC7G,CACF;IACD;GACF"}
+{"version":3,"file":"tunnel-CIc0oSit.js","names":[],"sources":["../src/unplugin/tunnel.ts"],"sourcesContent":["/**\n * Cloudflare quick-tunnel helper for the devtools unplugin.\n *\n * Loaded lazily (`await import('./tunnel.js')`) only when the `tunnel` option is\n * on, so `cloudflared` / `qrcode-terminal` are never pulled in for the common\n * case. This is the one place in `@ait-co/devtools` that depends on Node-only\n * APIs (`child_process` via the `cloudflared` wrapper) — keep it thin and out of\n * jsdom unit tests; the spawn path is verified by hand / e2e (same spirit as the\n * \"web 모드는 e2e\" rule in CLAUDE.md). The pure helpers below\n * (`parseTrycloudflareUrl`, `printTunnelBanner`) are unit-tested.\n */\n\nimport { existsSync } from 'node:fs';\nimport { mkdir } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\n/** Matches the public URL cloudflared prints for an unauthenticated quick tunnel. */\nconst TRYCLOUDFLARE_RE = /https:\\/\\/[a-z0-9-]+\\.trycloudflare\\.com/i;\n\n/**\n * Extract the `https://<sub>.trycloudflare.com` URL from a line of cloudflared\n * output, or `null` if the line doesn't contain one. Pulled out as a pure\n * function so it can be unit-tested without spawning anything.\n */\nexport function parseTrycloudflareUrl(line: string): string | null {\n  const m = line.match(TRYCLOUDFLARE_RE);\n  return m ? m[0] : null;\n}\n\nexport interface PrintTunnelBannerOptions {\n  /** Print an ASCII QR encoding the tunnel URL (default: true). */\n  qr?: boolean;\n  /** Sink for the banner text (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n  /**\n   * The `wss://` relay URL of the env-2 CDP tunnel, if `tunnel.cdp` is on. When\n   * present the QR deep-link additionally carries `&debug=1&relay=<wss>` so the\n   * framed PWA passes the in-app debug gate and attaches a Chii target — the\n   * same single scan opens screen preview *and* CDP debugging.\n   */\n  relayWssUrl?: string;\n}\n\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Build the deep-link URL that QR codes encode: when the launcher PWA is\n * already on the phone's home screen, scanning this opens it directly into the\n * live view for `tunnelUrl` (the launcher consumes `?url=` and clears it).\n * Plain-text raw URL is no longer enough — the launcher gates its setup UI to\n * the installed PWA, so a raw tunnel URL opened in a normal browser tab would\n * land on a \"please install\" screen.\n *\n * When `relayWssUrl` is given (env-2 CDP wiring), the deep-link also carries\n * `&debug=1&relay=<wss>`; the launcher folds those onto the framed tunnel URL so\n * the in-app debug gate's Layer C (`debug=1` opt-in + `relay=<wss>`) is met and\n * a Chii target.js is injected into the live view.\n */\nexport function buildLauncherDeepLink(tunnelUrl: string, relayWssUrl?: string): string {\n  const base = `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}`;\n  if (!relayWssUrl) return base;\n  return `${base}&debug=1&relay=${encodeURIComponent(relayWssUrl)}`;\n}\n\n/**\n * Print the terminal banner announcing the live tunnel: the public URL, an ASCII\n * QR encoding a launcher deep-link, and a one-line note that quick tunnels are\n * ephemeral, unauthenticated and not for production. Pure w.r.t. side effects\n * other than the injected `log` sink and `qrcode-terminal` — unit-tested.\n */\nexport async function printTunnelBanner(\n  url: string,\n  opts: PrintTunnelBannerOptions = {},\n): Promise<void> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n  const deepLink = buildLauncherDeepLink(url, opts.relayWssUrl);\n  const lines: string[] = [\n    '',\n    '  ┌─ @ait-co/devtools · live tunnel ────────────────────────────',\n    `  │  ${url}`,\n    '  │',\n    `  │  Install the launcher PWA once:  ${LAUNCHER_URL}`,\n    '  │  Then scan the QR below — it opens the launcher directly',\n    '  │  into this tunnel URL (no manual paste needed).',\n    ...(opts.relayWssUrl\n      ? [\n          '  │  The same scan also attaches CDP — connect your AI host',\n          '  │  to the relay and debug the live view on-device.',\n        ]\n      : []),\n    '  │  Quick tunnels are unauthenticated, change every run, and are',\n    '  │  not for production use.',\n    '  └──────────────────────────────────────────────────────────────',\n    '',\n  ];\n  log(lines.join('\\n'));\n\n  if (opts.qr !== false) {\n    // qrcode-terminal is only pulled in on this code path (ambient types live\n    // in src/qrcode-terminal.d.ts).\n    const qrcode = (await import('qrcode-terminal')).default;\n    await new Promise<void>((resolve) => {\n      qrcode.generate(deepLink, { small: true }, (out) => {\n        log(out);\n        resolve();\n      });\n    });\n  }\n}\n\n/**\n * Heuristic: can this process open a GUI browser? Mirrors `canOpenBrowser` in\n * `src/mcp/tools.ts` but is re-declared here (not imported) so the tunnel path\n * does not statically pull the heavy MCP `tools.ts` module graph into the lazy\n * `import('./tunnel.js')` chunk. Kept in sync with the MCP copy.\n *\n *   - macOS / Windows → assume yes (env-2 dev normally runs on the user's Mac).\n *   - Linux → require `DISPLAY` or `WAYLAND_DISPLAY`.\n *   - CI (`CI=true`/`CI=1`) → no.\n */\nfunction canOpenBrowser(): boolean {\n  if (process.env.CI === 'true' || process.env.CI === '1') return false;\n  const platform = process.platform;\n  if (platform === 'darwin' || platform === 'win32') return true;\n  if (platform === 'linux') {\n    return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n  }\n  return false;\n}\n\n/** Handle returned by {@link startTunnelDashboard}. */\nexport interface TunnelDashboard {\n  /** `http://127.0.0.1:<port>` — the local dashboard URL opened in the browser. */\n  url: string;\n  /** Tear down the local HTTP server. Idempotent via the underlying server. */\n  close: () => Promise<void>;\n}\n\nexport interface StartTunnelDashboardOptions {\n  /** The public `https://*.trycloudflare.com` app tunnel URL the launcher frames. */\n  tunnelUrl: string;\n  /** The `wss://` relay URL of the env-2 CDP tunnel. REQUIRED — the dashboard is a CDP-only UX. */\n  relayWssUrl: string;\n  /** Mirror of `tunnel.qr` — when `false` the dashboard is skipped (no browser open). */\n  qr?: boolean;\n  /**\n   * Override the GUI/opt-out gate (testing only). When omitted the real\n   * `canOpenBrowser()` + `AIT_AUTO_DEVTOOLS` checks decide.\n   */\n  shouldOpen?: () => boolean;\n  /** Sink for the one-line \"opened in browser\" note (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n}\n\n/**\n * Env-2 UX parity with env 3/4 (issue #408): when CDP wiring is on and a GUI is\n * available, start the SAME `127.0.0.1` HTML dashboard (QR image + connect steps\n * + FAQ) that the MCP `build_attach_url` path serves, and auto-open it in the\n * browser. headless / opt-out falls back to the terminal ASCII QR (printed\n * separately by {@link printTunnelBanner}).\n *\n * Every part the install-graph invariant depends on (`qrcode`, the MCP HTTP\n * server, the opener) is reached only through dynamic `import()` here, inside\n * the already-lazy `tunnel.js` chunk — nothing is added to the common build\n * graph or the MCP-only install graph.\n *\n * TOTP encapsulation: the dashboard's `getDashboardState` closure mints a FRESH\n * TOTP `at=` code on every call via `generateTotp(secret, Date.now())` and folds\n * it into a fresh `buildLauncherAttachUrl(...)`. Because the QR is re-rendered on\n * each SSE push / page reload from this closure, the code a phone scans is always\n * within its 30 s window — no stale code is baked into static HTML.\n *\n * SECRET-HANDLING: the tunnel host, relay wssUrl, TOTP code, and `.ait_relay`\n * value/path are NEVER written to stdout/stderr/logs here. They live only inside\n * the attach URL (HTML body + `/qr.png` query, per qr-http-server's invariant).\n * The only thing opened/logged is `http://127.0.0.1:<port>` (local, safe).\n *\n * @returns the dashboard handle when it started (caller wires `close()` into the\n *   tunnel cleanup), or `undefined` when skipped (no relay, `qr:false`, headless,\n *   opt-out, or a start failure) — in which case ASCII QR fallback stands alone.\n */\nexport async function startTunnelDashboard(\n  opts: StartTunnelDashboardOptions,\n): Promise<TunnelDashboard | undefined> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n\n  // Gate: dashboard is a CDP-only UX (needs a relay to attach to).\n  if (!opts.relayWssUrl) return undefined;\n  // Opt-out via `tunnel.qr:false` (same toggle that suppresses the ASCII QR).\n  if (opts.qr === false) return undefined;\n\n  // GUI + AIT_AUTO_DEVTOOLS gate. Reuse the MCP opener's opt-out predicate so\n  // the env-2 path honours the same `AIT_AUTO_DEVTOOLS=0` switch as env 3/4.\n  const { isAutoDevtoolsDisabled } = await import('../mcp/devtools-opener.js');\n  const gateOpen = opts.shouldOpen ?? (() => !isAutoDevtoolsDisabled() && canOpenBrowser());\n  if (!gateOpen()) return undefined;\n\n  const { startQrHttpServer } = await import('../mcp/qr-http-server.js');\n  const { buildLauncherAttachUrl } = await import('../mcp/deeplink.js');\n  const { generateTotp } = await import('../mcp/totp.js');\n\n  // getDashboardState — mints a fresh TOTP + attach URL on every call so the QR\n  // the dashboard renders (on load and on each SSE push) is never expired.\n  // SECRET-HANDLING: the secret is read from env AT CALL TIME (it was injected\n  // by ensureRelaySecret in the same CDP block) and is used only to compute the\n  // at= code folded into attachUrl. tunnel.up is always true here — the relay\n  // tunnel is already up by the time this runs.\n  const getDashboardState = () => {\n    const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n    const totpCode = secret ? generateTotp(secret, Date.now()) : undefined;\n    const attachUrl = buildLauncherAttachUrl(opts.tunnelUrl, opts.relayWssUrl, totpCode);\n    // pages: null — env 2(unplugin)는 데몬이 아니라 vite 플러그인 안이라\n    // startChiiRelay 핸들이 connected target을 노출하지 않는다. 라이브 page 목록을\n    // 알 수 없으므로 거짓 빈 목록 대신 \"연결된 Pages\" 섹션 자체를 숨긴다(#411).\n    // env 3/4(debug-server.ts)는 router.active.listTargets()로 실제 목록을 채운다.\n    return { tunnel: { up: true, wssUrl: opts.relayWssUrl }, pages: null, attachUrl };\n  };\n\n  let server: Awaited<ReturnType<typeof startQrHttpServer>>;\n  try {\n    server = await startQrHttpServer(getDashboardState);\n  } catch {\n    // SECRET-HANDLING: do not surface the error (could embed paths/hosts). The\n    // ASCII QR printed by printTunnelBanner stays as the fallback.\n    return undefined;\n  }\n\n  // TOTP periodic refresh timer — pushes a fresh at= code to SSE clients every\n  // 20 s so a page left open never stales past the 90 s acceptance window (#448).\n  // tunnel.ts always has relayWssUrl available here (gated above), so no\n  // lastAttachParts guard is needed — getDashboardState mints a fresh TOTP on\n  // every call unconditionally.\n  // SECRET-HANDLING: callback is a plain trigger only — TOTP value and at= code\n  // must never be logged or written to stdout.\n  const TOTP_REFRESH_INTERVAL_MS = 20_000;\n  let totpRefreshHandle: ReturnType<typeof setInterval> | null = setInterval(() => {\n    server.notifyStateChange();\n  }, TOTP_REFRESH_INTERVAL_MS);\n  totpRefreshHandle.unref();\n\n  const dashboardUrl = `http://127.0.0.1:${server.port}`;\n\n  const { openUrlInBrowser } = await import('../mcp/devtools-opener.js');\n  const opened = openUrlInBrowser(dashboardUrl);\n  // SECRET-HANDLING: only the local 127.0.0.1 URL is logged — never the tunnel\n  // host, relay wssUrl, or TOTP code.\n  log(\n    opened\n      ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}`\n      : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`,\n  );\n\n  return {\n    url: dashboardUrl,\n    close: () => {\n      if (totpRefreshHandle) {\n        clearInterval(totpRefreshHandle);\n        totpRefreshHandle = null;\n      }\n      return server.close();\n    },\n  };\n}\n\nexport interface QuickTunnel {\n  /** The public `https://*.trycloudflare.com` URL. */\n  url: string;\n  /** Stop the underlying `cloudflared` process. Idempotent. */\n  stop: () => void;\n}\n\n/**\n * Sanitize cloudflared stderr output for error diagnostics (#421).\n *\n * Masks `*.trycloudflare.com` hostnames and full `https://` / `wss://` URLs\n * that carry those hostnames so tunnel host values never appear in error\n * messages. Diagnostic content (error codes, reasons, JSON blobs) is preserved.\n *\n * SECRET-HANDLING: tunnel host is SECRET-class per harness policy — only\n * placeholder text is emitted.\n */\nexport function sanitizeCloudflaredOutput(line: string): string {\n  // Full URL forms: https://xxx.trycloudflare.com/… and wss://xxx.trycloudflare.com/…\n  let s = line.replace(/(?:https?|wss?):\\/\\/[a-z0-9-]+\\.trycloudflare\\.com(?:\\/[^\\s]*)*/gi, (m) =>\n    m.replace(/[a-z0-9-]+\\.trycloudflare\\.com/i, '<HOST>.trycloudflare.com'),\n  );\n  // Bare hostname without scheme (e.g. printed in cloudflared JSON logs)\n  s = s.replace(/[a-z0-9-]+\\.trycloudflare\\.com/gi, '<HOST>.trycloudflare.com');\n  return s;\n}\n\nconst URL_TIMEOUT_MS = 20_000;\n\n/**\n * Start an unauthenticated Cloudflare quick tunnel to `http://localhost:<port>`\n * and resolve once the public URL is known. Downloads the `cloudflared` binary\n * on first use if it is not already installed. Rejects with a friendly error if\n * no URL appears within {@link URL_TIMEOUT_MS}.\n */\nexport async function startQuickTunnel(port: number): Promise<QuickTunnel> {\n  const cloudflared = await import('cloudflared');\n  const { bin, install, Tunnel } = cloudflared;\n\n  if (!existsSync(bin)) {\n    await mkdir(dirname(bin), { recursive: true });\n    await install(bin);\n  }\n\n  const tunnel = Tunnel.quick(`http://localhost:${port}`);\n  let stopped = false;\n  const stop = () => {\n    if (stopped) return;\n    stopped = true;\n    try {\n      tunnel.stop();\n    } catch {\n      // process may already be gone\n    }\n  };\n\n  return new Promise<QuickTunnel>((resolve, reject) => {\n    // #421: accumulate stderr to attach as diagnostics on failure.\n    // SECRET-HANDLING: lines are sanitized before inclusion in error messages.\n    const stderrLines: string[] = [];\n\n    /**\n     * Format the last `n` sanitized stderr lines as a diagnostic appendix.\n     * Returns an empty string when no lines have been collected.\n     */\n    const stderrTail = (n = 15): string => {\n      if (stderrLines.length === 0) return '';\n      const tail = stderrLines.slice(-n).map(sanitizeCloudflaredOutput).join('');\n      return `\\ncloudflared 출력 (마지막 ${Math.min(n, stderrLines.length)}줄):\\n${tail}`;\n    };\n\n    const timer = setTimeout(() => {\n      cleanup();\n      stop();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared did not report a tunnel URL within ${\n            URL_TIMEOUT_MS / 1000\n          }s. Check your network connection, or run \\`cloudflared tunnel --url http://localhost:${port}\\` manually.${stderrTail()}`,\n        ),\n      );\n    }, URL_TIMEOUT_MS);\n\n    const onUrl = (line: string) => {\n      const found = parseTrycloudflareUrl(line);\n      if (!found) return;\n      clearTimeout(timer);\n      // Stop scanning further output once we have the URL.\n      cleanup();\n      resolve({ url: found, stop });\n    };\n\n    // Accumulate stderr lines for diagnostics (#421). Named so it can be\n    // removed from the listener list when cleanup() runs.\n    const pushStderr = (line: string) => {\n      stderrLines.push(line);\n    };\n\n    const cleanup = () => {\n      tunnel.off('stdout', onUrl);\n      tunnel.off('stderr', onUrl);\n      tunnel.off('stderr', pushStderr);\n    };\n\n    // The library emits a parsed `url` event; we also scan raw stdout/stderr in\n    // case the output format shifts.\n    tunnel.once('url', onUrl);\n    tunnel.on('stdout', onUrl);\n    tunnel.on('stderr', onUrl);\n    // Second stderr listener: accumulate all lines for error diagnostics.\n    tunnel.on('stderr', pushStderr);\n    tunnel.once('error', (err: Error) => {\n      clearTimeout(timer);\n      cleanup();\n      stop();\n      reject(err);\n    });\n    tunnel.once('exit', (code: number | null) => {\n      if (stopped) return;\n      clearTimeout(timer);\n      cleanup();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared exited (code ${code ?? 'null'}) before reporting a tunnel URL.${stderrTail()}`,\n        ),\n      );\n    });\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAiBA,MAAM,mBAAmB;;;;;;AAOzB,SAAgB,sBAAsB,MAA6B;CACjE,MAAM,IAAI,KAAK,MAAM,iBAAiB;AACtC,QAAO,IAAI,EAAE,KAAK;;AAiBpB,MAAM,eAAe;;;;;;;;;;;;;;AAerB,SAAgB,sBAAsB,WAAmB,aAA8B;CACrF,MAAM,OAAO,GAAG,aAAa,OAAO,mBAAmB,UAAU;AACjE,KAAI,CAAC,YAAa,QAAO;AACzB,QAAO,GAAG,KAAK,iBAAiB,mBAAmB,YAAY;;;;;;;;AASjE,eAAsB,kBACpB,KACA,OAAiC,EAAE,EACpB;CACf,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;CACtD,MAAM,WAAW,sBAAsB,KAAK,KAAK,YAAY;AAoB7D,KAnBwB;EACtB;EACA;EACA,QAAQ;EACR;EACA,wCAAwC;EACxC;EACA;EACA,GAAI,KAAK,cACL,CACE,+DACA,uDACD,GACD,EAAE;EACN;EACA;EACA;EACA;EACD,CACS,KAAK,KAAK,CAAC;AAErB,KAAI,KAAK,OAAO,OAAO;EAGrB,MAAM,UAAU,MAAM,OAAO,oBAAoB;AACjD,QAAM,IAAI,SAAe,YAAY;AACnC,UAAO,SAAS,UAAU,EAAE,OAAO,MAAM,GAAG,QAAQ;AAClD,QAAI,IAAI;AACR,aAAS;KACT;IACF;;;;;;;;;;;;;AAcN,SAAS,iBAA0B;AACjC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsDT,eAAsB,qBACpB,MACsC;CACtC,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;AAGtD,KAAI,CAAC,KAAK,YAAa,QAAO,KAAA;AAE9B,KAAI,KAAK,OAAO,MAAO,QAAO,KAAA;CAI9B,MAAM,EAAE,2BAA2B,MAAM,OAAO;AAEhD,KAAI,EADa,KAAK,qBAAqB,CAAC,wBAAwB,IAAI,gBAAgB,IACzE,CAAE,QAAO,KAAA;CAExB,MAAM,EAAE,sBAAsB,MAAM,OAAO;CAC3C,MAAM,EAAE,2BAA2B,MAAM,OAAO;CAChD,MAAM,EAAE,iBAAiB,MAAM,OAAO;CAQtC,MAAM,0BAA0B;EAC9B,MAAM,SAAS,QAAQ,IAAI;EAC3B,MAAM,WAAW,SAAS,aAAa,QAAQ,KAAK,KAAK,CAAC,GAAG,KAAA;EAC7D,MAAM,YAAY,uBAAuB,KAAK,WAAW,KAAK,aAAa,SAAS;AAKpF,SAAO;GAAE,QAAQ;IAAE,IAAI;IAAM,QAAQ,KAAK;IAAa;GAAE,OAAO;GAAM;GAAW;;CAGnF,IAAI;AACJ,KAAI;AACF,WAAS,MAAM,kBAAkB,kBAAkB;SAC7C;AAGN;;CAWF,IAAI,oBAA2D,kBAAkB;AAC/E,SAAO,mBAAmB;IAFK,IAGL;AAC5B,mBAAkB,OAAO;CAEzB,MAAM,eAAe,oBAAoB,OAAO;CAEhD,MAAM,EAAE,qBAAqB,MAAM,OAAO;AAI1C,KAHe,iBAAiB,aAAa,GAKvC,+CAA+C,iBAC/C,gDAAgD,eACrD;AAED,QAAO;EACL,KAAK;EACL,aAAa;AACX,OAAI,mBAAmB;AACrB,kBAAc,kBAAkB;AAChC,wBAAoB;;AAEtB,UAAO,OAAO,OAAO;;EAExB;;;;;;;;;;;;AAoBH,SAAgB,0BAA0B,MAAsB;CAE9D,IAAI,IAAI,KAAK,QAAQ,sEAAsE,MACzF,EAAE,QAAQ,mCAAmC,2BAA2B,CACzE;AAED,KAAI,EAAE,QAAQ,oCAAoC,2BAA2B;AAC7E,QAAO;;AAGT,MAAM,iBAAiB;;;;;;;AAQvB,eAAsB,iBAAiB,MAAoC;CAEzE,MAAM,EAAE,KAAK,SAAS,WADF,MAAM,OAAO;AAGjC,KAAI,CAAC,WAAW,IAAI,EAAE;AACpB,QAAM,MAAM,QAAQ,IAAI,EAAE,EAAE,WAAW,MAAM,CAAC;AAC9C,QAAM,QAAQ,IAAI;;CAGpB,MAAM,SAAS,OAAO,MAAM,oBAAoB,OAAO;CACvD,IAAI,UAAU;CACd,MAAM,aAAa;AACjB,MAAI,QAAS;AACb,YAAU;AACV,MAAI;AACF,UAAO,MAAM;UACP;;AAKV,QAAO,IAAI,SAAsB,SAAS,WAAW;EAGnD,MAAM,cAAwB,EAAE;;;;;EAMhC,MAAM,cAAc,IAAI,OAAe;AACrC,OAAI,YAAY,WAAW,EAAG,QAAO;GACrC,MAAM,OAAO,YAAY,MAAM,CAAC,EAAE,CAAC,IAAI,0BAA0B,CAAC,KAAK,GAAG;AAC1E,UAAO,yBAAyB,KAAK,IAAI,GAAG,YAAY,OAAO,CAAC,OAAO;;EAGzE,MAAM,QAAQ,iBAAiB;AAC7B,YAAS;AACT,SAAM;AACN,0BACE,IAAI,MACF,qEACE,iBAAiB,IAClB,uFAAuF,KAAK,cAAc,YAAY,GACxH,CACF;KACA,eAAe;EAElB,MAAM,SAAS,SAAiB;GAC9B,MAAM,QAAQ,sBAAsB,KAAK;AACzC,OAAI,CAAC,MAAO;AACZ,gBAAa,MAAM;AAEnB,YAAS;AACT,WAAQ;IAAE,KAAK;IAAO;IAAM,CAAC;;EAK/B,MAAM,cAAc,SAAiB;AACnC,eAAY,KAAK,KAAK;;EAGxB,MAAM,gBAAgB;AACpB,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,WAAW;;AAKlC,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,GAAG,UAAU,MAAM;AAC1B,SAAO,GAAG,UAAU,MAAM;AAE1B,SAAO,GAAG,UAAU,WAAW;AAC/B,SAAO,KAAK,UAAU,QAAe;AACnC,gBAAa,MAAM;AACnB,YAAS;AACT,SAAM;AACN,UAAO,IAAI;IACX;AACF,SAAO,KAAK,SAAS,SAAwB;AAC3C,OAAI,QAAS;AACb,gBAAa,MAAM;AACnB,YAAS;AACT,0BACE,IAAI,MACF,+CAA+C,QAAQ,OAAO,kCAAkC,YAAY,GAC7G,CACF;IACD;GACF"}

package/dist/{tunnel-g6assoEq.cjs → tunnel-H7VujZz5.cjs}

@@ -148,12 +148,22 @@ async function startTunnelDashboard(opts) {
 	} catch {
 		return;
 	}
+	let totpRefreshHandle = setInterval(() => {
+		server.notifyStateChange();
+	}, 2e4);
+	totpRefreshHandle.unref();
 	const dashboardUrl = `http://127.0.0.1:${server.port}`;
 	const { openUrlInBrowser } = await Promise.resolve().then(() => require("./devtools-opener-Bp671YXu.cjs"));
 	log(openUrlInBrowser(dashboardUrl) ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}` : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`);
 	return {
 		url: dashboardUrl,
-		close: () => server.close()
+		close: () => {
+			if (totpRefreshHandle) {
+				clearInterval(totpRefreshHandle);
+				totpRefreshHandle = null;
+			}
+			return server.close();
+		}
 	};
 }
 /**
@@ -250,4 +260,4 @@ exports.printTunnelBanner = printTunnelBanner;
 exports.startQuickTunnel = startQuickTunnel;
 exports.startTunnelDashboard = startTunnelDashboard;
 
