npm - @cortexkit/opencode-magic-context - Versions diffs - 0.21.7 → 0.22.0 - Mend

@cortexkit/opencode-magic-context 0.21.7 → 0.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (214) hide show

package/src/shared/rpc-client.ts CHANGED Viewed

@@ -17,6 +17,7 @@ type NonRetryableRpcError = Error & { [NON_RETRYABLE_RPC_ERROR]: true };
 export class MagicContextRpcClient {
     private port: number | null = null;
+    private token: string | null = null;
     private portDir: string;
     private legacyPortFilePath: string;
     private healthChecked = false;
@@ -46,7 +47,14 @@ export class MagicContextRpcClient {
                     `http://127.0.0.1:${port}/rpc/${method}`,
                     {
                         method: "POST",
-                        headers: { "Content-Type": "application/json" },
+                        headers: {
+                            "Content-Type": "application/json",
+                            // The server requires this per-process token on all
+                            // non-health calls; read from the same port file used
+                            // for discovery. Older servers wrote no token — send
+                            // nothing then (they also require nothing).
+                            ...(this.token ? { Authorization: `Bearer ${this.token}` } : {}),
+                        },
                         body: JSON.stringify(params),
                     },
                 );
@@ -105,13 +113,14 @@ export class MagicContextRpcClient {
         }
         for (let attempt = 0; attempt < MAX_RETRIES; attempt++) {
-            const port = this.readPortFile();
-            if (port) {
-                const alive = await this.healthCheck(port);
+            const record = this.readPortFile();
+            if (record) {
+                const alive = await this.healthCheck(record.port);
                 if (alive) {
-                    this.port = port;
+                    this.port = record