-//# sourceMappingURL=tunnel-g6assoEq.cjs.map
+//# sourceMappingURL=tunnel-H7VujZz5.cjs.map

package/dist/{tunnel-g6assoEq.cjs.map → tunnel-H7VujZz5.cjs.map}

@@ -1 +1 @@
-{"version":3,"file":"tunnel-g6assoEq.cjs","names":[],"sources":["../src/unplugin/tunnel.ts"],"sourcesContent":["/**\n * Cloudflare quick-tunnel helper for the devtools unplugin.\n *\n * Loaded lazily (`await import('./tunnel.js')`) only when the `tunnel` option is\n * on, so `cloudflared` / `qrcode-terminal` are never pulled in for the common\n * case. This is the one place in `@ait-co/devtools` that depends on Node-only\n * APIs (`child_process` via the `cloudflared` wrapper) — keep it thin and out of\n * jsdom unit tests; the spawn path is verified by hand / e2e (same spirit as the\n * \"web 모드는 e2e\" rule in CLAUDE.md). The pure helpers below\n * (`parseTrycloudflareUrl`, `printTunnelBanner`) are unit-tested.\n */\n\nimport { existsSync } from 'node:fs';\nimport { mkdir } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\n/** Matches the public URL cloudflared prints for an unauthenticated quick tunnel. */\nconst TRYCLOUDFLARE_RE = /https:\\/\\/[a-z0-9-]+\\.trycloudflare\\.com/i;\n\n/**\n * Extract the `https://<sub>.trycloudflare.com` URL from a line of cloudflared\n * output, or `null` if the line doesn't contain one. Pulled out as a pure\n * function so it can be unit-tested without spawning anything.\n */\nexport function parseTrycloudflareUrl(line: string): string | null {\n  const m = line.match(TRYCLOUDFLARE_RE);\n  return m ? m[0] : null;\n}\n\nexport interface PrintTunnelBannerOptions {\n  /** Print an ASCII QR encoding the tunnel URL (default: true). */\n  qr?: boolean;\n  /** Sink for the banner text (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n  /**\n   * The `wss://` relay URL of the env-2 CDP tunnel, if `tunnel.cdp` is on. When\n   * present the QR deep-link additionally carries `&debug=1&relay=<wss>` so the\n   * framed PWA passes the in-app debug gate and attaches a Chii target — the\n   * same single scan opens screen preview *and* CDP debugging.\n   */\n  relayWssUrl?: string;\n}\n\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Build the deep-link URL that QR codes encode: when the launcher PWA is\n * already on the phone's home screen, scanning this opens it directly into the\n * live view for `tunnelUrl` (the launcher consumes `?url=` and clears it).\n * Plain-text raw URL is no longer enough — the launcher gates its setup UI to\n * the installed PWA, so a raw tunnel URL opened in a normal browser tab would\n * land on a \"please install\" screen.\n *\n * When `relayWssUrl` is given (env-2 CDP wiring), the deep-link also carries\n * `&debug=1&relay=<wss>`; the launcher folds those onto the framed tunnel URL so\n * the in-app debug gate's Layer C (`debug=1` opt-in + `relay=<wss>`) is met and\n * a Chii target.js is injected into the live view.\n */\nexport function buildLauncherDeepLink(tunnelUrl: string, relayWssUrl?: string): string {\n  const base = `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}`;\n  if (!relayWssUrl) return base;\n  return `${base}&debug=1&relay=${encodeURIComponent(relayWssUrl)}`;\n}\n\n/**\n * Print the terminal banner announcing the live tunnel: the public URL, an ASCII\n * QR encoding a launcher deep-link, and a one-line note that quick tunnels are\n * ephemeral, unauthenticated and not for production. Pure w.r.t. side effects\n * other than the injected `log` sink and `qrcode-terminal` — unit-tested.\n */\nexport async function printTunnelBanner(\n  url: string,\n  opts: PrintTunnelBannerOptions = {},\n): Promise<void> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n  const deepLink = buildLauncherDeepLink(url, opts.relayWssUrl);\n  const lines: string[] = [\n    '',\n    '  ┌─ @ait-co/devtools · live tunnel ────────────────────────────',\n    `  │  ${url}`,\n    '  │',\n    `  │  Install the launcher PWA once:  ${LAUNCHER_URL}`,\n    '  │  Then scan the QR below — it opens the launcher directly',\n    '  │  into this tunnel URL (no manual paste needed).',\n    ...(opts.relayWssUrl\n      ? [\n          '  │  The same scan also attaches CDP — connect your AI host',\n          '  │  to the relay and debug the live view on-device.',\n        ]\n      : []),\n    '  │  Quick tunnels are unauthenticated, change every run, and are',\n    '  │  not for production use.',\n    '  └──────────────────────────────────────────────────────────────',\n    '',\n  ];\n  log(lines.join('\\n'));\n\n  if (opts.qr !== false) {\n    // qrcode-terminal is only pulled in on this code path (ambient types live\n    // in src/qrcode-terminal.d.ts).\n    const qrcode = (await import('qrcode-terminal')).default;\n    await new Promise<void>((resolve) => {\n      qrcode.generate(deepLink, { small: true }, (out) => {\n        log(out);\n        resolve();\n      });\n    });\n  }\n}\n\n/**\n * Heuristic: can this process open a GUI browser? Mirrors `canOpenBrowser` in\n * `src/mcp/tools.ts` but is re-declared here (not imported) so the tunnel path\n * does not statically pull the heavy MCP `tools.ts` module graph into the lazy\n * `import('./tunnel.js')` chunk. Kept in sync with the MCP copy.\n *\n *   - macOS / Windows → assume yes (env-2 dev normally runs on the user's Mac).\n *   - Linux → require `DISPLAY` or `WAYLAND_DISPLAY`.\n *   - CI (`CI=true`/`CI=1`) → no.\n */\nfunction canOpenBrowser(): boolean {\n  if (process.env.CI === 'true' || process.env.CI === '1') return false;\n  const platform = process.platform;\n  if (platform === 'darwin' || platform === 'win32') return true;\n  if (platform === 'linux') {\n    return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n  }\n  return false;\n}\n\n/** Handle returned by {@link startTunnelDashboard}. */\nexport interface TunnelDashboard {\n  /** `http://127.0.0.1:<port>` — the local dashboard URL opened in the browser. */\n  url: string;\n  /** Tear down the local HTTP server. Idempotent via the underlying server. */\n  close: () => Promise<void>;\n}\n\nexport interface StartTunnelDashboardOptions {\n  /** The public `https://*.trycloudflare.com` app tunnel URL the launcher frames. */\n  tunnelUrl: string;\n  /** The `wss://` relay URL of the env-2 CDP tunnel. REQUIRED — the dashboard is a CDP-only UX. */\n  relayWssUrl: string;\n  /** Mirror of `tunnel.qr` — when `false` the dashboard is skipped (no browser open). */\n  qr?: boolean;\n  /**\n   * Override the GUI/opt-out gate (testing only). When omitted the real\n   * `canOpenBrowser()` + `AIT_AUTO_DEVTOOLS` checks decide.\n   */\n  shouldOpen?: () => boolean;\n  /** Sink for the one-line \"opened in browser\" note (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n}\n\n/**\n * Env-2 UX parity with env 3/4 (issue #408): when CDP wiring is on and a GUI is\n * available, start the SAME `127.0.0.1` HTML dashboard (QR image + connect steps\n * + FAQ) that the MCP `build_attach_url` path serves, and auto-open it in the\n * browser. headless / opt-out falls back to the terminal ASCII QR (printed\n * separately by {@link printTunnelBanner}).\n *\n * Every part the install-graph invariant depends on (`qrcode`, the MCP HTTP\n * server, the opener) is reached only through dynamic `import()` here, inside\n * the already-lazy `tunnel.js` chunk — nothing is added to the common build\n * graph or the MCP-only install graph.\n *\n * TOTP encapsulation: the dashboard's `getDashboardState` closure mints a FRESH\n * TOTP `at=` code on every call via `generateTotp(secret, Date.now())` and folds\n * it into a fresh `buildLauncherAttachUrl(...)`. Because the QR is re-rendered on\n * each SSE push / page reload from this closure, the code a phone scans is always\n * within its 30 s window — no stale code is baked into static HTML.\n *\n * SECRET-HANDLING: the tunnel host, relay wssUrl, TOTP code, and `.ait_relay`\n * value/path are NEVER written to stdout/stderr/logs here. They live only inside\n * the attach URL (HTML body + `/qr.png` query, per qr-http-server's invariant).\n * The only thing opened/logged is `http://127.0.0.1:<port>` (local, safe).\n *\n * @returns the dashboard handle when it started (caller wires `close()` into the\n *   tunnel cleanup), or `undefined` when skipped (no relay, `qr:false`, headless,\n *   opt-out, or a start failure) — in which case ASCII QR fallback stands alone.\n */\nexport async function startTunnelDashboard(\n  opts: StartTunnelDashboardOptions,\n): Promise<TunnelDashboard | undefined> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n\n  // Gate: dashboard is a CDP-only UX (needs a relay to attach to).\n  if (!opts.relayWssUrl) return undefined;\n  // Opt-out via `tunnel.qr:false` (same toggle that suppresses the ASCII QR).\n  if (opts.qr === false) return undefined;\n\n  // GUI + AIT_AUTO_DEVTOOLS gate. Reuse the MCP opener's opt-out predicate so\n  // the env-2 path honours the same `AIT_AUTO_DEVTOOLS=0` switch as env 3/4.\n  const { isAutoDevtoolsDisabled } = await import('../mcp/devtools-opener.js');\n  const gateOpen = opts.shouldOpen ?? (() => !isAutoDevtoolsDisabled() && canOpenBrowser());\n  if (!gateOpen()) return undefined;\n\n  const { startQrHttpServer } = await import('../mcp/qr-http-server.js');\n  const { buildLauncherAttachUrl } = await import('../mcp/deeplink.js');\n  const { generateTotp } = await import('../mcp/totp.js');\n\n  // getDashboardState — mints a fresh TOTP + attach URL on every call so the QR\n  // the dashboard renders (on load and on each SSE push) is never expired.\n  // SECRET-HANDLING: the secret is read from env AT CALL TIME (it was injected\n  // by ensureRelaySecret in the same CDP block) and is used only to compute the\n  // at= code folded into attachUrl. tunnel.up is always true here — the relay\n  // tunnel is already up by the time this runs.\n  const getDashboardState = () => {\n    const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n    const totpCode = secret ? generateTotp(secret, Date.now()) : undefined;\n    const attachUrl = buildLauncherAttachUrl(opts.tunnelUrl, opts.relayWssUrl, totpCode);\n    // pages: null — env 2(unplugin)는 데몬이 아니라 vite 플러그인 안이라\n    // startChiiRelay 핸들이 connected target을 노출하지 않는다. 라이브 page 목록을\n    // 알 수 없으므로 거짓 빈 목록 대신 \"연결된 Pages\" 섹션 자체를 숨긴다(#411).\n    // env 3/4(debug-server.ts)는 router.active.listTargets()로 실제 목록을 채운다.\n    return { tunnel: { up: true, wssUrl: opts.relayWssUrl }, pages: null, attachUrl };\n  };\n\n  let server: Awaited<ReturnType<typeof startQrHttpServer>>;\n  try {\n    server = await startQrHttpServer(getDashboardState);\n  } catch {\n    // SECRET-HANDLING: do not surface the error (could embed paths/hosts). The\n    // ASCII QR printed by printTunnelBanner stays as the fallback.\n    return undefined;\n  }\n\n  const dashboardUrl = `http://127.0.0.1:${server.port}`;\n\n  const { openUrlInBrowser } = await import('../mcp/devtools-opener.js');\n  const opened = openUrlInBrowser(dashboardUrl);\n  // SECRET-HANDLING: only the local 127.0.0.1 URL is logged — never the tunnel\n  // host, relay wssUrl, or TOTP code.\n  log(\n    opened\n      ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}`\n      : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`,\n  );\n\n  return {\n    url: dashboardUrl,\n    close: () => server.close(),\n  };\n}\n\nexport interface QuickTunnel {\n  /** The public `https://*.trycloudflare.com` URL. */\n  url: string;\n  /** Stop the underlying `cloudflared` process. Idempotent. */\n  stop: () => void;\n}\n\n/**\n * Sanitize cloudflared stderr output for error diagnostics (#421).\n *\n * Masks `*.trycloudflare.com` hostnames and full `https://` / `wss://` URLs\n * that carry those hostnames so tunnel host values never appear in error\n * messages. Diagnostic content (error codes, reasons, JSON blobs) is preserved.\n *\n * SECRET-HANDLING: tunnel host is SECRET-class per harness policy — only\n * placeholder text is emitted.\n */\nexport function sanitizeCloudflaredOutput(line: string): string {\n  // Full URL forms: https://xxx.trycloudflare.com/… and wss://xxx.trycloudflare.com/…\n  let s = line.replace(/(?:https?|wss?):\\/\\/[a-z0-9-]+\\.trycloudflare\\.com(?:\\/[^\\s]*)*/gi, (m) =>\n    m.replace(/[a-z0-9-]+\\.trycloudflare\\.com/i, '<HOST>.trycloudflare.com'),\n  );\n  // Bare hostname without scheme (e.g. printed in cloudflared JSON logs)\n  s = s.replace(/[a-z0-9-]+\\.trycloudflare\\.com/gi, '<HOST>.trycloudflare.com');\n  return s;\n}\n\nconst URL_TIMEOUT_MS = 20_000;\n\n/**\n * Start an unauthenticated Cloudflare quick tunnel to `http://localhost:<port>`\n * and resolve once the public URL is known. Downloads the `cloudflared` binary\n * on first use if it is not already installed. Rejects with a friendly error if\n * no URL appears within {@link URL_TIMEOUT_MS}.\n */\nexport async function startQuickTunnel(port: number): Promise<QuickTunnel> {\n  const cloudflared = await import('cloudflared');\n  const { bin, install, Tunnel } = cloudflared;\n\n  if (!existsSync(bin)) {\n    await mkdir(dirname(bin), { recursive: true });\n    await install(bin);\n  }\n\n  const tunnel = Tunnel.quick(`http://localhost:${port}`);\n  let stopped = false;\n  const stop = () => {\n    if (stopped) return;\n    stopped = true;\n    try {\n      tunnel.stop();\n    } catch {\n      // process may already be gone\n    }\n  };\n\n  return new Promise<QuickTunnel>((resolve, reject) => {\n    // #421: accumulate stderr to attach as diagnostics on failure.\n    // SECRET-HANDLING: lines are sanitized before inclusion in error messages.\n    const stderrLines: string[] = [];\n\n    /**\n     * Format the last `n` sanitized stderr lines as a diagnostic appendix.\n     * Returns an empty string when no lines have been collected.\n     */\n    const stderrTail = (n = 15): string => {\n      if (stderrLines.length === 0) return '';\n      const tail = stderrLines.slice(-n).map(sanitizeCloudflaredOutput).join('');\n      return `\\ncloudflared 출력 (마지막 ${Math.min(n, stderrLines.length)}줄):\\n${tail}`;\n    };\n\n    const timer = setTimeout(() => {\n      cleanup();\n      stop();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared did not report a tunnel URL within ${\n            URL_TIMEOUT_MS / 1000\n          }s. Check your network connection, or run \\`cloudflared tunnel --url http://localhost:${port}\\` manually.${stderrTail()}`,\n        ),\n      );\n    }, URL_TIMEOUT_MS);\n\n    const onUrl = (line: string) => {\n      const found = parseTrycloudflareUrl(line);\n      if (!found) return;\n      clearTimeout(timer);\n      // Stop scanning further output once we have the URL.\n      cleanup();\n      resolve({ url: found, stop });\n    };\n\n    // Accumulate stderr lines for diagnostics (#421). Named so it can be\n    // removed from the listener list when cleanup() runs.\n    const pushStderr = (line: string) => {\n      stderrLines.push(line);\n    };\n\n    const cleanup = () => {\n      tunnel.off('stdout', onUrl);\n      tunnel.off('stderr', onUrl);\n      tunnel.off('stderr', pushStderr);\n    };\n\n    // The library emits a parsed `url` event; we also scan raw stdout/stderr in\n    // case the output format shifts.\n    tunnel.once('url', onUrl);\n    tunnel.on('stdout', onUrl);\n    tunnel.on('stderr', onUrl);\n    // Second stderr listener: accumulate all lines for error diagnostics.\n    tunnel.on('stderr', pushStderr);\n    tunnel.once('error', (err: Error) => {\n      clearTimeout(timer);\n      cleanup();\n      stop();\n      reject(err);\n    });\n    tunnel.once('exit', (code: number | null) => {\n      if (stopped) return;\n      clearTimeout(timer);\n      cleanup();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared exited (code ${code ?? 'null'}) before reporting a tunnel URL.${stderrTail()}`,\n        ),\n      );\n    });\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAiBA,MAAM,mBAAmB;;;;;;AAOzB,SAAgB,sBAAsB,MAA6B;CACjE,MAAM,IAAI,KAAK,MAAM,iBAAiB;AACtC,QAAO,IAAI,EAAE,KAAK;;AAiBpB,MAAM,eAAe;;;;;;;;;;;;;;AAerB,SAAgB,sBAAsB,WAAmB,aAA8B;CACrF,MAAM,OAAO,GAAG,aAAa,OAAO,mBAAmB,UAAU;AACjE,KAAI,CAAC,YAAa,QAAO;AACzB,QAAO,GAAG,KAAK,iBAAiB,mBAAmB,YAAY;;;;;;;;AASjE,eAAsB,kBACpB,KACA,OAAiC,EAAE,EACpB;CACf,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;CACtD,MAAM,WAAW,sBAAsB,KAAK,KAAK,YAAY;AAoB7D,KAnBwB;EACtB;EACA;EACA,QAAQ;EACR;EACA,wCAAwC;EACxC;EACA;EACA,GAAI,KAAK,cACL,CACE,+DACA,uDACD,GACD,EAAE;EACN;EACA;EACA;EACA;EACD,CACS,KAAK,KAAK,CAAC;AAErB,KAAI,KAAK,OAAO,OAAO;EAGrB,MAAM,UAAU,MAAM,OAAO,oBAAoB;AACjD,QAAM,IAAI,SAAe,YAAY;AACnC,UAAO,SAAS,UAAU,EAAE,OAAO,MAAM,GAAG,QAAQ;AAClD,QAAI,IAAI;AACR,aAAS;KACT;IACF;;;;;;;;;;;;;AAcN,SAAS,iBAA0B;AACjC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsDT,eAAsB,qBACpB,MACsC;CACtC,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;AAGtD,KAAI,CAAC,KAAK,YAAa,QAAO,KAAA;AAE9B,KAAI,KAAK,OAAO,MAAO,QAAO,KAAA;CAI9B,MAAM,EAAE,2BAA2B,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,iCAAA,CAAA;AAEzC,KAAI,EADa,KAAK,qBAAqB,CAAC,wBAAwB,IAAI,gBAAgB,IACzE,CAAE,QAAO,KAAA;CAExB,MAAM,EAAE,sBAAsB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,gCAAA,CAAA;CACpC,MAAM,EAAE,2BAA2B,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,0BAAA,CAAA;CACzC,MAAM,EAAE,iBAAiB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,sBAAA,CAAA;CAQ/B,MAAM,0BAA0B;EAC9B,MAAM,SAAS,QAAQ,IAAI;EAC3B,MAAM,WAAW,SAAS,aAAa,QAAQ,KAAK,KAAK,CAAC,GAAG,KAAA;EAC7D,MAAM,YAAY,uBAAuB,KAAK,WAAW,KAAK,aAAa,SAAS;AAKpF,SAAO;GAAE,QAAQ;IAAE,IAAI;IAAM,QAAQ,KAAK;IAAa;GAAE,OAAO;GAAM;GAAW;;CAGnF,IAAI;AACJ,KAAI;AACF,WAAS,MAAM,kBAAkB,kBAAkB;SAC7C;AAGN;;CAGF,MAAM,eAAe,oBAAoB,OAAO;CAEhD,MAAM,EAAE,qBAAqB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,iCAAA,CAAA;AAInC,KAHe,iBAAiB,aAAa,GAKvC,+CAA+C,iBAC/C,gDAAgD,eACrD;AAED,QAAO;EACL,KAAK;EACL,aAAa,OAAO,OAAO;EAC5B;;;;;;;;;;;;AAoBH,SAAgB,0BAA0B,MAAsB;CAE9D,IAAI,IAAI,KAAK,QAAQ,sEAAsE,MACzF,EAAE,QAAQ,mCAAmC,2BAA2B,CACzE;AAED,KAAI,EAAE,QAAQ,oCAAoC,2BAA2B;AAC7E,QAAO;;AAGT,MAAM,iBAAiB;;;;;;;AAQvB,eAAsB,iBAAiB,MAAoC;CAEzE,MAAM,EAAE,KAAK,SAAS,WADF,MAAM,OAAO;AAGjC,KAAI,EAAA,GAAA,QAAA,YAAY,IAAI,EAAE;AACpB,SAAA,GAAA,iBAAA,QAAA,GAAA,UAAA,SAAoB,IAAI,EAAE,EAAE,WAAW,MAAM,CAAC;AAC9C,QAAM,QAAQ,IAAI;;CAGpB,MAAM,SAAS,OAAO,MAAM,oBAAoB,OAAO;CACvD,IAAI,UAAU;CACd,MAAM,aAAa;AACjB,MAAI,QAAS;AACb,YAAU;AACV,MAAI;AACF,UAAO,MAAM;UACP;;AAKV,QAAO,IAAI,SAAsB,SAAS,WAAW;EAGnD,MAAM,cAAwB,EAAE;;;;;EAMhC,MAAM,cAAc,IAAI,OAAe;AACrC,OAAI,YAAY,WAAW,EAAG,QAAO;GACrC,MAAM,OAAO,YAAY,MAAM,CAAC,EAAE,CAAC,IAAI,0BAA0B,CAAC,KAAK,GAAG;AAC1E,UAAO,yBAAyB,KAAK,IAAI,GAAG,YAAY,OAAO,CAAC,OAAO;;EAGzE,MAAM,QAAQ,iBAAiB;AAC7B,YAAS;AACT,SAAM;AACN,0BACE,IAAI,MACF,qEACE,iBAAiB,IAClB,uFAAuF,KAAK,cAAc,YAAY,GACxH,CACF;KACA,eAAe;EAElB,MAAM,SAAS,SAAiB;GAC9B,MAAM,QAAQ,sBAAsB,KAAK;AACzC,OAAI,CAAC,MAAO;AACZ,gBAAa,MAAM;AAEnB,YAAS;AACT,WAAQ;IAAE,KAAK;IAAO;IAAM,CAAC;;EAK/B,MAAM,cAAc,SAAiB;AACnC,eAAY,KAAK,KAAK;;EAGxB,MAAM,gBAAgB;AACpB,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,WAAW;;AAKlC,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,GAAG,UAAU,MAAM;AAC1B,SAAO,GAAG,UAAU,MAAM;AAE1B,SAAO,GAAG,UAAU,WAAW;AAC/B,SAAO,KAAK,UAAU,QAAe;AACnC,gBAAa,MAAM;AACnB,YAAS;AACT,SAAM;AACN,UAAO,IAAI;IACX;AACF,SAAO,KAAK,SAAS,SAAwB;AAC3C,OAAI,QAAS;AACb,gBAAa,MAAM;AACnB,YAAS;AACT,0BACE,IAAI,MACF,+CAA+C,QAAQ,OAAO,kCAAkC,YAAY,GAC7G,CACF;IACD;GACF"}
+{"version":3,"file":"tunnel-H7VujZz5.cjs","names":[],"sources":["../src/unplugin/tunnel.ts"],"sourcesContent":["/**\n * Cloudflare quick-tunnel helper for the devtools unplugin.\n *\n * Loaded lazily (`await import('./tunnel.js')`) only when the `tunnel` option is\n * on, so `cloudflared` / `qrcode-terminal` are never pulled in for the common\n * case. This is the one place in `@ait-co/devtools` that depends on Node-only\n * APIs (`child_process` via the `cloudflared` wrapper) — keep it thin and out of\n * jsdom unit tests; the spawn path is verified by hand / e2e (same spirit as the\n * \"web 모드는 e2e\" rule in CLAUDE.md). The pure helpers below\n * (`parseTrycloudflareUrl`, `printTunnelBanner`) are unit-tested.\n */\n\nimport { existsSync } from 'node:fs';\nimport { mkdir } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\n/** Matches the public URL cloudflared prints for an unauthenticated quick tunnel. */\nconst TRYCLOUDFLARE_RE = /https:\\/\\/[a-z0-9-]+\\.trycloudflare\\.com/i;\n\n/**\n * Extract the `https://<sub>.trycloudflare.com` URL from a line of cloudflared\n * output, or `null` if the line doesn't contain one. Pulled out as a pure\n * function so it can be unit-tested without spawning anything.\n */\nexport function parseTrycloudflareUrl(line: string): string | null {\n  const m = line.match(TRYCLOUDFLARE_RE);\n  return m ? m[0] : null;\n}\n\nexport interface PrintTunnelBannerOptions {\n  /** Print an ASCII QR encoding the tunnel URL (default: true). */\n  qr?: boolean;\n  /** Sink for the banner text (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n  /**\n   * The `wss://` relay URL of the env-2 CDP tunnel, if `tunnel.cdp` is on. When\n   * present the QR deep-link additionally carries `&debug=1&relay=<wss>` so the\n   * framed PWA passes the in-app debug gate and attaches a Chii target — the\n   * same single scan opens screen preview *and* CDP debugging.\n   */\n  relayWssUrl?: string;\n}\n\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Build the deep-link URL that QR codes encode: when the launcher PWA is\n * already on the phone's home screen, scanning this opens it directly into the\n * live view for `tunnelUrl` (the launcher consumes `?url=` and clears it).\n * Plain-text raw URL is no longer enough — the launcher gates its setup UI to\n * the installed PWA, so a raw tunnel URL opened in a normal browser tab would\n * land on a \"please install\" screen.\n *\n * When `relayWssUrl` is given (env-2 CDP wiring), the deep-link also carries\n * `&debug=1&relay=<wss>`; the launcher folds those onto the framed tunnel URL so\n * the in-app debug gate's Layer C (`debug=1` opt-in + `relay=<wss>`) is met and\n * a Chii target.js is injected into the live view.\n */\nexport function buildLauncherDeepLink(tunnelUrl: string, relayWssUrl?: string): string {\n  const base = `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}`;\n  if (!relayWssUrl) return base;\n  return `${base}&debug=1&relay=${encodeURIComponent(relayWssUrl)}`;\n}\n\n/**\n * Print the terminal banner announcing the live tunnel: the public URL, an ASCII\n * QR encoding a launcher deep-link, and a one-line note that quick tunnels are\n * ephemeral, unauthenticated and not for production. Pure w.r.t. side effects\n * other than the injected `log` sink and `qrcode-terminal` — unit-tested.\n */\nexport async function printTunnelBanner(\n  url: string,\n  opts: PrintTunnelBannerOptions = {},\n): Promise<void> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n  const deepLink = buildLauncherDeepLink(url, opts.relayWssUrl);\n  const lines: string[] = [\n    '',\n    '  ┌─ @ait-co/devtools · live tunnel ────────────────────────────',\n    `  │  ${url}`,\n    '  │',\n    `  │  Install the launcher PWA once:  ${LAUNCHER_URL}`,\n    '  │  Then scan the QR below — it opens the launcher directly',\n    '  │  into this tunnel URL (no manual paste needed).',\n    ...(opts.relayWssUrl\n      ? [\n          '  │  The same scan also attaches CDP — connect your AI host',\n          '  │  to the relay and debug the live view on-device.',\n        ]\n      : []),\n    '  │  Quick tunnels are unauthenticated, change every run, and are',\n    '  │  not for production use.',\n    '  └──────────────────────────────────────────────────────────────',\n    '',\n  ];\n  log(lines.join('\\n'));\n\n  if (opts.qr !== false) {\n    // qrcode-terminal is only pulled in on this code path (ambient types live\n    // in src/qrcode-terminal.d.ts).\n    const qrcode = (await import('qrcode-terminal')).default;\n    await new Promise<void>((resolve) => {\n      qrcode.generate(deepLink, { small: true }, (out) => {\n        log(out);\n        resolve();\n      });\n    });\n  }\n}\n\n/**\n * Heuristic: can this process open a GUI browser? Mirrors `canOpenBrowser` in\n * `src/mcp/tools.ts` but is re-declared here (not imported) so the tunnel path\n * does not statically pull the heavy MCP `tools.ts` module graph into the lazy\n * `import('./tunnel.js')` chunk. Kept in sync with the MCP copy.\n *\n *   - macOS / Windows → assume yes (env-2 dev normally runs on the user's Mac).\n *   - Linux → require `DISPLAY` or `WAYLAND_DISPLAY`.\n *   - CI (`CI=true`/`CI=1`) → no.\n */\nfunction canOpenBrowser(): boolean {\n  if (process.env.CI === 'true' || process.env.CI === '1') return false;\n  const platform = process.platform;\n  if (platform === 'darwin' || platform === 'win32') return true;\n  if (platform === 'linux') {\n    return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n  }\n  return false;\n}\n\n/** Handle returned by {@link startTunnelDashboard}. */\nexport interface TunnelDashboard {\n  /** `http://127.0.0.1:<port>` — the local dashboard URL opened in the browser. */\n  url: string;\n  /** Tear down the local HTTP server. Idempotent via the underlying server. */\n  close: () => Promise<void>;\n}\n\nexport interface StartTunnelDashboardOptions {\n  /** The public `https://*.trycloudflare.com` app tunnel URL the launcher frames. */\n  tunnelUrl: string;\n  /** The `wss://` relay URL of the env-2 CDP tunnel. REQUIRED — the dashboard is a CDP-only UX. */\n  relayWssUrl: string;\n  /** Mirror of `tunnel.qr` — when `false` the dashboard is skipped (no browser open). */\n  qr?: boolean;\n  /**\n   * Override the GUI/opt-out gate (testing only). When omitted the real\n   * `canOpenBrowser()` + `AIT_AUTO_DEVTOOLS` checks decide.\n   */\n  shouldOpen?: () => boolean;\n  /** Sink for the one-line \"opened in browser\" note (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n}\n\n/**\n * Env-2 UX parity with env 3/4 (issue #408): when CDP wiring is on and a GUI is\n * available, start the SAME `127.0.0.1` HTML dashboard (QR image + connect steps\n * + FAQ) that the MCP `build_attach_url` path serves, and auto-open it in the\n * browser. headless / opt-out falls back to the terminal ASCII QR (printed\n * separately by {@link printTunnelBanner}).\n *\n * Every part the install-graph invariant depends on (`qrcode`, the MCP HTTP\n * server, the opener) is reached only through dynamic `import()` here, inside\n * the already-lazy `tunnel.js` chunk — nothing is added to the common build\n * graph or the MCP-only install graph.\n *\n * TOTP encapsulation: the dashboard's `getDashboardState` closure mints a FRESH\n * TOTP `at=` code on every call via `generateTotp(secret, Date.now())` and folds\n * it into a fresh `buildLauncherAttachUrl(...)`. Because the QR is re-rendered on\n * each SSE push / page reload from this closure, the code a phone scans is always\n * within its 30 s window — no stale code is baked into static HTML.\n *\n * SECRET-HANDLING: the tunnel host, relay wssUrl, TOTP code, and `.ait_relay`\n * value/path are NEVER written to stdout/stderr/logs here. They live only inside\n * the attach URL (HTML body + `/qr.png` query, per qr-http-server's invariant).\n * The only thing opened/logged is `http://127.0.0.1:<port>` (local, safe).\n *\n * @returns the dashboard handle when it started (caller wires `close()` into the\n *   tunnel cleanup), or `undefined` when skipped (no relay, `qr:false`, headless,\n *   opt-out, or a start failure) — in which case ASCII QR fallback stands alone.\n */\nexport async function startTunnelDashboard(\n  opts: StartTunnelDashboardOptions,\n): Promise<TunnelDashboard | undefined> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n\n  // Gate: dashboard is a CDP-only UX (needs a relay to attach to).\n  if (!opts.relayWssUrl) return undefined;\n  // Opt-out via `tunnel.qr:false` (same toggle that suppresses the ASCII QR).\n  if (opts.qr === false) return undefined;\n\n  // GUI + AIT_AUTO_DEVTOOLS gate. Reuse the MCP opener's opt-out predicate so\n  // the env-2 path honours the same `AIT_AUTO_DEVTOOLS=0` switch as env 3/4.\n  const { isAutoDevtoolsDisabled } = await import('../mcp/devtools-opener.js');\n  const gateOpen = opts.shouldOpen ?? (() => !isAutoDevtoolsDisabled() && canOpenBrowser());\n  if (!gateOpen()) return undefined;\n\n  const { startQrHttpServer } = await import('../mcp/qr-http-server.js');\n  const { buildLauncherAttachUrl } = await import('../mcp/deeplink.js');\n  const { generateTotp } = await import('../mcp/totp.js');\n\n  // getDashboardState — mints a fresh TOTP + attach URL on every call so the QR\n  // the dashboard renders (on load and on each SSE push) is never expired.\n  // SECRET-HANDLING: the secret is read from env AT CALL TIME (it was injected\n  // by ensureRelaySecret in the same CDP block) and is used only to compute the\n  // at= code folded into attachUrl. tunnel.up is always true here — the relay\n  // tunnel is already up by the time this runs.\n  const getDashboardState = () => {\n    const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n    const totpCode = secret ? generateTotp(secret, Date.now()) : undefined;\n    const attachUrl = buildLauncherAttachUrl(opts.tunnelUrl, opts.relayWssUrl, totpCode);\n    // pages: null — env 2(unplugin)는 데몬이 아니라 vite 플러그인 안이라\n    // startChiiRelay 핸들이 connected target을 노출하지 않는다. 라이브 page 목록을\n    // 알 수 없으므로 거짓 빈 목록 대신 \"연결된 Pages\" 섹션 자체를 숨긴다(#411).\n    // env 3/4(debug-server.ts)는 router.active.listTargets()로 실제 목록을 채운다.\n    return { tunnel: { up: true, wssUrl: opts.relayWssUrl }, pages: null, attachUrl };\n  };\n\n  let server: Awaited<ReturnType<typeof startQrHttpServer>>;\n  try {\n    server = await startQrHttpServer(getDashboardState);\n  } catch {\n    // SECRET-HANDLING: do not surface the error (could embed paths/hosts). The\n    // ASCII QR printed by printTunnelBanner stays as the fallback.\n    return undefined;\n  }\n\n  // TOTP periodic refresh timer — pushes a fresh at= code to SSE clients every\n  // 20 s so a page left open never stales past the 90 s acceptance window (#448).\n  // tunnel.ts always has relayWssUrl available here (gated above), so no\n  // lastAttachParts guard is needed — getDashboardState mints a fresh TOTP on\n  // every call unconditionally.\n  // SECRET-HANDLING: callback is a plain trigger only — TOTP value and at= code\n  // must never be logged or written to stdout.\n  const TOTP_REFRESH_INTERVAL_MS = 20_000;\n  let totpRefreshHandle: ReturnType<typeof setInterval> | null = setInterval(() => {\n    server.notifyStateChange();\n  }, TOTP_REFRESH_INTERVAL_MS);\n  totpRefreshHandle.unref();\n\n  const dashboardUrl = `http://127.0.0.1:${server.port}`;\n\n  const { openUrlInBrowser } = await import('../mcp/devtools-opener.js');\n  const opened = openUrlInBrowser(dashboardUrl);\n  // SECRET-HANDLING: only the local 127.0.0.1 URL is logged — never the tunnel\n  // host, relay wssUrl, or TOTP code.\n  log(\n    opened\n      ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}`\n      : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`,\n  );\n\n  return {\n    url: dashboardUrl,\n    close: () => {\n      if (totpRefreshHandle) {\n        clearInterval(totpRefreshHandle);\n        totpRefreshHandle = null;\n      }\n      return server.close();\n    },\n  };\n}\n\nexport interface QuickTunnel {\n  /** The public `https://*.trycloudflare.com` URL. */\n  url: string;\n  /** Stop the underlying `cloudflared` process. Idempotent. */\n  stop: () => void;\n}\n\n/**\n * Sanitize cloudflared stderr output for error diagnostics (#421).\n *\n * Masks `*.trycloudflare.com` hostnames and full `https://` / `wss://` URLs\n * that carry those hostnames so tunnel host values never appear in error\n * messages. Diagnostic content (error codes, reasons, JSON blobs) is preserved.\n *\n * SECRET-HANDLING: tunnel host is SECRET-class per harness policy — only\n * placeholder text is emitted.\n */\nexport function sanitizeCloudflaredOutput(line: string): string {\n  // Full URL forms: https://xxx.trycloudflare.com/… and wss://xxx.trycloudflare.com/…\n  let s = line.replace(/(?:https?|wss?):\\/\\/[a-z0-9-]+\\.trycloudflare\\.com(?:\\/[^\\s]*)*/gi, (m) =>\n    m.replace(/[a-z0-9-]+\\.trycloudflare\\.com/i, '<HOST>.trycloudflare.com'),\n  );\n  // Bare hostname without scheme (e.g. printed in cloudflared JSON logs)\n  s = s.replace(/[a-z0-9-]+\\.trycloudflare\\.com/gi, '<HOST>.trycloudflare.com');\n  return s;\n}\n\nconst URL_TIMEOUT_MS = 20_000;\n\n/**\n * Start an unauthenticated Cloudflare quick tunnel to `http://localhost:<port>`\n * and resolve once the public URL is known. Downloads the `cloudflared` binary\n * on first use if it is not already installed. Rejects with a friendly error if\n * no URL appears within {@link URL_TIMEOUT_MS}.\n */\nexport async function startQuickTunnel(port: number): Promise<QuickTunnel> {\n  const cloudflared = await import('cloudflared');\n  const { bin, install, Tunnel } = cloudflared;\n\n  if (!existsSync(bin)) {\n    await mkdir(dirname(bin), { recursive: true });\n    await install(bin);\n  }\n\n  const tunnel = Tunnel.quick(`http://localhost:${port}`);\n  let stopped = false;\n  const stop = () => {\n    if (stopped) return;\n    stopped = true;\n    try {\n      tunnel.stop();\n    } catch {\n      // process may already be gone\n    }\n  };\n\n  return new Promise<QuickTunnel>((resolve, reject) => {\n    // #421: accumulate stderr to attach as diagnostics on failure.\n    // SECRET-HANDLING: lines are sanitized before inclusion in error messages.\n    const stderrLines: string[] = [];\n\n    /**\n     * Format the last `n` sanitized stderr lines as a diagnostic appendix.\n     * Returns an empty string when no lines have been collected.\n     */\n    const stderrTail = (n = 15): string => {\n      if (stderrLines.length === 0) return '';\n      const tail = stderrLines.slice(-n).map(sanitizeCloudflaredOutput).join('');\n      return `\\ncloudflared 출력 (마지막 ${Math.min(n, stderrLines.length)}줄):\\n${tail}`;\n    };\n\n    const timer = setTimeout(() => {\n      cleanup();\n      stop();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared did not report a tunnel URL within ${\n            URL_TIMEOUT_MS / 1000\n          }s. Check your network connection, or run \\`cloudflared tunnel --url http://localhost:${port}\\` manually.${stderrTail()}`,\n        ),\n      );\n    }, URL_TIMEOUT_MS);\n\n    const onUrl = (line: string) => {\n      const found = parseTrycloudflareUrl(line);\n      if (!found) return;\n      clearTimeout(timer);\n      // Stop scanning further output once we have the URL.\n      cleanup();\n      resolve({ url: found, stop });\n    };\n\n    // Accumulate stderr lines for diagnostics (#421). Named so it can be\n    // removed from the listener list when cleanup() runs.\n    const pushStderr = (line: string) => {\n      stderrLines.push(line);\n    };\n\n    const cleanup = () => {\n      tunnel.off('stdout', onUrl);\n      tunnel.off('stderr', onUrl);\n      tunnel.off('stderr', pushStderr);\n    };\n\n    // The library emits a parsed `url` event; we also scan raw stdout/stderr in\n    // case the output format shifts.\n    tunnel.once('url', onUrl);\n    tunnel.on('stdout', onUrl);\n    tunnel.on('stderr', onUrl);\n    // Second stderr listener: accumulate all lines for error diagnostics.\n    tunnel.on('stderr', pushStderr);\n    tunnel.once('error', (err: Error) => {\n      clearTimeout(timer);\n      cleanup();\n      stop();\n      reject(err);\n    });\n    tunnel.once('exit', (code: number | null) => {\n      if (stopped) return;\n      clearTimeout(timer);\n      cleanup();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared exited (code ${code ?? 'null'}) before reporting a tunnel URL.${stderrTail()}`,\n        ),\n      );\n    });\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAiBA,MAAM,mBAAmB;;;;;;AAOzB,SAAgB,sBAAsB,MAA6B;CACjE,MAAM,IAAI,KAAK,MAAM,iBAAiB;AACtC,QAAO,IAAI,EAAE,KAAK;;AAiBpB,MAAM,eAAe;;;;;;;;;;;;;;AAerB,SAAgB,sBAAsB,WAAmB,aAA8B;CACrF,MAAM,OAAO,GAAG,aAAa,OAAO,mBAAmB,UAAU;AACjE,KAAI,CAAC,YAAa,QAAO;AACzB,QAAO,GAAG,KAAK,iBAAiB,mBAAmB,YAAY;;;;;;;;AASjE,eAAsB,kBACpB,KACA,OAAiC,EAAE,EACpB;CACf,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;CACtD,MAAM,WAAW,sBAAsB,KAAK,KAAK,YAAY;AAoB7D,KAnBwB;EACtB;EACA;EACA,QAAQ;EACR;EACA,wCAAwC;EACxC;EACA;EACA,GAAI,KAAK,cACL,CACE,+DACA,uDACD,GACD,EAAE;EACN;EACA;EACA;EACA;EACD,CACS,KAAK,KAAK,CAAC;AAErB,KAAI,KAAK,OAAO,OAAO;EAGrB,MAAM,UAAU,MAAM,OAAO,oBAAoB;AACjD,QAAM,IAAI,SAAe,YAAY;AACnC,UAAO,SAAS,UAAU,EAAE,OAAO,MAAM,GAAG,QAAQ;AAClD,QAAI,IAAI;AACR,aAAS;KACT;IACF;;;;;;;;;;;;;AAcN,SAAS,iBAA0B;AACjC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsDT,eAAsB,qBACpB,MACsC;CACtC,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;AAGtD,KAAI,CAAC,KAAK,YAAa,QAAO,KAAA;AAE9B,KAAI,KAAK,OAAO,MAAO,QAAO,KAAA;CAI9B,MAAM,EAAE,2BAA2B,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,iCAAA,CAAA;AAEzC,KAAI,EADa,KAAK,qBAAqB,CAAC,wBAAwB,IAAI,gBAAgB,IACzE,CAAE,QAAO,KAAA;CAExB,MAAM,EAAE,sBAAsB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,gCAAA,CAAA;CACpC,MAAM,EAAE,2BAA2B,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,0BAAA,CAAA;CACzC,MAAM,EAAE,iBAAiB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,sBAAA,CAAA;CAQ/B,MAAM,0BAA0B;EAC9B,MAAM,SAAS,QAAQ,IAAI;EAC3B,MAAM,WAAW,SAAS,aAAa,QAAQ,KAAK,KAAK,CAAC,GAAG,KAAA;EAC7D,MAAM,YAAY,uBAAuB,KAAK,WAAW,KAAK,aAAa,SAAS;AAKpF,SAAO;GAAE,QAAQ;IAAE,IAAI;IAAM,QAAQ,KAAK;IAAa;GAAE,OAAO;GAAM;GAAW;;CAGnF,IAAI;AACJ,KAAI;AACF,WAAS,MAAM,kBAAkB,kBAAkB;SAC7C;AAGN;;CAWF,IAAI,oBAA2D,kBAAkB;AAC/E,SAAO,mBAAmB;IAFK,IAGL;AAC5B,mBAAkB,OAAO;CAEzB,MAAM,eAAe,oBAAoB,OAAO;CAEhD,MAAM,EAAE,qBAAqB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,iCAAA,CAAA;AAInC,KAHe,iBAAiB,aAAa,GAKvC,+CAA+C,iBAC/C,gDAAgD,eACrD;AAED,QAAO;EACL,KAAK;EACL,aAAa;AACX,OAAI,mBAAmB;AACrB,kBAAc,kBAAkB;AAChC,wBAAoB;;AAEtB,UAAO,OAAO,OAAO;;EAExB;;;;;;;;;;;;AAoBH,SAAgB,0BAA0B,MAAsB;CAE9D,IAAI,IAAI,KAAK,QAAQ,sEAAsE,MACzF,EAAE,QAAQ,mCAAmC,2BAA2B,CACzE;AAED,KAAI,EAAE,QAAQ,oCAAoC,2BAA2B;AAC7E,QAAO;;AAGT,MAAM,iBAAiB;;;;;;;AAQvB,eAAsB,iBAAiB,MAAoC;CAEzE,MAAM,EAAE,KAAK,SAAS,WADF,MAAM,OAAO;AAGjC,KAAI,EAAA,GAAA,QAAA,YAAY,IAAI,EAAE;AACpB,SAAA,GAAA,iBAAA,QAAA,GAAA,UAAA,SAAoB,IAAI,EAAE,EAAE,WAAW,MAAM,CAAC;AAC9C,QAAM,QAAQ,IAAI;;CAGpB,MAAM,SAAS,OAAO,MAAM,oBAAoB,OAAO;CACvD,IAAI,UAAU;CACd,MAAM,aAAa;AACjB,MAAI,QAAS;AACb,YAAU;AACV,MAAI;AACF,UAAO,MAAM;UACP;;AAKV,QAAO,IAAI,SAAsB,SAAS,WAAW;EAGnD,MAAM,cAAwB,EAAE;;;;;EAMhC,MAAM,cAAc,IAAI,OAAe;AACrC,OAAI,YAAY,WAAW,EAAG,QAAO;GACrC,MAAM,OAAO,YAAY,MAAM,CAAC,EAAE,CAAC,IAAI,0BAA0B,CAAC,KAAK,GAAG;AAC1E,UAAO,yBAAyB,KAAK,IAAI,GAAG,YAAY,OAAO,CAAC,OAAO;;EAGzE,MAAM,QAAQ,iBAAiB;AAC7B,YAAS;AACT,SAAM;AACN,0BACE,IAAI,MACF,qEACE,iBAAiB,IAClB,uFAAuF,KAAK,cAAc,YAAY,GACxH,CACF;KACA,eAAe;EAElB,MAAM,SAAS,SAAiB;GAC9B,MAAM,QAAQ,sBAAsB,KAAK;AACzC,OAAI,CAAC,MAAO;AACZ,gBAAa,MAAM;AAEnB,YAAS;AACT,WAAQ;IAAE,KAAK;IAAO;IAAM,CAAC;;EAK/B,MAAM,cAAc,SAAiB;AACnC,eAAY,KAAK,KAAK;;EAGxB,MAAM,gBAAgB;AACpB,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,WAAW;;AAKlC,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,GAAG,UAAU,MAAM;AAC1B,SAAO,GAAG,UAAU,MAAM;AAE1B,SAAO,GAAG,UAAU,WAAW;AAC/B,SAAO,KAAK,UAAU,QAAe;AACnC,gBAAa,MAAM;AACnB,YAAS;AACT,SAAM;AACN,UAAO,IAAI;IACX;AACF,SAAO,KAAK,SAAS,SAAwB;AAC3C,OAAI,QAAS;AACb,gBAAa,MAAM;AACnB,YAAS;AACT,0BACE,IAAI,MACF,+CAA+C,QAAQ,OAAO,kCAAkC,YAAY,GAC7G,CACF;IACD;GACF"}

package/dist/unplugin/index.cjs

@@ -224,7 +224,7 @@ const aitDevtoolsPlugin = (0, unplugin.createUnplugin)((options) => {
 							console.warn("[@ait-co/devtools] tunnel: could not determine the dev server port; skipping.");
 							return;
 						}
-						Promise.resolve().then(() => require("../tunnel-g6assoEq.cjs")).then(async ({ startQuickTunnel, printTunnelBanner, startTunnelDashboard }) => {
+						Promise.resolve().then(() => require("../tunnel-H7VujZz5.cjs")).then(async ({ startQuickTunnel, printTunnelBanner, startTunnelDashboard }) => {
 							const t = await startQuickTunnel(port);
 							tunnel = t;
 							let relayWssUrl;

package/dist/unplugin/index.js

@@ -220,7 +220,7 @@ const aitDevtoolsPlugin = createUnplugin((options) => {
 							console.warn("[@ait-co/devtools] tunnel: could not determine the dev server port; skipping.");
 							return;
 						}
-						import("../tunnel-EVTPTwlb.js").then(async ({ startQuickTunnel, printTunnelBanner, startTunnelDashboard }) => {
+						import("../tunnel-CIc0oSit.js").then(async ({ startQuickTunnel, printTunnelBanner, startTunnelDashboard }) => {
 							const t = await startQuickTunnel(port);
 							tunnel = t;
 							let relayWssUrl;

package/dist/unplugin/tunnel.cjs

@@ -149,12 +149,22 @@ async function startTunnelDashboard(opts) {
 	} catch {
 		return;
 	}
+	let totpRefreshHandle = setInterval(() => {
+		server.notifyStateChange();
+	}, 2e4);
+	totpRefreshHandle.unref();
 	const dashboardUrl = `http://127.0.0.1:${server.port}`;
 	const { openUrlInBrowser } = await Promise.resolve().then(() => require("../devtools-opener-h6A-UjzC.cjs"));
 	log(openUrlInBrowser(dashboardUrl) ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}` : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`);
 	return {
 		url: dashboardUrl,
-		close: () => server.close()
+		close: () => {
+			if (totpRefreshHandle) {
+				clearInterval(totpRefreshHandle);
+				totpRefreshHandle = null;
+			}
+			return server.close();
+		}
 	};
 }
 /**

package/dist/unplugin/tunnel.cjs.map

@@ -1 +1 @@
-{"version":3,"file":"tunnel.cjs","names":[],"sources":["../../src/unplugin/tunnel.ts"],"sourcesContent":["/**\n * Cloudflare quick-tunnel helper for the devtools unplugin.\n *\n * Loaded lazily (`await import('./tunnel.js')`) only when the `tunnel` option is\n * on, so `cloudflared` / `qrcode-terminal` are never pulled in for the common\n * case. This is the one place in `@ait-co/devtools` that depends on Node-only\n * APIs (`child_process` via the `cloudflared` wrapper) — keep it thin and out of\n * jsdom unit tests; the spawn path is verified by hand / e2e (same spirit as the\n * \"web 모드는 e2e\" rule in CLAUDE.md). The pure helpers below\n * (`parseTrycloudflareUrl`, `printTunnelBanner`) are unit-tested.\n */\n\nimport { existsSync } from 'node:fs';\nimport { mkdir } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\n/** Matches the public URL cloudflared prints for an unauthenticated quick tunnel. */\nconst TRYCLOUDFLARE_RE = /https:\\/\\/[a-z0-9-]+\\.trycloudflare\\.com/i;\n\n/**\n * Extract the `https://<sub>.trycloudflare.com` URL from a line of cloudflared\n * output, or `null` if the line doesn't contain one. Pulled out as a pure\n * function so it can be unit-tested without spawning anything.\n */\nexport function parseTrycloudflareUrl(line: string): string | null {\n  const m = line.match(TRYCLOUDFLARE_RE);\n  return m ? m[0] : null;\n}\n\nexport interface PrintTunnelBannerOptions {\n  /** Print an ASCII QR encoding the tunnel URL (default: true). */\n  qr?: boolean;\n  /** Sink for the banner text (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n  /**\n   * The `wss://` relay URL of the env-2 CDP tunnel, if `tunnel.cdp` is on. When\n   * present the QR deep-link additionally carries `&debug=1&relay=<wss>` so the\n   * framed PWA passes the in-app debug gate and attaches a Chii target — the\n   * same single scan opens screen preview *and* CDP debugging.\n   */\n  relayWssUrl?: string;\n}\n\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Build the deep-link URL that QR codes encode: when the launcher PWA is\n * already on the phone's home screen, scanning this opens it directly into the\n * live view for `tunnelUrl` (the launcher consumes `?url=` and clears it).\n * Plain-text raw URL is no longer enough — the launcher gates its setup UI to\n * the installed PWA, so a raw tunnel URL opened in a normal browser tab would\n * land on a \"please install\" screen.\n *\n * When `relayWssUrl` is given (env-2 CDP wiring), the deep-link also carries\n * `&debug=1&relay=<wss>`; the launcher folds those onto the framed tunnel URL so\n * the in-app debug gate's Layer C (`debug=1` opt-in + `relay=<wss>`) is met and\n * a Chii target.js is injected into the live view.\n */\nexport function buildLauncherDeepLink(tunnelUrl: string, relayWssUrl?: string): string {\n  const base = `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}`;\n  if (!relayWssUrl) return base;\n  return `${base}&debug=1&relay=${encodeURIComponent(relayWssUrl)}`;\n}\n\n/**\n * Print the terminal banner announcing the live tunnel: the public URL, an ASCII\n * QR encoding a launcher deep-link, and a one-line note that quick tunnels are\n * ephemeral, unauthenticated and not for production. Pure w.r.t. side effects\n * other than the injected `log` sink and `qrcode-terminal` — unit-tested.\n */\nexport async function printTunnelBanner(\n  url: string,\n  opts: PrintTunnelBannerOptions = {},\n): Promise<void> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n  const deepLink = buildLauncherDeepLink(url, opts.relayWssUrl);\n  const lines: string[] = [\n    '',\n    '  ┌─ @ait-co/devtools · live tunnel ────────────────────────────',\n    `  │  ${url}`,\n    '  │',\n    `  │  Install the launcher PWA once:  ${LAUNCHER_URL}`,\n    '  │  Then scan the QR below — it opens the launcher directly',\n    '  │  into this tunnel URL (no manual paste needed).',\n    ...(opts.relayWssUrl\n      ? [\n          '  │  The same scan also attaches CDP — connect your AI host',\n          '  │  to the relay and debug the live view on-device.',\n        ]\n      : []),\n    '  │  Quick tunnels are unauthenticated, change every run, and are',\n    '  │  not for production use.',\n    '  └──────────────────────────────────────────────────────────────',\n    '',\n  ];\n  log(lines.join('\\n'));\n\n  if (opts.qr !== false) {\n    // qrcode-terminal is only pulled in on this code path (ambient types live\n    // in src/qrcode-terminal.d.ts).\n    const qrcode = (await import('qrcode-terminal')).default;\n    await new Promise<void>((resolve) => {\n      qrcode.generate(deepLink, { small: true }, (out) => {\n        log(out);\n        resolve();\n      });\n    });\n  }\n}\n\n/**\n * Heuristic: can this process open a GUI browser? Mirrors `canOpenBrowser` in\n * `src/mcp/tools.ts` but is re-declared here (not imported) so the tunnel path\n * does not statically pull the heavy MCP `tools.ts` module graph into the lazy\n * `import('./tunnel.js')` chunk. Kept in sync with the MCP copy.\n *\n *   - macOS / Windows → assume yes (env-2 dev normally runs on the user's Mac).\n *   - Linux → require `DISPLAY` or `WAYLAND_DISPLAY`.\n *   - CI (`CI=true`/`CI=1`) → no.\n */\nfunction canOpenBrowser(): boolean {\n  if (process.env.CI === 'true' || process.env.CI === '1') return false;\n  const platform = process.platform;\n  if (platform === 'darwin' || platform === 'win32') return true;\n  if (platform === 'linux') {\n    return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n  }\n  return false;\n}\n\n/** Handle returned by {@link startTunnelDashboard}. */\nexport interface TunnelDashboard {\n  /** `http://127.0.0.1:<port>` — the local dashboard URL opened in the browser. */\n  url: string;\n  /** Tear down the local HTTP server. Idempotent via the underlying server. */\n  close: () => Promise<void>;\n}\n\nexport interface StartTunnelDashboardOptions {\n  /** The public `https://*.trycloudflare.com` app tunnel URL the launcher frames. */\n  tunnelUrl: string;\n  /** The `wss://` relay URL of the env-2 CDP tunnel. REQUIRED — the dashboard is a CDP-only UX. */\n  relayWssUrl: string;\n  /** Mirror of `tunnel.qr` — when `false` the dashboard is skipped (no browser open). */\n  qr?: boolean;\n  /**\n   * Override the GUI/opt-out gate (testing only). When omitted the real\n   * `canOpenBrowser()` + `AIT_AUTO_DEVTOOLS` checks decide.\n   */\n  shouldOpen?: () => boolean;\n  /** Sink for the one-line \"opened in browser\" note (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n}\n\n/**\n * Env-2 UX parity with env 3/4 (issue #408): when CDP wiring is on and a GUI is\n * available, start the SAME `127.0.0.1` HTML dashboard (QR image + connect steps\n * + FAQ) that the MCP `build_attach_url` path serves, and auto-open it in the\n * browser. headless / opt-out falls back to the terminal ASCII QR (printed\n * separately by {@link printTunnelBanner}).\n *\n * Every part the install-graph invariant depends on (`qrcode`, the MCP HTTP\n * server, the opener) is reached only through dynamic `import()` here, inside\n * the already-lazy `tunnel.js` chunk — nothing is added to the common build\n * graph or the MCP-only install graph.\n *\n * TOTP encapsulation: the dashboard's `getDashboardState` closure mints a FRESH\n * TOTP `at=` code on every call via `generateTotp(secret, Date.now())` and folds\n * it into a fresh `buildLauncherAttachUrl(...)`. Because the QR is re-rendered on\n * each SSE push / page reload from this closure, the code a phone scans is always\n * within its 30 s window — no stale code is baked into static HTML.\n *\n * SECRET-HANDLING: the tunnel host, relay wssUrl, TOTP code, and `.ait_relay`\n * value/path are NEVER written to stdout/stderr/logs here. They live only inside\n * the attach URL (HTML body + `/qr.png` query, per qr-http-server's invariant).\n * The only thing opened/logged is `http://127.0.0.1:<port>` (local, safe).\n *\n * @returns the dashboard handle when it started (caller wires `close()` into the\n *   tunnel cleanup), or `undefined` when skipped (no relay, `qr:false`, headless,\n *   opt-out, or a start failure) — in which case ASCII QR fallback stands alone.\n */\nexport async function startTunnelDashboard(\n  opts: StartTunnelDashboardOptions,\n): Promise<TunnelDashboard | undefined> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n\n  // Gate: dashboard is a CDP-only UX (needs a relay to attach to).\n  if (!opts.relayWssUrl) return undefined;\n  // Opt-out via `tunnel.qr:false` (same toggle that suppresses the ASCII QR).\n  if (opts.qr === false) return undefined;\n\n  // GUI + AIT_AUTO_DEVTOOLS gate. Reuse the MCP opener's opt-out predicate so\n  // the env-2 path honours the same `AIT_AUTO_DEVTOOLS=0` switch as env 3/4.\n  const { isAutoDevtoolsDisabled } = await import('../mcp/devtools-opener.js');\n  const gateOpen = opts.shouldOpen ?? (() => !isAutoDevtoolsDisabled() && canOpenBrowser());\n  if (!gateOpen()) return undefined;\n\n  const { startQrHttpServer } = await import('../mcp/qr-http-server.js');\n  const { buildLauncherAttachUrl } = await import('../mcp/deeplink.js');\n  const { generateTotp } = await import('../mcp/totp.js');\n\n  // getDashboardState — mints a fresh TOTP + attach URL on every call so the QR\n  // the dashboard renders (on load and on each SSE push) is never expired.\n  // SECRET-HANDLING: the secret is read from env AT CALL TIME (it was injected\n  // by ensureRelaySecret in the same CDP block) and is used only to compute the\n  // at= code folded into attachUrl. tunnel.up is always true here — the relay\n  // tunnel is already up by the time this runs.\n  const getDashboardState = () => {\n    const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n    const totpCode = secret ? generateTotp(secret, Date.now()) : undefined;\n    const attachUrl = buildLauncherAttachUrl(opts.tunnelUrl, opts.relayWssUrl, totpCode);\n    // pages: null — env 2(unplugin)는 데몬이 아니라 vite 플러그인 안이라\n    // startChiiRelay 핸들이 connected target을 노출하지 않는다. 라이브 page 목록을\n    // 알 수 없으므로 거짓 빈 목록 대신 \"연결된 Pages\" 섹션 자체를 숨긴다(#411).\n    // env 3/4(debug-server.ts)는 router.active.listTargets()로 실제 목록을 채운다.\n    return { tunnel: { up: true, wssUrl: opts.relayWssUrl }, pages: null, attachUrl };\n  };\n\n  let server: Awaited<ReturnType<typeof startQrHttpServer>>;\n  try {\n    server = await startQrHttpServer(getDashboardState);\n  } catch {\n    // SECRET-HANDLING: do not surface the error (could embed paths/hosts). The\n    // ASCII QR printed by printTunnelBanner stays as the fallback.\n    return undefined;\n  }\n\n  const dashboardUrl = `http://127.0.0.1:${server.port}`;\n\n  const { openUrlInBrowser } = await import('../mcp/devtools-opener.js');\n  const opened = openUrlInBrowser(dashboardUrl);\n  // SECRET-HANDLING: only the local 127.0.0.1 URL is logged — never the tunnel\n  // host, relay wssUrl, or TOTP code.\n  log(\n    opened\n      ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}`\n      : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`,\n  );\n\n  return {\n    url: dashboardUrl,\n    close: () => server.close(),\n  };\n}\n\nexport interface QuickTunnel {\n  /** The public `https://*.trycloudflare.com` URL. */\n  url: string;\n  /** Stop the underlying `cloudflared` process. Idempotent. */\n  stop: () => void;\n}\n\n/**\n * Sanitize cloudflared stderr output for error diagnostics (#421).\n *\n * Masks `*.trycloudflare.com` hostnames and full `https://` / `wss://` URLs\n * that carry those hostnames so tunnel host values never appear in error\n * messages. Diagnostic content (error codes, reasons, JSON blobs) is preserved.\n *\n * SECRET-HANDLING: tunnel host is SECRET-class per harness policy — only\n * placeholder text is emitted.\n */\nexport function sanitizeCloudflaredOutput(line: string): string {\n  // Full URL forms: https://xxx.trycloudflare.com/… and wss://xxx.trycloudflare.com/…\n  let s = line.replace(/(?:https?|wss?):\\/\\/[a-z0-9-]+\\.trycloudflare\\.com(?:\\/[^\\s]*)*/gi, (m) =>\n    m.replace(/[a-z0-9-]+\\.trycloudflare\\.com/i, '<HOST>.trycloudflare.com'),\n  );\n  // Bare hostname without scheme (e.g. printed in cloudflared JSON logs)\n  s = s.replace(/[a-z0-9-]+\\.trycloudflare\\.com/gi, '<HOST>.trycloudflare.com');\n  return s;\n}\n\nconst URL_TIMEOUT_MS = 20_000;\n\n/**\n * Start an unauthenticated Cloudflare quick tunnel to `http://localhost:<port>`\n * and resolve once the public URL is known. Downloads the `cloudflared` binary\n * on first use if it is not already installed. Rejects with a friendly error if\n * no URL appears within {@link URL_TIMEOUT_MS}.\n */\nexport async function startQuickTunnel(port: number): Promise<QuickTunnel> {\n  const cloudflared = await import('cloudflared');\n  const { bin, install, Tunnel } = cloudflared;\n\n  if (!existsSync(bin)) {\n    await mkdir(dirname(bin), { recursive: true });\n    await install(bin);\n  }\n\n  const tunnel = Tunnel.quick(`http://localhost:${port}`);\n  let stopped = false;\n  const stop = () => {\n    if (stopped) return;\n    stopped = true;\n    try {\n      tunnel.stop();\n    } catch {\n      // process may already be gone\n    }\n  };\n\n  return new Promise<QuickTunnel>((resolve, reject) => {\n    // #421: accumulate stderr to attach as diagnostics on failure.\n    // SECRET-HANDLING: lines are sanitized before inclusion in error messages.\n    const stderrLines: string[] = [];\n\n    /**\n     * Format the last `n` sanitized stderr lines as a diagnostic appendix.\n     * Returns an empty string when no lines have been collected.\n     */\n    const stderrTail = (n = 15): string => {\n      if (stderrLines.length === 0) return '';\n      const tail = stderrLines.slice(-n).map(sanitizeCloudflaredOutput).join('');\n      return `\\ncloudflared 출력 (마지막 ${Math.min(n, stderrLines.length)}줄):\\n${tail}`;\n    };\n\n    const timer = setTimeout(() => {\n      cleanup();\n      stop();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared did not report a tunnel URL within ${\n            URL_TIMEOUT_MS / 1000\n          }s. Check your network connection, or run \\`cloudflared tunnel --url http://localhost:${port}\\` manually.${stderrTail()}`,\n        ),\n      );\n    }, URL_TIMEOUT_MS);\n\n    const onUrl = (line: string) => {\n      const found = parseTrycloudflareUrl(line);\n      if (!found) return;\n      clearTimeout(timer);\n      // Stop scanning further output once we have the URL.\n      cleanup();\n      resolve({ url: found, stop });\n    };\n\n    // Accumulate stderr lines for diagnostics (#421). Named so it can be\n    // removed from the listener list when cleanup() runs.\n    const pushStderr = (line: string) => {\n      stderrLines.push(line);\n    };\n\n    const cleanup = () => {\n      tunnel.off('stdout', onUrl);\n      tunnel.off('stderr', onUrl);\n      tunnel.off('stderr', pushStderr);\n    };\n\n    // The library emits a parsed `url` event; we also scan raw stdout/stderr in\n    // case the output format shifts.\n    tunnel.once('url', onUrl);\n    tunnel.on('stdout', onUrl);\n    tunnel.on('stderr', onUrl);\n    // Second stderr listener: accumulate all lines for error diagnostics.\n    tunnel.on('stderr', pushStderr);\n    tunnel.once('error', (err: Error) => {\n      clearTimeout(timer);\n      cleanup();\n      stop();\n      reject(err);\n    });\n    tunnel.once('exit', (code: number | null) => {\n      if (stopped) return;\n      clearTimeout(timer);\n      cleanup();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared exited (code ${code ?? 'null'}) before reporting a tunnel URL.${stderrTail()}`,\n        ),\n      );\n    });\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAiBA,MAAM,mBAAmB;;;;;;AAOzB,SAAgB,sBAAsB,MAA6B;CACjE,MAAM,IAAI,KAAK,MAAM,iBAAiB;AACtC,QAAO,IAAI,EAAE,KAAK;;AAiBpB,MAAM,eAAe;;;;;;;;;;;;;;AAerB,SAAgB,sBAAsB,WAAmB,aAA8B;CACrF,MAAM,OAAO,GAAG,aAAa,OAAO,mBAAmB,UAAU;AACjE,KAAI,CAAC,YAAa,QAAO;AACzB,QAAO,GAAG,KAAK,iBAAiB,mBAAmB,YAAY;;;;;;;;AASjE,eAAsB,kBACpB,KACA,OAAiC,EAAE,EACpB;CACf,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;CACtD,MAAM,WAAW,sBAAsB,KAAK,KAAK,YAAY;AAoB7D,KAnBwB;EACtB;EACA;EACA,QAAQ;EACR;EACA,wCAAwC;EACxC;EACA;EACA,GAAI,KAAK,cACL,CACE,+DACA,uDACD,GACD,EAAE;EACN;EACA;EACA;EACA;EACD,CACS,KAAK,KAAK,CAAC;AAErB,KAAI,KAAK,OAAO,OAAO;EAGrB,MAAM,UAAU,MAAM,OAAO,oBAAoB;AACjD,QAAM,IAAI,SAAe,YAAY;AACnC,UAAO,SAAS,UAAU,EAAE,OAAO,MAAM,GAAG,QAAQ;AAClD,QAAI,IAAI;AACR,aAAS;KACT;IACF;;;;;;;;;;;;;AAcN,SAAS,iBAA0B;AACjC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsDT,eAAsB,qBACpB,MACsC;CACtC,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;AAGtD,KAAI,CAAC,KAAK,YAAa,QAAO,KAAA;AAE9B,KAAI,KAAK,OAAO,MAAO,QAAO,KAAA;CAI9B,MAAM,EAAE,2BAA2B,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,kCAAA,CAAA;AAEzC,KAAI,EADa,KAAK,qBAAqB,CAAC,wBAAwB,IAAI,gBAAgB,IACzE,CAAE,QAAO,KAAA;CAExB,MAAM,EAAE,sBAAsB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,iCAAA,CAAA;CACpC,MAAM,EAAE,2BAA2B,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,2BAAA,CAAA;CACzC,MAAM,EAAE,iBAAiB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,uBAAA,CAAA;CAQ/B,MAAM,0BAA0B;EAC9B,MAAM,SAAS,QAAQ,IAAI;EAC3B,MAAM,WAAW,SAAS,aAAa,QAAQ,KAAK,KAAK,CAAC,GAAG,KAAA;EAC7D,MAAM,YAAY,uBAAuB,KAAK,WAAW,KAAK,aAAa,SAAS;AAKpF,SAAO;GAAE,QAAQ;IAAE,IAAI;IAAM,QAAQ,KAAK;IAAa;GAAE,OAAO;GAAM;GAAW;;CAGnF,IAAI;AACJ,KAAI;AACF,WAAS,MAAM,kBAAkB,kBAAkB;SAC7C;AAGN;;CAGF,MAAM,eAAe,oBAAoB,OAAO;CAEhD,MAAM,EAAE,qBAAqB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,kCAAA,CAAA;AAInC,KAHe,iBAAiB,aAAa,GAKvC,+CAA+C,iBAC/C,gDAAgD,eACrD;AAED,QAAO;EACL,KAAK;EACL,aAAa,OAAO,OAAO;EAC5B;;;;;;;;;;;;AAoBH,SAAgB,0BAA0B,MAAsB;CAE9D,IAAI,IAAI,KAAK,QAAQ,sEAAsE,MACzF,EAAE,QAAQ,mCAAmC,2BAA2B,CACzE;AAED,KAAI,EAAE,QAAQ,oCAAoC,2BAA2B;AAC7E,QAAO;;AAGT,MAAM,iBAAiB;;;;;;;AAQvB,eAAsB,iBAAiB,MAAoC;CAEzE,MAAM,EAAE,KAAK,SAAS,WADF,MAAM,OAAO;AAGjC,KAAI,EAAA,GAAA,QAAA,YAAY,IAAI,EAAE;AACpB,SAAA,GAAA,iBAAA,QAAA,GAAA,UAAA,SAAoB,IAAI,EAAE,EAAE,WAAW,MAAM,CAAC;AAC9C,QAAM,QAAQ,IAAI;;CAGpB,MAAM,SAAS,OAAO,MAAM,oBAAoB,OAAO;CACvD,IAAI,UAAU;CACd,MAAM,aAAa;AACjB,MAAI,QAAS;AACb,YAAU;AACV,MAAI;AACF,UAAO,MAAM;UACP;;AAKV,QAAO,IAAI,SAAsB,SAAS,WAAW;EAGnD,MAAM,cAAwB,EAAE;;;;;EAMhC,MAAM,cAAc,IAAI,OAAe;AACrC,OAAI,YAAY,WAAW,EAAG,QAAO;GACrC,MAAM,OAAO,YAAY,MAAM,CAAC,EAAE,CAAC,IAAI,0BAA0B,CAAC,KAAK,GAAG;AAC1E,UAAO,yBAAyB,KAAK,IAAI,GAAG,YAAY,OAAO,CAAC,OAAO;;EAGzE,MAAM,QAAQ,iBAAiB;AAC7B,YAAS;AACT,SAAM;AACN,0BACE,IAAI,MACF,qEACE,iBAAiB,IAClB,uFAAuF,KAAK,cAAc,YAAY,GACxH,CACF;KACA,eAAe;EAElB,MAAM,SAAS,SAAiB;GAC9B,MAAM,QAAQ,sBAAsB,KAAK;AACzC,OAAI,CAAC,MAAO;AACZ,gBAAa,MAAM;AAEnB,YAAS;AACT,WAAQ;IAAE,KAAK;IAAO;IAAM,CAAC;;EAK/B,MAAM,cAAc,SAAiB;AACnC,eAAY,KAAK,KAAK;;EAGxB,MAAM,gBAAgB;AACpB,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,WAAW;;AAKlC,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,GAAG,UAAU,MAAM;AAC1B,SAAO,GAAG,UAAU,MAAM;AAE1B,SAAO,GAAG,UAAU,WAAW;AAC/B,SAAO,KAAK,UAAU,QAAe;AACnC,gBAAa,MAAM;AACnB,YAAS;AACT,SAAM;AACN,UAAO,IAAI;IACX;AACF,SAAO,KAAK,SAAS,SAAwB;AAC3C,OAAI,QAAS;AACb,gBAAa,MAAM;AACnB,YAAS;AACT,0BACE,IAAI,MACF,+CAA+C,QAAQ,OAAO,kCAAkC,YAAY,GAC7G,CACF;IACD;GACF"}
+{"version":3,"file":"tunnel.cjs","names":[],"sources":["../../src/unplugin/tunnel.ts"],"sourcesContent":["/**\n * Cloudflare quick-tunnel helper for the devtools unplugin.\n *\n * Loaded lazily (`await import('./tunnel.js')`) only when the `tunnel` option is\n * on, so `cloudflared` / `qrcode-terminal` are never pulled in for the common\n * case. This is the one place in `@ait-co/devtools` that depends on Node-only\n * APIs (`child_process` via the `cloudflared` wrapper) — keep it thin and out of\n * jsdom unit tests; the spawn path is verified by hand / e2e (same spirit as the\n * \"web 모드는 e2e\" rule in CLAUDE.md). The pure helpers below\n * (`parseTrycloudflareUrl`, `printTunnelBanner`) are unit-tested.\n */\n\nimport { existsSync } from 'node:fs';\nimport { mkdir } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\n/** Matches the public URL cloudflared prints for an unauthenticated quick tunnel. */\nconst TRYCLOUDFLARE_RE = /https:\\/\\/[a-z0-9-]+\\.trycloudflare\\.com/i;\n\n/**\n * Extract the `https://<sub>.trycloudflare.com` URL from a line of cloudflared\n * output, or `null` if the line doesn't contain one. Pulled out as a pure\n * function so it can be unit-tested without spawning anything.\n */\nexport function parseTrycloudflareUrl(line: string): string | null {\n  const m = line.match(TRYCLOUDFLARE_RE);\n  return m ? m[0] : null;\n}\n\nexport interface PrintTunnelBannerOptions {\n  /** Print an ASCII QR encoding the tunnel URL (default: true). */\n  qr?: boolean;\n  /** Sink for the banner text (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n  /**\n   * The `wss://` relay URL of the env-2 CDP tunnel, if `tunnel.cdp` is on. When\n   * present the QR deep-link additionally carries `&debug=1&relay=<wss>` so the\n   * framed PWA passes the in-app debug gate and attaches a Chii target — the\n   * same single scan opens screen preview *and* CDP debugging.\n   */\n  relayWssUrl?: string;\n}\n\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Build the deep-link URL that QR codes encode: when the launcher PWA is\n * already on the phone's home screen, scanning this opens it directly into the\n * live view for `tunnelUrl` (the launcher consumes `?url=` and clears it).\n * Plain-text raw URL is no longer enough — the launcher gates its setup UI to\n * the installed PWA, so a raw tunnel URL opened in a normal browser tab would\n * land on a \"please install\" screen.\n *\n * When `relayWssUrl` is given (env-2 CDP wiring), the deep-link also carries\n * `&debug=1&relay=<wss>`; the launcher folds those onto the framed tunnel URL so\n * the in-app debug gate's Layer C (`debug=1` opt-in + `relay=<wss>`) is met and\n * a Chii target.js is injected into the live view.\n */\nexport function buildLauncherDeepLink(tunnelUrl: string, relayWssUrl?: string): string {\n  const base = `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}`;\n  if (!relayWssUrl) return base;\n  return `${base}&debug=1&relay=${encodeURIComponent(relayWssUrl)}`;\n}\n\n/**\n * Print the terminal banner announcing the live tunnel: the public URL, an ASCII\n * QR encoding a launcher deep-link, and a one-line note that quick tunnels are\n * ephemeral, unauthenticated and not for production. Pure w.r.t. side effects\n * other than the injected `log` sink and `qrcode-terminal` — unit-tested.\n */\nexport async function printTunnelBanner(\n  url: string,\n  opts: PrintTunnelBannerOptions = {},\n): Promise<void> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n  const deepLink = buildLauncherDeepLink(url, opts.relayWssUrl);\n  const lines: string[] = [\n    '',\n    '  ┌─ @ait-co/devtools · live tunnel ────────────────────────────',\n    `  │  ${url}`,\n    '  │',\n    `  │  Install the launcher PWA once:  ${LAUNCHER_URL}`,\n    '  │  Then scan the QR below — it opens the launcher directly',\n    '  │  into this tunnel URL (no manual paste needed).',\n    ...(opts.relayWssUrl\n      ? [\n          '  │  The same scan also attaches CDP — connect your AI host',\n          '  │  to the relay and debug the live view on-device.',\n        ]\n      : []),\n    '  │  Quick tunnels are unauthenticated, change every run, and are',\n    '  │  not for production use.',\n    '  └──────────────────────────────────────────────────────────────',\n    '',\n  ];\n  log(lines.join('\\n'));\n\n  if (opts.qr !== false) {\n    // qrcode-terminal is only pulled in on this code path (ambient types live\n    // in src/qrcode-terminal.d.ts).\n    const qrcode = (await import('qrcode-terminal')).default;\n    await new Promise<void>((resolve) => {\n      qrcode.generate(deepLink, { small: true }, (out) => {\n        log(out);\n        resolve();\n      });\n    });\n  }\n}\n\n/**\n * Heuristic: can this process open a GUI browser? Mirrors `canOpenBrowser` in\n * `src/mcp/tools.ts` but is re-declared here (not imported) so the tunnel path\n * does not statically pull the heavy MCP `tools.ts` module graph into the lazy\n * `import('./tunnel.js')` chunk. Kept in sync with the MCP copy.\n *\n *   - macOS / Windows → assume yes (env-2 dev normally runs on the user's Mac).\n *   - Linux → require `DISPLAY` or `WAYLAND_DISPLAY`.\n *   - CI (`CI=true`/`CI=1`) → no.\n */\nfunction canOpenBrowser(): boolean {\n  if (process.env.CI === 'true' || process.env.CI === '1') return false;\n  const platform = process.platform;\n  if (platform === 'darwin' || platform === 'win32') return true;\n  if (platform === 'linux') {\n    return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n  }\n  return false;\n}\n\n/** Handle returned by {@link startTunnelDashboard}. */\nexport interface TunnelDashboard {\n  /** `http://127.0.0.1:<port>` — the local dashboard URL opened in the browser. */\n  url: string;\n  /** Tear down the local HTTP server. Idempotent via the underlying server. */\n  close: () => Promise<void>;\n}\n\nexport interface StartTunnelDashboardOptions {\n  /** The public `https://*.trycloudflare.com` app tunnel URL the launcher frames. */\n  tunnelUrl: string;\n  /** The `wss://` relay URL of the env-2 CDP tunnel. REQUIRED — the dashboard is a CDP-only UX. */\n  relayWssUrl: string;\n  /** Mirror of `tunnel.qr` — when `false` the dashboard is skipped (no browser open). */\n  qr?: boolean;\n  /**\n   * Override the GUI/opt-out gate (testing only). When omitted the real\n   * `canOpenBrowser()` + `AIT_AUTO_DEVTOOLS` checks decide.\n   */\n  shouldOpen?: () => boolean;\n  /** Sink for the one-line \"opened in browser\" note (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n}\n\n/**\n * Env-2 UX parity with env 3/4 (issue #408): when CDP wiring is on and a GUI is\n * available, start the SAME `127.0.0.1` HTML dashboard (QR image + connect steps\n * + FAQ) that the MCP `build_attach_url` path serves, and auto-open it in the\n * browser. headless / opt-out falls back to the terminal ASCII QR (printed\n * separately by {@link printTunnelBanner}).\n *\n * Every part the install-graph invariant depends on (`qrcode`, the MCP HTTP\n * server, the opener) is reached only through dynamic `import()` here, inside\n * the already-lazy `tunnel.js` chunk — nothing is added to the common build\n * graph or the MCP-only install graph.\n *\n * TOTP encapsulation: the dashboard's `getDashboardState` closure mints a FRESH\n * TOTP `at=` code on every call via `generateTotp(secret, Date.now())` and folds\n * it into a fresh `buildLauncherAttachUrl(...)`. Because the QR is re-rendered on\n * each SSE push / page reload from this closure, the code a phone scans is always\n * within its 30 s window — no stale code is baked into static HTML.\n *\n * SECRET-HANDLING: the tunnel host, relay wssUrl, TOTP code, and `.ait_relay`\n * value/path are NEVER written to stdout/stderr/logs here. They live only inside\n * the attach URL (HTML body + `/qr.png` query, per qr-http-server's invariant).\n * The only thing opened/logged is `http://127.0.0.1:<port>` (local, safe).\n *\n * @returns the dashboard handle when it started (caller wires `close()` into the\n *   tunnel cleanup), or `undefined` when skipped (no relay, `qr:false`, headless,\n *   opt-out, or a start failure) — in which case ASCII QR fallback stands alone.\n */\nexport async function startTunnelDashboard(\n  opts: StartTunnelDashboardOptions,\n): Promise<TunnelDashboard | undefined> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n\n  // Gate: dashboard is a CDP-only UX (needs a relay to attach to).\n  if (!opts.relayWssUrl) return undefined;\n  // Opt-out via `tunnel.qr:false` (same toggle that suppresses the ASCII QR).\n  if (opts.qr === false) return undefined;\n\n  // GUI + AIT_AUTO_DEVTOOLS gate. Reuse the MCP opener's opt-out predicate so\n  // the env-2 path honours the same `AIT_AUTO_DEVTOOLS=0` switch as env 3/4.\n  const { isAutoDevtoolsDisabled } = await import('../mcp/devtools-opener.js');\n  const gateOpen = opts.shouldOpen ?? (() => !isAutoDevtoolsDisabled() && canOpenBrowser());\n  if (!gateOpen()) return undefined;\n\n  const { startQrHttpServer } = await import('../mcp/qr-http-server.js');\n  const { buildLauncherAttachUrl } = await import('../mcp/deeplink.js');\n  const { generateTotp } = await import('../mcp/totp.js');\n\n  // getDashboardState — mints a fresh TOTP + attach URL on every call so the QR\n  // the dashboard renders (on load and on each SSE push) is never expired.\n  // SECRET-HANDLING: the secret is read from env AT CALL TIME (it was injected\n  // by ensureRelaySecret in the same CDP block) and is used only to compute the\n  // at= code folded into attachUrl. tunnel.up is always true here — the relay\n  // tunnel is already up by the time this runs.\n  const getDashboardState = () => {\n    const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n    const totpCode = secret ? generateTotp(secret, Date.now()) : undefined;\n    const attachUrl = buildLauncherAttachUrl(opts.tunnelUrl, opts.relayWssUrl, totpCode);\n    // pages: null — env 2(unplugin)는 데몬이 아니라 vite 플러그인 안이라\n    // startChiiRelay 핸들이 connected target을 노출하지 않는다. 라이브 page 목록을\n    // 알 수 없으므로 거짓 빈 목록 대신 \"연결된 Pages\" 섹션 자체를 숨긴다(#411).\n    // env 3/4(debug-server.ts)는 router.active.listTargets()로 실제 목록을 채운다.\n    return { tunnel: { up: true, wssUrl: opts.relayWssUrl }, pages: null, attachUrl };\n  };\n\n  let server: Awaited<ReturnType<typeof startQrHttpServer>>;\n  try {\n    server = await startQrHttpServer(getDashboardState);\n  } catch {\n    // SECRET-HANDLING: do not surface the error (could embed paths/hosts). The\n    // ASCII QR printed by printTunnelBanner stays as the fallback.\n    return undefined;\n  }\n\n  // TOTP periodic refresh timer — pushes a fresh at= code to SSE clients every\n  // 20 s so a page left open never stales past the 90 s acceptance window (#448).\n  // tunnel.ts always has relayWssUrl available here (gated above), so no\n  // lastAttachParts guard is needed — getDashboardState mints a fresh TOTP on\n  // every call unconditionally.\n  // SECRET-HANDLING: callback is a plain trigger only — TOTP value and at= code\n  // must never be logged or written to stdout.\n  const TOTP_REFRESH_INTERVAL_MS = 20_000;\n  let totpRefreshHandle: ReturnType<typeof setInterval> | null = setInterval(() => {\n    server.notifyStateChange();\n  }, TOTP_REFRESH_INTERVAL_MS);\n  totpRefreshHandle.unref();\n\n  const dashboardUrl = `http://127.0.0.1:${server.port}`;\n\n  const { openUrlInBrowser } = await import('../mcp/devtools-opener.js');\n  const opened = openUrlInBrowser(dashboardUrl);\n  // SECRET-HANDLING: only the local 127.0.0.1 URL is logged — never the tunnel\n  // host, relay wssUrl, or TOTP code.\n  log(\n    opened\n      ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}`\n      : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`,\n  );\n\n  return {\n    url: dashboardUrl,\n    close: () => {\n      if (totpRefreshHandle) {\n        clearInterval(totpRefreshHandle);\n        totpRefreshHandle = null;\n      }\n      return server.close();\n    },\n  };\n}\n\nexport interface QuickTunnel {\n  /** The public `https://*.trycloudflare.com` URL. */\n  url: string;\n  /** Stop the underlying `cloudflared` process. Idempotent. */\n  stop: () => void;\n}\n\n/**\n * Sanitize cloudflared stderr output for error diagnostics (#421).\n *\n * Masks `*.trycloudflare.com` hostnames and full `https://` / `wss://` URLs\n * that carry those hostnames so tunnel host values never appear in error\n * messages. Diagnostic content (error codes, reasons, JSON blobs) is preserved.\n *\n * SECRET-HANDLING: tunnel host is SECRET-class per harness policy — only\n * placeholder text is emitted.\n */\nexport function sanitizeCloudflaredOutput(line: string): string {\n  // Full URL forms: https://xxx.trycloudflare.com/… and wss://xxx.trycloudflare.com/…\n  let s = line.replace(/(?:https?|wss?):\\/\\/[a-z0-9-]+\\.trycloudflare\\.com(?:\\/[^\\s]*)*/gi, (m) =>\n    m.replace(/[a-z0-9-]+\\.trycloudflare\\.com/i, '<HOST>.trycloudflare.com'),\n  );\n  // Bare hostname without scheme (e.g. printed in cloudflared JSON logs)\n  s = s.replace(/[a-z0-9-]+\\.trycloudflare\\.com/gi, '<HOST>.trycloudflare.com');\n  return s;\n}\n\nconst URL_TIMEOUT_MS = 20_000;\n\n/**\n * Start an unauthenticated Cloudflare quick tunnel to `http://localhost:<port>`\n * and resolve once the public URL is known. Downloads the `cloudflared` binary\n * on first use if it is not already installed. Rejects with a friendly error if\n * no URL appears within {@link URL_TIMEOUT_MS}.\n */\nexport async function startQuickTunnel(port: number): Promise<QuickTunnel> {\n  const cloudflared = await import('cloudflared');\n  const { bin, install, Tunnel } = cloudflared;\n\n  if (!existsSync(bin)) {\n    await mkdir(dirname(bin), { recursive: true });\n    await install(bin);\n  }\n\n  const tunnel = Tunnel.quick(`http://localhost:${port}`);\n  let stopped = false;\n  const stop = () => {\n    if (stopped) return;\n    stopped = true;\n    try {\n      tunnel.stop();\n    } catch {\n      // process may already be gone\n    }\n  };\n\n  return new Promise<QuickTunnel>((resolve, reject) => {\n    // #421: accumulate stderr to attach as diagnostics on failure.\n    // SECRET-HANDLING: lines are sanitized before inclusion in error messages.\n    const stderrLines: string[] = [];\n\n    /**\n     * Format the last `n` sanitized stderr lines as a diagnostic appendix.\n     * Returns an empty string when no lines have been collected.\n     */\n    const stderrTail = (n = 15): string => {\n      if (stderrLines.length === 0) return '';\n      const tail = stderrLines.slice(-n).map(sanitizeCloudflaredOutput).join('');\n      return `\\ncloudflared 출력 (마지막 ${Math.min(n, stderrLines.length)}줄):\\n${tail}`;\n    };\n\n    const timer = setTimeout(() => {\n      cleanup();\n      stop();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared did not report a tunnel URL within ${\n            URL_TIMEOUT_MS / 1000\n          }s. Check your network connection, or run \\`cloudflared tunnel --url http://localhost:${port}\\` manually.${stderrTail()}`,\n        ),\n      );\n    }, URL_TIMEOUT_MS);\n\n    const onUrl = (line: string) => {\n      const found = parseTrycloudflareUrl(line);\n      if (!found) return;\n      clearTimeout(timer);\n      // Stop scanning further output once we have the URL.\n      cleanup();\n      resolve({ url: found, stop });\n    };\n\n    // Accumulate stderr lines for diagnostics (#421). Named so it can be\n    // removed from the listener list when cleanup() runs.\n    const pushStderr = (line: string) => {\n      stderrLines.push(line);\n    };\n\n    const cleanup = () => {\n      tunnel.off('stdout', onUrl);\n      tunnel.off('stderr', onUrl);\n      tunnel.off('stderr', pushStderr);\n    };\n\n    // The library emits a parsed `url` event; we also scan raw stdout/stderr in\n    // case the output format shifts.\n    tunnel.once('url', onUrl);\n    tunnel.on('stdout', onUrl);\n    tunnel.on('stderr', onUrl);\n    // Second stderr listener: accumulate all lines for error diagnostics.\n    tunnel.on('stderr', pushStderr);\n    tunnel.once('error', (err: Error) => {\n      clearTimeout(timer);\n      cleanup();\n      stop();\n      reject(err);\n    });\n    tunnel.once('exit', (code: number | null) => {\n      if (stopped) return;\n      clearTimeout(timer);\n      cleanup();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared exited (code ${code ?? 'null'}) before reporting a tunnel URL.${stderrTail()}`,\n        ),\n      );\n    });\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAiBA,MAAM,mBAAmB;;;;;;AAOzB,SAAgB,sBAAsB,MAA6B;CACjE,MAAM,IAAI,KAAK,MAAM,iBAAiB;AACtC,QAAO,IAAI,EAAE,KAAK;;AAiBpB,MAAM,eAAe;;;;;;;;;;;;;;AAerB,SAAgB,sBAAsB,WAAmB,aAA8B;CACrF,MAAM,OAAO,GAAG,aAAa,OAAO,mBAAmB,UAAU;AACjE,KAAI,CAAC,YAAa,QAAO;AACzB,QAAO,GAAG,KAAK,iBAAiB,mBAAmB,YAAY;;;;;;;;AASjE,eAAsB,kBACpB,KACA,OAAiC,EAAE,EACpB;CACf,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;CACtD,MAAM,WAAW,sBAAsB,KAAK,KAAK,YAAY;AAoB7D,KAnBwB;EACtB;EACA;EACA,QAAQ;EACR;EACA,wCAAwC;EACxC;EACA;EACA,GAAI,KAAK,cACL,CACE,+DACA,uDACD,GACD,EAAE;EACN;EACA;EACA;EACA;EACD,CACS,KAAK,KAAK,CAAC;AAErB,KAAI,KAAK,OAAO,OAAO;EAGrB,MAAM,UAAU,MAAM,OAAO,oBAAoB;AACjD,QAAM,IAAI,SAAe,YAAY;AACnC,UAAO,SAAS,UAAU,EAAE,OAAO,MAAM,GAAG,QAAQ;AAClD,QAAI,IAAI;AACR,aAAS;KACT;IACF;;;;;;;;;;;;;AAcN,SAAS,iBAA0B;AACjC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsDT,eAAsB,qBACpB,MACsC;CACtC,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;AAGtD,KAAI,CAAC,KAAK,YAAa,QAAO,KAAA;AAE9B,KAAI,KAAK,OAAO,MAAO,QAAO,KAAA;CAI9B,MAAM,EAAE,2BAA2B,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,kCAAA,CAAA;AAEzC,KAAI,EADa,KAAK,qBAAqB,CAAC,wBAAwB,IAAI,gBAAgB,IACzE,CAAE,QAAO,KAAA;CAExB,MAAM,EAAE,sBAAsB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,iCAAA,CAAA;CACpC,MAAM,EAAE,2BAA2B,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,2BAAA,CAAA;CACzC,MAAM,EAAE,iBAAiB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,uBAAA,CAAA;CAQ/B,MAAM,0BAA0B;EAC9B,MAAM,SAAS,QAAQ,IAAI;EAC3B,MAAM,WAAW,SAAS,aAAa,QAAQ,KAAK,KAAK,CAAC,GAAG,KAAA;EAC7D,MAAM,YAAY,uBAAuB,KAAK,WAAW,KAAK,aAAa,SAAS;AAKpF,SAAO;GAAE,QAAQ;IAAE,IAAI;IAAM,QAAQ,KAAK;IAAa;GAAE,OAAO;GAAM;GAAW;;CAGnF,IAAI;AACJ,KAAI;AACF,WAAS,MAAM,kBAAkB,kBAAkB;SAC7C;AAGN;;CAWF,IAAI,oBAA2D,kBAAkB;AAC/E,SAAO,mBAAmB;IAFK,IAGL;AAC5B,mBAAkB,OAAO;CAEzB,MAAM,eAAe,oBAAoB,OAAO;CAEhD,MAAM,EAAE,qBAAqB,MAAA,QAAA,SAAA,CAAA,WAAA,QAAM,kCAAA,CAAA;AAInC,KAHe,iBAAiB,aAAa,GAKvC,+CAA+C,iBAC/C,gDAAgD,eACrD;AAED,QAAO;EACL,KAAK;EACL,aAAa;AACX,OAAI,mBAAmB;AACrB,kBAAc,kBAAkB;AAChC,wBAAoB;;AAEtB,UAAO,OAAO,OAAO;;EAExB;;;;;;;;;;;;AAoBH,SAAgB,0BAA0B,MAAsB;CAE9D,IAAI,IAAI,KAAK,QAAQ,sEAAsE,MACzF,EAAE,QAAQ,mCAAmC,2BAA2B,CACzE;AAED,KAAI,EAAE,QAAQ,oCAAoC,2BAA2B;AAC7E,QAAO;;AAGT,MAAM,iBAAiB;;;;;;;AAQvB,eAAsB,iBAAiB,MAAoC;CAEzE,MAAM,EAAE,KAAK,SAAS,WADF,MAAM,OAAO;AAGjC,KAAI,EAAA,GAAA,QAAA,YAAY,IAAI,EAAE;AACpB,SAAA,GAAA,iBAAA,QAAA,GAAA,UAAA,SAAoB,IAAI,EAAE,EAAE,WAAW,MAAM,CAAC;AAC9C,QAAM,QAAQ,IAAI;;CAGpB,MAAM,SAAS,OAAO,MAAM,oBAAoB,OAAO;CACvD,IAAI,UAAU;CACd,MAAM,aAAa;AACjB,MAAI,QAAS;AACb,YAAU;AACV,MAAI;AACF,UAAO,MAAM;UACP;;AAKV,QAAO,IAAI,SAAsB,SAAS,WAAW;EAGnD,MAAM,cAAwB,EAAE;;;;;EAMhC,MAAM,cAAc,IAAI,OAAe;AACrC,OAAI,YAAY,WAAW,EAAG,QAAO;GACrC,MAAM,OAAO,YAAY,MAAM,CAAC,EAAE,CAAC,IAAI,0BAA0B,CAAC,KAAK,GAAG;AAC1E,UAAO,yBAAyB,KAAK,IAAI,GAAG,YAAY,OAAO,CAAC,OAAO;;EAGzE,MAAM,QAAQ,iBAAiB;AAC7B,YAAS;AACT,SAAM;AACN,0BACE,IAAI,MACF,qEACE,iBAAiB,IAClB,uFAAuF,KAAK,cAAc,YAAY,GACxH,CACF;KACA,eAAe;EAElB,MAAM,SAAS,SAAiB;GAC9B,MAAM,QAAQ,sBAAsB,KAAK;AACzC,OAAI,CAAC,MAAO;AACZ,gBAAa,MAAM;AAEnB,YAAS;AACT,WAAQ;IAAE,KAAK;IAAO;IAAM,CAAC;;EAK/B,MAAM,cAAc,SAAiB;AACnC,eAAY,KAAK,KAAK;;EAGxB,MAAM,gBAAgB;AACpB,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,WAAW;;AAKlC,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,GAAG,UAAU,MAAM;AAC1B,SAAO,GAAG,UAAU,MAAM;AAE1B,SAAO,GAAG,UAAU,WAAW;AAC/B,SAAO,KAAK,UAAU,QAAe;AACnC,gBAAa,MAAM;AACnB,YAAS;AACT,SAAM;AACN,UAAO,IAAI;IACX;AACF,SAAO,KAAK,SAAS,SAAwB;AAC3C,OAAI,QAAS;AACb,gBAAa,MAAM;AACnB,YAAS;AACT,0BACE,IAAI,MACF,+CAA+C,QAAQ,OAAO,kCAAkC,YAAY,GAC7G,CACF;IACD;GACF"}

package/dist/unplugin/tunnel.d.cts.map

@@ -1 +1 @@
-{"version":3,"file":"tunnel.d.cts","names":[],"sources":["../../src/unplugin/tunnel.ts"],"mappings":";;AAwBA;;;;;AAKA;;;;;;;;;;iBALgB,qBAAA,CAAsB,IAAA;AAAA,UAKrB,wBAAA;;EAEf,EAAA;EA2B2E;EAzB3E,GAAA,IAAO,GAAA;EAqC8B;;;;;;EA9BrC,WAAA;AAAA;;AA2FF;;;;;;;;;AAOA;;;iBAhFgB,qBAAA,CAAsB,SAAA,UAAmB,WAAA;;;;;;;iBAYnC,iBAAA,CACpB,GAAA,UACA,IAAA,GAAM,wBAAA,GACL,OAAA;;UA0Dc,eAAA;EAkDyB;EAhDxC,GAAA;EAiDM;EA/CN,KAAA,QAAa,OAAA;AAAA;AAAA,UAGE,2BAAA;EA6CP;EA3CR,SAAA;EA0CA;EAxCA,WAAA;EAyCS;EAvCT,EAAA;EAuCwB;AA8D1B;;;EAhGE,UAAA;EAoGI;EAlGJ,GAAA,IAAO,GAAA;AAAA;;;;AAiIT;;;;;;;;;;;;;;;;;;;;;;;;iBAnGsB,oBAAA,CACpB,IAAA,EAAM,2BAAA,GACL,OAAA,CAAQ,eAAA;AAAA,UA8DM,WAAA;;EAEf,GAAA;;EAEA,IAAA;AAAA;;;;;;;;;;;iBAac,yBAAA,CAA0B,IAAA;;;;;;;iBAkBpB,gBAAA,CAAiB,IAAA,WAAe,OAAA,CAAQ,WAAA"}
+{"version":3,"file":"tunnel.d.cts","names":[],"sources":["../../src/unplugin/tunnel.ts"],"mappings":";;AAwBA;;;;;AAKA;;;;;;;;;;iBALgB,qBAAA,CAAsB,IAAA;AAAA,UAKrB,wBAAA;;EAEf,EAAA;EA2B2E;EAzB3E,GAAA,IAAO,GAAA;EAqC8B;;;;;;EA9BrC,WAAA;AAAA;;AA2FF;;;;;;;;;AAOA;;;iBAhFgB,qBAAA,CAAsB,SAAA,UAAmB,WAAA;;;;;;;iBAYnC,iBAAA,CACpB,GAAA,UACA,IAAA,GAAM,wBAAA,GACL,OAAA;;UA0Dc,eAAA;EAkDyB;EAhDxC,GAAA;EAiDM;EA/CN,KAAA,QAAa,OAAA;AAAA;AAAA,UAGE,2BAAA;EA6CP;EA3CR,SAAA;EA0CA;EAxCA,WAAA;EAyCS;EAvCT,EAAA;EAuCwB;AAiF1B;;;EAnHE,UAAA;EAuHI;EArHJ,GAAA,IAAO,GAAA;AAAA;;;;AAoJT;;;;;;;;;;;;;;;;;;;;;;;;iBAtHsB,oBAAA,CACpB,IAAA,EAAM,2BAAA,GACL,OAAA,CAAQ,eAAA;AAAA,UAiFM,WAAA;;EAEf,GAAA;;EAEA,IAAA;AAAA;;;;;;;;;;;iBAac,yBAAA,CAA0B,IAAA;;;;;;;iBAkBpB,gBAAA,CAAiB,IAAA,WAAe,OAAA,CAAQ,WAAA"}

package/dist/unplugin/tunnel.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"tunnel.d.ts","names":[],"sources":["../../src/unplugin/tunnel.ts"],"mappings":";;AAwBA;;;;;AAKA;;;;;;;;;;iBALgB,qBAAA,CAAsB,IAAA;AAAA,UAKrB,wBAAA;;EAEf,EAAA;EA2B2E;EAzB3E,GAAA,IAAO,GAAA;EAqC8B;;;;;;EA9BrC,WAAA;AAAA;;AA2FF;;;;;;;;;AAOA;;;iBAhFgB,qBAAA,CAAsB,SAAA,UAAmB,WAAA;;;;;;;iBAYnC,iBAAA,CACpB,GAAA,UACA,IAAA,GAAM,wBAAA,GACL,OAAA;;UA0Dc,eAAA;EAkDyB;EAhDxC,GAAA;EAiDM;EA/CN,KAAA,QAAa,OAAA;AAAA;AAAA,UAGE,2BAAA;EA6CP;EA3CR,SAAA;EA0CA;EAxCA,WAAA;EAyCS;EAvCT,EAAA;EAuCwB;AA8D1B;;;EAhGE,UAAA;EAoGI;EAlGJ,GAAA,IAAO,GAAA;AAAA;;;;AAiIT;;;;;;;;;;;;;;;;;;;;;;;;iBAnGsB,oBAAA,CACpB,IAAA,EAAM,2BAAA,GACL,OAAA,CAAQ,eAAA;AAAA,UA8DM,WAAA;;EAEf,GAAA;;EAEA,IAAA;AAAA;;;;;;;;;;;iBAac,yBAAA,CAA0B,IAAA;;;;;;;iBAkBpB,gBAAA,CAAiB,IAAA,WAAe,OAAA,CAAQ,WAAA"}
+{"version":3,"file":"tunnel.d.ts","names":[],"sources":["../../src/unplugin/tunnel.ts"],"mappings":";;AAwBA;;;;;AAKA;;;;;;;;;;iBALgB,qBAAA,CAAsB,IAAA;AAAA,UAKrB,wBAAA;;EAEf,EAAA;EA2B2E;EAzB3E,GAAA,IAAO,GAAA;EAqC8B;;;;;;EA9BrC,WAAA;AAAA;;AA2FF;;;;;;;;;AAOA;;;iBAhFgB,qBAAA,CAAsB,SAAA,UAAmB,WAAA;;;;;;;iBAYnC,iBAAA,CACpB,GAAA,UACA,IAAA,GAAM,wBAAA,GACL,OAAA;;UA0Dc,eAAA;EAkDyB;EAhDxC,GAAA;EAiDM;EA/CN,KAAA,QAAa,OAAA;AAAA;AAAA,UAGE,2BAAA;EA6CP;EA3CR,SAAA;EA0CA;EAxCA,WAAA;EAyCS;EAvCT,EAAA;EAuCwB;AAiF1B;;;EAnHE,UAAA;EAuHI;EArHJ,GAAA,IAAO,GAAA;AAAA;;;;AAoJT;;;;;;;;;;;;;;;;;;;;;;;;iBAtHsB,oBAAA,CACpB,IAAA,EAAM,2BAAA,GACL,OAAA,CAAQ,eAAA;AAAA,UAiFM,WAAA;;EAEf,GAAA;;EAEA,IAAA;AAAA;;;;;;;;;;;iBAac,yBAAA,CAA0B,IAAA;;;;;;;iBAkBpB,gBAAA,CAAiB,IAAA,WAAe,OAAA,CAAQ,WAAA"}

package/dist/unplugin/tunnel.js

@@ -148,12 +148,22 @@ async function startTunnelDashboard(opts) {
 	} catch {
 		return;
 	}
+	let totpRefreshHandle = setInterval(() => {
+		server.notifyStateChange();
+	}, 2e4);
+	totpRefreshHandle.unref();
 	const dashboardUrl = `http://127.0.0.1:${server.port}`;
 	const { openUrlInBrowser } = await import("../devtools-opener-D84kZFtR.js");
 	log(openUrlInBrowser(dashboardUrl) ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}` : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`);
 	return {
 		url: dashboardUrl,
-		close: () => server.close()
+		close: () => {
+			if (totpRefreshHandle) {
+				clearInterval(totpRefreshHandle);
+				totpRefreshHandle = null;
+			}
+			return server.close();
+		}
 	};
 }
 /**

package/dist/unplugin/tunnel.js.map

@@ -1 +1 @@
-{"version":3,"file":"tunnel.js","names":[],"sources":["../../src/unplugin/tunnel.ts"],"sourcesContent":["/**\n * Cloudflare quick-tunnel helper for the devtools unplugin.\n *\n * Loaded lazily (`await import('./tunnel.js')`) only when the `tunnel` option is\n * on, so `cloudflared` / `qrcode-terminal` are never pulled in for the common\n * case. This is the one place in `@ait-co/devtools` that depends on Node-only\n * APIs (`child_process` via the `cloudflared` wrapper) — keep it thin and out of\n * jsdom unit tests; the spawn path is verified by hand / e2e (same spirit as the\n * \"web 모드는 e2e\" rule in CLAUDE.md). The pure helpers below\n * (`parseTrycloudflareUrl`, `printTunnelBanner`) are unit-tested.\n */\n\nimport { existsSync } from 'node:fs';\nimport { mkdir } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\n/** Matches the public URL cloudflared prints for an unauthenticated quick tunnel. */\nconst TRYCLOUDFLARE_RE = /https:\\/\\/[a-z0-9-]+\\.trycloudflare\\.com/i;\n\n/**\n * Extract the `https://<sub>.trycloudflare.com` URL from a line of cloudflared\n * output, or `null` if the line doesn't contain one. Pulled out as a pure\n * function so it can be unit-tested without spawning anything.\n */\nexport function parseTrycloudflareUrl(line: string): string | null {\n  const m = line.match(TRYCLOUDFLARE_RE);\n  return m ? m[0] : null;\n}\n\nexport interface PrintTunnelBannerOptions {\n  /** Print an ASCII QR encoding the tunnel URL (default: true). */\n  qr?: boolean;\n  /** Sink for the banner text (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n  /**\n   * The `wss://` relay URL of the env-2 CDP tunnel, if `tunnel.cdp` is on. When\n   * present the QR deep-link additionally carries `&debug=1&relay=<wss>` so the\n   * framed PWA passes the in-app debug gate and attaches a Chii target — the\n   * same single scan opens screen preview *and* CDP debugging.\n   */\n  relayWssUrl?: string;\n}\n\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Build the deep-link URL that QR codes encode: when the launcher PWA is\n * already on the phone's home screen, scanning this opens it directly into the\n * live view for `tunnelUrl` (the launcher consumes `?url=` and clears it).\n * Plain-text raw URL is no longer enough — the launcher gates its setup UI to\n * the installed PWA, so a raw tunnel URL opened in a normal browser tab would\n * land on a \"please install\" screen.\n *\n * When `relayWssUrl` is given (env-2 CDP wiring), the deep-link also carries\n * `&debug=1&relay=<wss>`; the launcher folds those onto the framed tunnel URL so\n * the in-app debug gate's Layer C (`debug=1` opt-in + `relay=<wss>`) is met and\n * a Chii target.js is injected into the live view.\n */\nexport function buildLauncherDeepLink(tunnelUrl: string, relayWssUrl?: string): string {\n  const base = `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}`;\n  if (!relayWssUrl) return base;\n  return `${base}&debug=1&relay=${encodeURIComponent(relayWssUrl)}`;\n}\n\n/**\n * Print the terminal banner announcing the live tunnel: the public URL, an ASCII\n * QR encoding a launcher deep-link, and a one-line note that quick tunnels are\n * ephemeral, unauthenticated and not for production. Pure w.r.t. side effects\n * other than the injected `log` sink and `qrcode-terminal` — unit-tested.\n */\nexport async function printTunnelBanner(\n  url: string,\n  opts: PrintTunnelBannerOptions = {},\n): Promise<void> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n  const deepLink = buildLauncherDeepLink(url, opts.relayWssUrl);\n  const lines: string[] = [\n    '',\n    '  ┌─ @ait-co/devtools · live tunnel ────────────────────────────',\n    `  │  ${url}`,\n    '  │',\n    `  │  Install the launcher PWA once:  ${LAUNCHER_URL}`,\n    '  │  Then scan the QR below — it opens the launcher directly',\n    '  │  into this tunnel URL (no manual paste needed).',\n    ...(opts.relayWssUrl\n      ? [\n          '  │  The same scan also attaches CDP — connect your AI host',\n          '  │  to the relay and debug the live view on-device.',\n        ]\n      : []),\n    '  │  Quick tunnels are unauthenticated, change every run, and are',\n    '  │  not for production use.',\n    '  └──────────────────────────────────────────────────────────────',\n    '',\n  ];\n  log(lines.join('\\n'));\n\n  if (opts.qr !== false) {\n    // qrcode-terminal is only pulled in on this code path (ambient types live\n    // in src/qrcode-terminal.d.ts).\n    const qrcode = (await import('qrcode-terminal')).default;\n    await new Promise<void>((resolve) => {\n      qrcode.generate(deepLink, { small: true }, (out) => {\n        log(out);\n        resolve();\n      });\n    });\n  }\n}\n\n/**\n * Heuristic: can this process open a GUI browser? Mirrors `canOpenBrowser` in\n * `src/mcp/tools.ts` but is re-declared here (not imported) so the tunnel path\n * does not statically pull the heavy MCP `tools.ts` module graph into the lazy\n * `import('./tunnel.js')` chunk. Kept in sync with the MCP copy.\n *\n *   - macOS / Windows → assume yes (env-2 dev normally runs on the user's Mac).\n *   - Linux → require `DISPLAY` or `WAYLAND_DISPLAY`.\n *   - CI (`CI=true`/`CI=1`) → no.\n */\nfunction canOpenBrowser(): boolean {\n  if (process.env.CI === 'true' || process.env.CI === '1') return false;\n  const platform = process.platform;\n  if (platform === 'darwin' || platform === 'win32') return true;\n  if (platform === 'linux') {\n    return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n  }\n  return false;\n}\n\n/** Handle returned by {@link startTunnelDashboard}. */\nexport interface TunnelDashboard {\n  /** `http://127.0.0.1:<port>` — the local dashboard URL opened in the browser. */\n  url: string;\n  /** Tear down the local HTTP server. Idempotent via the underlying server. */\n  close: () => Promise<void>;\n}\n\nexport interface StartTunnelDashboardOptions {\n  /** The public `https://*.trycloudflare.com` app tunnel URL the launcher frames. */\n  tunnelUrl: string;\n  /** The `wss://` relay URL of the env-2 CDP tunnel. REQUIRED — the dashboard is a CDP-only UX. */\n  relayWssUrl: string;\n  /** Mirror of `tunnel.qr` — when `false` the dashboard is skipped (no browser open). */\n  qr?: boolean;\n  /**\n   * Override the GUI/opt-out gate (testing only). When omitted the real\n   * `canOpenBrowser()` + `AIT_AUTO_DEVTOOLS` checks decide.\n   */\n  shouldOpen?: () => boolean;\n  /** Sink for the one-line \"opened in browser\" note (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n}\n\n/**\n * Env-2 UX parity with env 3/4 (issue #408): when CDP wiring is on and a GUI is\n * available, start the SAME `127.0.0.1` HTML dashboard (QR image + connect steps\n * + FAQ) that the MCP `build_attach_url` path serves, and auto-open it in the\n * browser. headless / opt-out falls back to the terminal ASCII QR (printed\n * separately by {@link printTunnelBanner}).\n *\n * Every part the install-graph invariant depends on (`qrcode`, the MCP HTTP\n * server, the opener) is reached only through dynamic `import()` here, inside\n * the already-lazy `tunnel.js` chunk — nothing is added to the common build\n * graph or the MCP-only install graph.\n *\n * TOTP encapsulation: the dashboard's `getDashboardState` closure mints a FRESH\n * TOTP `at=` code on every call via `generateTotp(secret, Date.now())` and folds\n * it into a fresh `buildLauncherAttachUrl(...)`. Because the QR is re-rendered on\n * each SSE push / page reload from this closure, the code a phone scans is always\n * within its 30 s window — no stale code is baked into static HTML.\n *\n * SECRET-HANDLING: the tunnel host, relay wssUrl, TOTP code, and `.ait_relay`\n * value/path are NEVER written to stdout/stderr/logs here. They live only inside\n * the attach URL (HTML body + `/qr.png` query, per qr-http-server's invariant).\n * The only thing opened/logged is `http://127.0.0.1:<port>` (local, safe).\n *\n * @returns the dashboard handle when it started (caller wires `close()` into the\n *   tunnel cleanup), or `undefined` when skipped (no relay, `qr:false`, headless,\n *   opt-out, or a start failure) — in which case ASCII QR fallback stands alone.\n */\nexport async function startTunnelDashboard(\n  opts: StartTunnelDashboardOptions,\n): Promise<TunnelDashboard | undefined> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n\n  // Gate: dashboard is a CDP-only UX (needs a relay to attach to).\n  if (!opts.relayWssUrl) return undefined;\n  // Opt-out via `tunnel.qr:false` (same toggle that suppresses the ASCII QR).\n  if (opts.qr === false) return undefined;\n\n  // GUI + AIT_AUTO_DEVTOOLS gate. Reuse the MCP opener's opt-out predicate so\n  // the env-2 path honours the same `AIT_AUTO_DEVTOOLS=0` switch as env 3/4.\n  const { isAutoDevtoolsDisabled } = await import('../mcp/devtools-opener.js');\n  const gateOpen = opts.shouldOpen ?? (() => !isAutoDevtoolsDisabled() && canOpenBrowser());\n  if (!gateOpen()) return undefined;\n\n  const { startQrHttpServer } = await import('../mcp/qr-http-server.js');\n  const { buildLauncherAttachUrl } = await import('../mcp/deeplink.js');\n  const { generateTotp } = await import('../mcp/totp.js');\n\n  // getDashboardState — mints a fresh TOTP + attach URL on every call so the QR\n  // the dashboard renders (on load and on each SSE push) is never expired.\n  // SECRET-HANDLING: the secret is read from env AT CALL TIME (it was injected\n  // by ensureRelaySecret in the same CDP block) and is used only to compute the\n  // at= code folded into attachUrl. tunnel.up is always true here — the relay\n  // tunnel is already up by the time this runs.\n  const getDashboardState = () => {\n    const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n    const totpCode = secret ? generateTotp(secret, Date.now()) : undefined;\n    const attachUrl = buildLauncherAttachUrl(opts.tunnelUrl, opts.relayWssUrl, totpCode);\n    // pages: null — env 2(unplugin)는 데몬이 아니라 vite 플러그인 안이라\n    // startChiiRelay 핸들이 connected target을 노출하지 않는다. 라이브 page 목록을\n    // 알 수 없으므로 거짓 빈 목록 대신 \"연결된 Pages\" 섹션 자체를 숨긴다(#411).\n    // env 3/4(debug-server.ts)는 router.active.listTargets()로 실제 목록을 채운다.\n    return { tunnel: { up: true, wssUrl: opts.relayWssUrl }, pages: null, attachUrl };\n  };\n\n  let server: Awaited<ReturnType<typeof startQrHttpServer>>;\n  try {\n    server = await startQrHttpServer(getDashboardState);\n  } catch {\n    // SECRET-HANDLING: do not surface the error (could embed paths/hosts). The\n    // ASCII QR printed by printTunnelBanner stays as the fallback.\n    return undefined;\n  }\n\n  const dashboardUrl = `http://127.0.0.1:${server.port}`;\n\n  const { openUrlInBrowser } = await import('../mcp/devtools-opener.js');\n  const opened = openUrlInBrowser(dashboardUrl);\n  // SECRET-HANDLING: only the local 127.0.0.1 URL is logged — never the tunnel\n  // host, relay wssUrl, or TOTP code.\n  log(\n    opened\n      ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}`\n      : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`,\n  );\n\n  return {\n    url: dashboardUrl,\n    close: () => server.close(),\n  };\n}\n\nexport interface QuickTunnel {\n  /** The public `https://*.trycloudflare.com` URL. */\n  url: string;\n  /** Stop the underlying `cloudflared` process. Idempotent. */\n  stop: () => void;\n}\n\n/**\n * Sanitize cloudflared stderr output for error diagnostics (#421).\n *\n * Masks `*.trycloudflare.com` hostnames and full `https://` / `wss://` URLs\n * that carry those hostnames so tunnel host values never appear in error\n * messages. Diagnostic content (error codes, reasons, JSON blobs) is preserved.\n *\n * SECRET-HANDLING: tunnel host is SECRET-class per harness policy — only\n * placeholder text is emitted.\n */\nexport function sanitizeCloudflaredOutput(line: string): string {\n  // Full URL forms: https://xxx.trycloudflare.com/… and wss://xxx.trycloudflare.com/…\n  let s = line.replace(/(?:https?|wss?):\\/\\/[a-z0-9-]+\\.trycloudflare\\.com(?:\\/[^\\s]*)*/gi, (m) =>\n    m.replace(/[a-z0-9-]+\\.trycloudflare\\.com/i, '<HOST>.trycloudflare.com'),\n  );\n  // Bare hostname without scheme (e.g. printed in cloudflared JSON logs)\n  s = s.replace(/[a-z0-9-]+\\.trycloudflare\\.com/gi, '<HOST>.trycloudflare.com');\n  return s;\n}\n\nconst URL_TIMEOUT_MS = 20_000;\n\n/**\n * Start an unauthenticated Cloudflare quick tunnel to `http://localhost:<port>`\n * and resolve once the public URL is known. Downloads the `cloudflared` binary\n * on first use if it is not already installed. Rejects with a friendly error if\n * no URL appears within {@link URL_TIMEOUT_MS}.\n */\nexport async function startQuickTunnel(port: number): Promise<QuickTunnel> {\n  const cloudflared = await import('cloudflared');\n  const { bin, install, Tunnel } = cloudflared;\n\n  if (!existsSync(bin)) {\n    await mkdir(dirname(bin), { recursive: true });\n    await install(bin);\n  }\n\n  const tunnel = Tunnel.quick(`http://localhost:${port}`);\n  let stopped = false;\n  const stop = () => {\n    if (stopped) return;\n    stopped = true;\n    try {\n      tunnel.stop();\n    } catch {\n      // process may already be gone\n    }\n  };\n\n  return new Promise<QuickTunnel>((resolve, reject) => {\n    // #421: accumulate stderr to attach as diagnostics on failure.\n    // SECRET-HANDLING: lines are sanitized before inclusion in error messages.\n    const stderrLines: string[] = [];\n\n    /**\n     * Format the last `n` sanitized stderr lines as a diagnostic appendix.\n     * Returns an empty string when no lines have been collected.\n     */\n    const stderrTail = (n = 15): string => {\n      if (stderrLines.length === 0) return '';\n      const tail = stderrLines.slice(-n).map(sanitizeCloudflaredOutput).join('');\n      return `\\ncloudflared 출력 (마지막 ${Math.min(n, stderrLines.length)}줄):\\n${tail}`;\n    };\n\n    const timer = setTimeout(() => {\n      cleanup();\n      stop();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared did not report a tunnel URL within ${\n            URL_TIMEOUT_MS / 1000\n          }s. Check your network connection, or run \\`cloudflared tunnel --url http://localhost:${port}\\` manually.${stderrTail()}`,\n        ),\n      );\n    }, URL_TIMEOUT_MS);\n\n    const onUrl = (line: string) => {\n      const found = parseTrycloudflareUrl(line);\n      if (!found) return;\n      clearTimeout(timer);\n      // Stop scanning further output once we have the URL.\n      cleanup();\n      resolve({ url: found, stop });\n    };\n\n    // Accumulate stderr lines for diagnostics (#421). Named so it can be\n    // removed from the listener list when cleanup() runs.\n    const pushStderr = (line: string) => {\n      stderrLines.push(line);\n    };\n\n    const cleanup = () => {\n      tunnel.off('stdout', onUrl);\n      tunnel.off('stderr', onUrl);\n      tunnel.off('stderr', pushStderr);\n    };\n\n    // The library emits a parsed `url` event; we also scan raw stdout/stderr in\n    // case the output format shifts.\n    tunnel.once('url', onUrl);\n    tunnel.on('stdout', onUrl);\n    tunnel.on('stderr', onUrl);\n    // Second stderr listener: accumulate all lines for error diagnostics.\n    tunnel.on('stderr', pushStderr);\n    tunnel.once('error', (err: Error) => {\n      clearTimeout(timer);\n      cleanup();\n      stop();\n      reject(err);\n    });\n    tunnel.once('exit', (code: number | null) => {\n      if (stopped) return;\n      clearTimeout(timer);\n      cleanup();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared exited (code ${code ?? 'null'}) before reporting a tunnel URL.${stderrTail()}`,\n        ),\n      );\n    });\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAiBA,MAAM,mBAAmB;;;;;;AAOzB,SAAgB,sBAAsB,MAA6B;CACjE,MAAM,IAAI,KAAK,MAAM,iBAAiB;AACtC,QAAO,IAAI,EAAE,KAAK;;AAiBpB,MAAM,eAAe;;;;;;;;;;;;;;AAerB,SAAgB,sBAAsB,WAAmB,aAA8B;CACrF,MAAM,OAAO,GAAG,aAAa,OAAO,mBAAmB,UAAU;AACjE,KAAI,CAAC,YAAa,QAAO;AACzB,QAAO,GAAG,KAAK,iBAAiB,mBAAmB,YAAY;;;;;;;;AASjE,eAAsB,kBACpB,KACA,OAAiC,EAAE,EACpB;CACf,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;CACtD,MAAM,WAAW,sBAAsB,KAAK,KAAK,YAAY;AAoB7D,KAnBwB;EACtB;EACA;EACA,QAAQ;EACR;EACA,wCAAwC;EACxC;EACA;EACA,GAAI,KAAK,cACL,CACE,+DACA,uDACD,GACD,EAAE;EACN;EACA;EACA;EACA;EACD,CACS,KAAK,KAAK,CAAC;AAErB,KAAI,KAAK,OAAO,OAAO;EAGrB,MAAM,UAAU,MAAM,OAAO,oBAAoB;AACjD,QAAM,IAAI,SAAe,YAAY;AACnC,UAAO,SAAS,UAAU,EAAE,OAAO,MAAM,GAAG,QAAQ;AAClD,QAAI,IAAI;AACR,aAAS;KACT;IACF;;;;;;;;;;;;;AAcN,SAAS,iBAA0B;AACjC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsDT,eAAsB,qBACpB,MACsC;CACtC,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;AAGtD,KAAI,CAAC,KAAK,YAAa,QAAO,KAAA;AAE9B,KAAI,KAAK,OAAO,MAAO,QAAO,KAAA;CAI9B,MAAM,EAAE,2BAA2B,MAAM,OAAO;AAEhD,KAAI,EADa,KAAK,qBAAqB,CAAC,wBAAwB,IAAI,gBAAgB,IACzE,CAAE,QAAO,KAAA;CAExB,MAAM,EAAE,sBAAsB,MAAM,OAAO;CAC3C,MAAM,EAAE,2BAA2B,MAAM,OAAO;CAChD,MAAM,EAAE,iBAAiB,MAAM,OAAO;CAQtC,MAAM,0BAA0B;EAC9B,MAAM,SAAS,QAAQ,IAAI;EAC3B,MAAM,WAAW,SAAS,aAAa,QAAQ,KAAK,KAAK,CAAC,GAAG,KAAA;EAC7D,MAAM,YAAY,uBAAuB,KAAK,WAAW,KAAK,aAAa,SAAS;AAKpF,SAAO;GAAE,QAAQ;IAAE,IAAI;IAAM,QAAQ,KAAK;IAAa;GAAE,OAAO;GAAM;GAAW;;CAGnF,IAAI;AACJ,KAAI;AACF,WAAS,MAAM,kBAAkB,kBAAkB;SAC7C;AAGN;;CAGF,MAAM,eAAe,oBAAoB,OAAO;CAEhD,MAAM,EAAE,qBAAqB,MAAM,OAAO;AAI1C,KAHe,iBAAiB,aAAa,GAKvC,+CAA+C,iBAC/C,gDAAgD,eACrD;AAED,QAAO;EACL,KAAK;EACL,aAAa,OAAO,OAAO;EAC5B;;;;;;;;;;;;AAoBH,SAAgB,0BAA0B,MAAsB;CAE9D,IAAI,IAAI,KAAK,QAAQ,sEAAsE,MACzF,EAAE,QAAQ,mCAAmC,2BAA2B,CACzE;AAED,KAAI,EAAE,QAAQ,oCAAoC,2BAA2B;AAC7E,QAAO;;AAGT,MAAM,iBAAiB;;;;;;;AAQvB,eAAsB,iBAAiB,MAAoC;CAEzE,MAAM,EAAE,KAAK,SAAS,WADF,MAAM,OAAO;AAGjC,KAAI,CAAC,WAAW,IAAI,EAAE;AACpB,QAAM,MAAM,QAAQ,IAAI,EAAE,EAAE,WAAW,MAAM,CAAC;AAC9C,QAAM,QAAQ,IAAI;;CAGpB,MAAM,SAAS,OAAO,MAAM,oBAAoB,OAAO;CACvD,IAAI,UAAU;CACd,MAAM,aAAa;AACjB,MAAI,QAAS;AACb,YAAU;AACV,MAAI;AACF,UAAO,MAAM;UACP;;AAKV,QAAO,IAAI,SAAsB,SAAS,WAAW;EAGnD,MAAM,cAAwB,EAAE;;;;;EAMhC,MAAM,cAAc,IAAI,OAAe;AACrC,OAAI,YAAY,WAAW,EAAG,QAAO;GACrC,MAAM,OAAO,YAAY,MAAM,CAAC,EAAE,CAAC,IAAI,0BAA0B,CAAC,KAAK,GAAG;AAC1E,UAAO,yBAAyB,KAAK,IAAI,GAAG,YAAY,OAAO,CAAC,OAAO;;EAGzE,MAAM,QAAQ,iBAAiB;AAC7B,YAAS;AACT,SAAM;AACN,0BACE,IAAI,MACF,qEACE,iBAAiB,IAClB,uFAAuF,KAAK,cAAc,YAAY,GACxH,CACF;KACA,eAAe;EAElB,MAAM,SAAS,SAAiB;GAC9B,MAAM,QAAQ,sBAAsB,KAAK;AACzC,OAAI,CAAC,MAAO;AACZ,gBAAa,MAAM;AAEnB,YAAS;AACT,WAAQ;IAAE,KAAK;IAAO;IAAM,CAAC;;EAK/B,MAAM,cAAc,SAAiB;AACnC,eAAY,KAAK,KAAK;;EAGxB,MAAM,gBAAgB;AACpB,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,WAAW;;AAKlC,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,GAAG,UAAU,MAAM;AAC1B,SAAO,GAAG,UAAU,MAAM;AAE1B,SAAO,GAAG,UAAU,WAAW;AAC/B,SAAO,KAAK,UAAU,QAAe;AACnC,gBAAa,MAAM;AACnB,YAAS;AACT,SAAM;AACN,UAAO,IAAI;IACX;AACF,SAAO,KAAK,SAAS,SAAwB;AAC3C,OAAI,QAAS;AACb,gBAAa,MAAM;AACnB,YAAS;AACT,0BACE,IAAI,MACF,+CAA+C,QAAQ,OAAO,kCAAkC,YAAY,GAC7G,CACF;IACD;GACF"}
+{"version":3,"file":"tunnel.js","names":[],"sources":["../../src/unplugin/tunnel.ts"],"sourcesContent":["/**\n * Cloudflare quick-tunnel helper for the devtools unplugin.\n *\n * Loaded lazily (`await import('./tunnel.js')`) only when the `tunnel` option is\n * on, so `cloudflared` / `qrcode-terminal` are never pulled in for the common\n * case. This is the one place in `@ait-co/devtools` that depends on Node-only\n * APIs (`child_process` via the `cloudflared` wrapper) — keep it thin and out of\n * jsdom unit tests; the spawn path is verified by hand / e2e (same spirit as the\n * \"web 모드는 e2e\" rule in CLAUDE.md). The pure helpers below\n * (`parseTrycloudflareUrl`, `printTunnelBanner`) are unit-tested.\n */\n\nimport { existsSync } from 'node:fs';\nimport { mkdir } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\n/** Matches the public URL cloudflared prints for an unauthenticated quick tunnel. */\nconst TRYCLOUDFLARE_RE = /https:\\/\\/[a-z0-9-]+\\.trycloudflare\\.com/i;\n\n/**\n * Extract the `https://<sub>.trycloudflare.com` URL from a line of cloudflared\n * output, or `null` if the line doesn't contain one. Pulled out as a pure\n * function so it can be unit-tested without spawning anything.\n */\nexport function parseTrycloudflareUrl(line: string): string | null {\n  const m = line.match(TRYCLOUDFLARE_RE);\n  return m ? m[0] : null;\n}\n\nexport interface PrintTunnelBannerOptions {\n  /** Print an ASCII QR encoding the tunnel URL (default: true). */\n  qr?: boolean;\n  /** Sink for the banner text (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n  /**\n   * The `wss://` relay URL of the env-2 CDP tunnel, if `tunnel.cdp` is on. When\n   * present the QR deep-link additionally carries `&debug=1&relay=<wss>` so the\n   * framed PWA passes the in-app debug gate and attaches a Chii target — the\n   * same single scan opens screen preview *and* CDP debugging.\n   */\n  relayWssUrl?: string;\n}\n\nconst LAUNCHER_URL = 'https://devtools.aitc.dev/launcher/';\n\n/**\n * Build the deep-link URL that QR codes encode: when the launcher PWA is\n * already on the phone's home screen, scanning this opens it directly into the\n * live view for `tunnelUrl` (the launcher consumes `?url=` and clears it).\n * Plain-text raw URL is no longer enough — the launcher gates its setup UI to\n * the installed PWA, so a raw tunnel URL opened in a normal browser tab would\n * land on a \"please install\" screen.\n *\n * When `relayWssUrl` is given (env-2 CDP wiring), the deep-link also carries\n * `&debug=1&relay=<wss>`; the launcher folds those onto the framed tunnel URL so\n * the in-app debug gate's Layer C (`debug=1` opt-in + `relay=<wss>`) is met and\n * a Chii target.js is injected into the live view.\n */\nexport function buildLauncherDeepLink(tunnelUrl: string, relayWssUrl?: string): string {\n  const base = `${LAUNCHER_URL}?url=${encodeURIComponent(tunnelUrl)}`;\n  if (!relayWssUrl) return base;\n  return `${base}&debug=1&relay=${encodeURIComponent(relayWssUrl)}`;\n}\n\n/**\n * Print the terminal banner announcing the live tunnel: the public URL, an ASCII\n * QR encoding a launcher deep-link, and a one-line note that quick tunnels are\n * ephemeral, unauthenticated and not for production. Pure w.r.t. side effects\n * other than the injected `log` sink and `qrcode-terminal` — unit-tested.\n */\nexport async function printTunnelBanner(\n  url: string,\n  opts: PrintTunnelBannerOptions = {},\n): Promise<void> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n  const deepLink = buildLauncherDeepLink(url, opts.relayWssUrl);\n  const lines: string[] = [\n    '',\n    '  ┌─ @ait-co/devtools · live tunnel ────────────────────────────',\n    `  │  ${url}`,\n    '  │',\n    `  │  Install the launcher PWA once:  ${LAUNCHER_URL}`,\n    '  │  Then scan the QR below — it opens the launcher directly',\n    '  │  into this tunnel URL (no manual paste needed).',\n    ...(opts.relayWssUrl\n      ? [\n          '  │  The same scan also attaches CDP — connect your AI host',\n          '  │  to the relay and debug the live view on-device.',\n        ]\n      : []),\n    '  │  Quick tunnels are unauthenticated, change every run, and are',\n    '  │  not for production use.',\n    '  └──────────────────────────────────────────────────────────────',\n    '',\n  ];\n  log(lines.join('\\n'));\n\n  if (opts.qr !== false) {\n    // qrcode-terminal is only pulled in on this code path (ambient types live\n    // in src/qrcode-terminal.d.ts).\n    const qrcode = (await import('qrcode-terminal')).default;\n    await new Promise<void>((resolve) => {\n      qrcode.generate(deepLink, { small: true }, (out) => {\n        log(out);\n        resolve();\n      });\n    });\n  }\n}\n\n/**\n * Heuristic: can this process open a GUI browser? Mirrors `canOpenBrowser` in\n * `src/mcp/tools.ts` but is re-declared here (not imported) so the tunnel path\n * does not statically pull the heavy MCP `tools.ts` module graph into the lazy\n * `import('./tunnel.js')` chunk. Kept in sync with the MCP copy.\n *\n *   - macOS / Windows → assume yes (env-2 dev normally runs on the user's Mac).\n *   - Linux → require `DISPLAY` or `WAYLAND_DISPLAY`.\n *   - CI (`CI=true`/`CI=1`) → no.\n */\nfunction canOpenBrowser(): boolean {\n  if (process.env.CI === 'true' || process.env.CI === '1') return false;\n  const platform = process.platform;\n  if (platform === 'darwin' || platform === 'win32') return true;\n  if (platform === 'linux') {\n    return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n  }\n  return false;\n}\n\n/** Handle returned by {@link startTunnelDashboard}. */\nexport interface TunnelDashboard {\n  /** `http://127.0.0.1:<port>` — the local dashboard URL opened in the browser. */\n  url: string;\n  /** Tear down the local HTTP server. Idempotent via the underlying server. */\n  close: () => Promise<void>;\n}\n\nexport interface StartTunnelDashboardOptions {\n  /** The public `https://*.trycloudflare.com` app tunnel URL the launcher frames. */\n  tunnelUrl: string;\n  /** The `wss://` relay URL of the env-2 CDP tunnel. REQUIRED — the dashboard is a CDP-only UX. */\n  relayWssUrl: string;\n  /** Mirror of `tunnel.qr` — when `false` the dashboard is skipped (no browser open). */\n  qr?: boolean;\n  /**\n   * Override the GUI/opt-out gate (testing only). When omitted the real\n   * `canOpenBrowser()` + `AIT_AUTO_DEVTOOLS` checks decide.\n   */\n  shouldOpen?: () => boolean;\n  /** Sink for the one-line \"opened in browser\" note (default: `console.log`). Injected for testing. */\n  log?: (msg: string) => void;\n}\n\n/**\n * Env-2 UX parity with env 3/4 (issue #408): when CDP wiring is on and a GUI is\n * available, start the SAME `127.0.0.1` HTML dashboard (QR image + connect steps\n * + FAQ) that the MCP `build_attach_url` path serves, and auto-open it in the\n * browser. headless / opt-out falls back to the terminal ASCII QR (printed\n * separately by {@link printTunnelBanner}).\n *\n * Every part the install-graph invariant depends on (`qrcode`, the MCP HTTP\n * server, the opener) is reached only through dynamic `import()` here, inside\n * the already-lazy `tunnel.js` chunk — nothing is added to the common build\n * graph or the MCP-only install graph.\n *\n * TOTP encapsulation: the dashboard's `getDashboardState` closure mints a FRESH\n * TOTP `at=` code on every call via `generateTotp(secret, Date.now())` and folds\n * it into a fresh `buildLauncherAttachUrl(...)`. Because the QR is re-rendered on\n * each SSE push / page reload from this closure, the code a phone scans is always\n * within its 30 s window — no stale code is baked into static HTML.\n *\n * SECRET-HANDLING: the tunnel host, relay wssUrl, TOTP code, and `.ait_relay`\n * value/path are NEVER written to stdout/stderr/logs here. They live only inside\n * the attach URL (HTML body + `/qr.png` query, per qr-http-server's invariant).\n * The only thing opened/logged is `http://127.0.0.1:<port>` (local, safe).\n *\n * @returns the dashboard handle when it started (caller wires `close()` into the\n *   tunnel cleanup), or `undefined` when skipped (no relay, `qr:false`, headless,\n *   opt-out, or a start failure) — in which case ASCII QR fallback stands alone.\n */\nexport async function startTunnelDashboard(\n  opts: StartTunnelDashboardOptions,\n): Promise<TunnelDashboard | undefined> {\n  const log = opts.log ?? ((m: string) => console.log(m));\n\n  // Gate: dashboard is a CDP-only UX (needs a relay to attach to).\n  if (!opts.relayWssUrl) return undefined;\n  // Opt-out via `tunnel.qr:false` (same toggle that suppresses the ASCII QR).\n  if (opts.qr === false) return undefined;\n\n  // GUI + AIT_AUTO_DEVTOOLS gate. Reuse the MCP opener's opt-out predicate so\n  // the env-2 path honours the same `AIT_AUTO_DEVTOOLS=0` switch as env 3/4.\n  const { isAutoDevtoolsDisabled } = await import('../mcp/devtools-opener.js');\n  const gateOpen = opts.shouldOpen ?? (() => !isAutoDevtoolsDisabled() && canOpenBrowser());\n  if (!gateOpen()) return undefined;\n\n  const { startQrHttpServer } = await import('../mcp/qr-http-server.js');\n  const { buildLauncherAttachUrl } = await import('../mcp/deeplink.js');\n  const { generateTotp } = await import('../mcp/totp.js');\n\n  // getDashboardState — mints a fresh TOTP + attach URL on every call so the QR\n  // the dashboard renders (on load and on each SSE push) is never expired.\n  // SECRET-HANDLING: the secret is read from env AT CALL TIME (it was injected\n  // by ensureRelaySecret in the same CDP block) and is used only to compute the\n  // at= code folded into attachUrl. tunnel.up is always true here — the relay\n  // tunnel is already up by the time this runs.\n  const getDashboardState = () => {\n    const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n    const totpCode = secret ? generateTotp(secret, Date.now()) : undefined;\n    const attachUrl = buildLauncherAttachUrl(opts.tunnelUrl, opts.relayWssUrl, totpCode);\n    // pages: null — env 2(unplugin)는 데몬이 아니라 vite 플러그인 안이라\n    // startChiiRelay 핸들이 connected target을 노출하지 않는다. 라이브 page 목록을\n    // 알 수 없으므로 거짓 빈 목록 대신 \"연결된 Pages\" 섹션 자체를 숨긴다(#411).\n    // env 3/4(debug-server.ts)는 router.active.listTargets()로 실제 목록을 채운다.\n    return { tunnel: { up: true, wssUrl: opts.relayWssUrl }, pages: null, attachUrl };\n  };\n\n  let server: Awaited<ReturnType<typeof startQrHttpServer>>;\n  try {\n    server = await startQrHttpServer(getDashboardState);\n  } catch {\n    // SECRET-HANDLING: do not surface the error (could embed paths/hosts). The\n    // ASCII QR printed by printTunnelBanner stays as the fallback.\n    return undefined;\n  }\n\n  // TOTP periodic refresh timer — pushes a fresh at= code to SSE clients every\n  // 20 s so a page left open never stales past the 90 s acceptance window (#448).\n  // tunnel.ts always has relayWssUrl available here (gated above), so no\n  // lastAttachParts guard is needed — getDashboardState mints a fresh TOTP on\n  // every call unconditionally.\n  // SECRET-HANDLING: callback is a plain trigger only — TOTP value and at= code\n  // must never be logged or written to stdout.\n  const TOTP_REFRESH_INTERVAL_MS = 20_000;\n  let totpRefreshHandle: ReturnType<typeof setInterval> | null = setInterval(() => {\n    server.notifyStateChange();\n  }, TOTP_REFRESH_INTERVAL_MS);\n  totpRefreshHandle.unref();\n\n  const dashboardUrl = `http://127.0.0.1:${server.port}`;\n\n  const { openUrlInBrowser } = await import('../mcp/devtools-opener.js');\n  const opened = openUrlInBrowser(dashboardUrl);\n  // SECRET-HANDLING: only the local 127.0.0.1 URL is logged — never the tunnel\n  // host, relay wssUrl, or TOTP code.\n  log(\n    opened\n      ? `  │  Opened a QR dashboard in your browser: ${dashboardUrl}`\n      : `  │  Open this QR dashboard in your browser: ${dashboardUrl}`,\n  );\n\n  return {\n    url: dashboardUrl,\n    close: () => {\n      if (totpRefreshHandle) {\n        clearInterval(totpRefreshHandle);\n        totpRefreshHandle = null;\n      }\n      return server.close();\n    },\n  };\n}\n\nexport interface QuickTunnel {\n  /** The public `https://*.trycloudflare.com` URL. */\n  url: string;\n  /** Stop the underlying `cloudflared` process. Idempotent. */\n  stop: () => void;\n}\n\n/**\n * Sanitize cloudflared stderr output for error diagnostics (#421).\n *\n * Masks `*.trycloudflare.com` hostnames and full `https://` / `wss://` URLs\n * that carry those hostnames so tunnel host values never appear in error\n * messages. Diagnostic content (error codes, reasons, JSON blobs) is preserved.\n *\n * SECRET-HANDLING: tunnel host is SECRET-class per harness policy — only\n * placeholder text is emitted.\n */\nexport function sanitizeCloudflaredOutput(line: string): string {\n  // Full URL forms: https://xxx.trycloudflare.com/… and wss://xxx.trycloudflare.com/…\n  let s = line.replace(/(?:https?|wss?):\\/\\/[a-z0-9-]+\\.trycloudflare\\.com(?:\\/[^\\s]*)*/gi, (m) =>\n    m.replace(/[a-z0-9-]+\\.trycloudflare\\.com/i, '<HOST>.trycloudflare.com'),\n  );\n  // Bare hostname without scheme (e.g. printed in cloudflared JSON logs)\n  s = s.replace(/[a-z0-9-]+\\.trycloudflare\\.com/gi, '<HOST>.trycloudflare.com');\n  return s;\n}\n\nconst URL_TIMEOUT_MS = 20_000;\n\n/**\n * Start an unauthenticated Cloudflare quick tunnel to `http://localhost:<port>`\n * and resolve once the public URL is known. Downloads the `cloudflared` binary\n * on first use if it is not already installed. Rejects with a friendly error if\n * no URL appears within {@link URL_TIMEOUT_MS}.\n */\nexport async function startQuickTunnel(port: number): Promise<QuickTunnel> {\n  const cloudflared = await import('cloudflared');\n  const { bin, install, Tunnel } = cloudflared;\n\n  if (!existsSync(bin)) {\n    await mkdir(dirname(bin), { recursive: true });\n    await install(bin);\n  }\n\n  const tunnel = Tunnel.quick(`http://localhost:${port}`);\n  let stopped = false;\n  const stop = () => {\n    if (stopped) return;\n    stopped = true;\n    try {\n      tunnel.stop();\n    } catch {\n      // process may already be gone\n    }\n  };\n\n  return new Promise<QuickTunnel>((resolve, reject) => {\n    // #421: accumulate stderr to attach as diagnostics on failure.\n    // SECRET-HANDLING: lines are sanitized before inclusion in error messages.\n    const stderrLines: string[] = [];\n\n    /**\n     * Format the last `n` sanitized stderr lines as a diagnostic appendix.\n     * Returns an empty string when no lines have been collected.\n     */\n    const stderrTail = (n = 15): string => {\n      if (stderrLines.length === 0) return '';\n      const tail = stderrLines.slice(-n).map(sanitizeCloudflaredOutput).join('');\n      return `\\ncloudflared 출력 (마지막 ${Math.min(n, stderrLines.length)}줄):\\n${tail}`;\n    };\n\n    const timer = setTimeout(() => {\n      cleanup();\n      stop();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared did not report a tunnel URL within ${\n            URL_TIMEOUT_MS / 1000\n          }s. Check your network connection, or run \\`cloudflared tunnel --url http://localhost:${port}\\` manually.${stderrTail()}`,\n        ),\n      );\n    }, URL_TIMEOUT_MS);\n\n    const onUrl = (line: string) => {\n      const found = parseTrycloudflareUrl(line);\n      if (!found) return;\n      clearTimeout(timer);\n      // Stop scanning further output once we have the URL.\n      cleanup();\n      resolve({ url: found, stop });\n    };\n\n    // Accumulate stderr lines for diagnostics (#421). Named so it can be\n    // removed from the listener list when cleanup() runs.\n    const pushStderr = (line: string) => {\n      stderrLines.push(line);\n    };\n\n    const cleanup = () => {\n      tunnel.off('stdout', onUrl);\n      tunnel.off('stderr', onUrl);\n      tunnel.off('stderr', pushStderr);\n    };\n\n    // The library emits a parsed `url` event; we also scan raw stdout/stderr in\n    // case the output format shifts.\n    tunnel.once('url', onUrl);\n    tunnel.on('stdout', onUrl);\n    tunnel.on('stderr', onUrl);\n    // Second stderr listener: accumulate all lines for error diagnostics.\n    tunnel.on('stderr', pushStderr);\n    tunnel.once('error', (err: Error) => {\n      clearTimeout(timer);\n      cleanup();\n      stop();\n      reject(err);\n    });\n    tunnel.once('exit', (code: number | null) => {\n      if (stopped) return;\n      clearTimeout(timer);\n      cleanup();\n      reject(\n        new Error(\n          `[@ait-co/devtools] cloudflared exited (code ${code ?? 'null'}) before reporting a tunnel URL.${stderrTail()}`,\n        ),\n      );\n    });\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAiBA,MAAM,mBAAmB;;;;;;AAOzB,SAAgB,sBAAsB,MAA6B;CACjE,MAAM,IAAI,KAAK,MAAM,iBAAiB;AACtC,QAAO,IAAI,EAAE,KAAK;;AAiBpB,MAAM,eAAe;;;;;;;;;;;;;;AAerB,SAAgB,sBAAsB,WAAmB,aAA8B;CACrF,MAAM,OAAO,GAAG,aAAa,OAAO,mBAAmB,UAAU;AACjE,KAAI,CAAC,YAAa,QAAO;AACzB,QAAO,GAAG,KAAK,iBAAiB,mBAAmB,YAAY;;;;;;;;AASjE,eAAsB,kBACpB,KACA,OAAiC,EAAE,EACpB;CACf,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;CACtD,MAAM,WAAW,sBAAsB,KAAK,KAAK,YAAY;AAoB7D,KAnBwB;EACtB;EACA;EACA,QAAQ;EACR;EACA,wCAAwC;EACxC;EACA;EACA,GAAI,KAAK,cACL,CACE,+DACA,uDACD,GACD,EAAE;EACN;EACA;EACA;EACA;EACD,CACS,KAAK,KAAK,CAAC;AAErB,KAAI,KAAK,OAAO,OAAO;EAGrB,MAAM,UAAU,MAAM,OAAO,oBAAoB;AACjD,QAAM,IAAI,SAAe,YAAY;AACnC,UAAO,SAAS,UAAU,EAAE,OAAO,MAAM,GAAG,QAAQ;AAClD,QAAI,IAAI;AACR,aAAS;KACT;IACF;;;;;;;;;;;;;AAcN,SAAS,iBAA0B;AACjC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsDT,eAAsB,qBACpB,MACsC;CACtC,MAAM,MAAM,KAAK,SAAS,MAAc,QAAQ,IAAI,EAAE;AAGtD,KAAI,CAAC,KAAK,YAAa,QAAO,KAAA;AAE9B,KAAI,KAAK,OAAO,MAAO,QAAO,KAAA;CAI9B,MAAM,EAAE,2BAA2B,MAAM,OAAO;AAEhD,KAAI,EADa,KAAK,qBAAqB,CAAC,wBAAwB,IAAI,gBAAgB,IACzE,CAAE,QAAO,KAAA;CAExB,MAAM,EAAE,sBAAsB,MAAM,OAAO;CAC3C,MAAM,EAAE,2BAA2B,MAAM,OAAO;CAChD,MAAM,EAAE,iBAAiB,MAAM,OAAO;CAQtC,MAAM,0BAA0B;EAC9B,MAAM,SAAS,QAAQ,IAAI;EAC3B,MAAM,WAAW,SAAS,aAAa,QAAQ,KAAK,KAAK,CAAC,GAAG,KAAA;EAC7D,MAAM,YAAY,uBAAuB,KAAK,WAAW,KAAK,aAAa,SAAS;AAKpF,SAAO;GAAE,QAAQ;IAAE,IAAI;IAAM,QAAQ,KAAK;IAAa;GAAE,OAAO;GAAM;GAAW;;CAGnF,IAAI;AACJ,KAAI;AACF,WAAS,MAAM,kBAAkB,kBAAkB;SAC7C;AAGN;;CAWF,IAAI,oBAA2D,kBAAkB;AAC/E,SAAO,mBAAmB;IAFK,IAGL;AAC5B,mBAAkB,OAAO;CAEzB,MAAM,eAAe,oBAAoB,OAAO;CAEhD,MAAM,EAAE,qBAAqB,MAAM,OAAO;AAI1C,KAHe,iBAAiB,aAAa,GAKvC,+CAA+C,iBAC/C,gDAAgD,eACrD;AAED,QAAO;EACL,KAAK;EACL,aAAa;AACX,OAAI,mBAAmB;AACrB,kBAAc,kBAAkB;AAChC,wBAAoB;;AAEtB,UAAO,OAAO,OAAO;;EAExB;;;;;;;;;;;;AAoBH,SAAgB,0BAA0B,MAAsB;CAE9D,IAAI,IAAI,KAAK,QAAQ,sEAAsE,MACzF,EAAE,QAAQ,mCAAmC,2BAA2B,CACzE;AAED,KAAI,EAAE,QAAQ,oCAAoC,2BAA2B;AAC7E,QAAO;;AAGT,MAAM,iBAAiB;;;;;;;AAQvB,eAAsB,iBAAiB,MAAoC;CAEzE,MAAM,EAAE,KAAK,SAAS,WADF,MAAM,OAAO;AAGjC,KAAI,CAAC,WAAW,IAAI,EAAE;AACpB,QAAM,MAAM,QAAQ,IAAI,EAAE,EAAE,WAAW,MAAM,CAAC;AAC9C,QAAM,QAAQ,IAAI;;CAGpB,MAAM,SAAS,OAAO,MAAM,oBAAoB,OAAO;CACvD,IAAI,UAAU;CACd,MAAM,aAAa;AACjB,MAAI,QAAS;AACb,YAAU;AACV,MAAI;AACF,UAAO,MAAM;UACP;;AAKV,QAAO,IAAI,SAAsB,SAAS,WAAW;EAGnD,MAAM,cAAwB,EAAE;;;;;EAMhC,MAAM,cAAc,IAAI,OAAe;AACrC,OAAI,YAAY,WAAW,EAAG,QAAO;GACrC,MAAM,OAAO,YAAY,MAAM,CAAC,EAAE,CAAC,IAAI,0BAA0B,CAAC,KAAK,GAAG;AAC1E,UAAO,yBAAyB,KAAK,IAAI,GAAG,YAAY,OAAO,CAAC,OAAO;;EAGzE,MAAM,QAAQ,iBAAiB;AAC7B,YAAS;AACT,SAAM;AACN,0BACE,IAAI,MACF,qEACE,iBAAiB,IAClB,uFAAuF,KAAK,cAAc,YAAY,GACxH,CACF;KACA,eAAe;EAElB,MAAM,SAAS,SAAiB;GAC9B,MAAM,QAAQ,sBAAsB,KAAK;AACzC,OAAI,CAAC,MAAO;AACZ,gBAAa,MAAM;AAEnB,YAAS;AACT,WAAQ;IAAE,KAAK;IAAO;IAAM,CAAC;;EAK/B,MAAM,cAAc,SAAiB;AACnC,eAAY,KAAK,KAAK;;EAGxB,MAAM,gBAAgB;AACpB,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,MAAM;AAC3B,UAAO,IAAI,UAAU,WAAW;;AAKlC,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,GAAG,UAAU,MAAM;AAC1B,SAAO,GAAG,UAAU,MAAM;AAE1B,SAAO,GAAG,UAAU,WAAW;AAC/B,SAAO,KAAK,UAAU,QAAe;AACnC,gBAAa,MAAM;AACnB,YAAS;AACT,SAAM;AACN,UAAO,IAAI;IACX;AACF,SAAO,KAAK,SAAS,SAAwB;AAC3C,OAAI,QAAS;AACb,gBAAa,MAAM;AACnB,YAAS;AACT,0BACE,IAAI,MACF,+CAA+C,QAAQ,OAAO,kCAAkC,YAAY,GAC7G,CACF;IACD;GACF"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ait-co/devtools",
-  "version": "0.1.62",
+  "version": "0.1.64",
   "description": "Development tools for Apps in Toss mini-apps — mock SDK, floating devtools panel, and universal bundler plugin",
   "type": "module",
   "engines": {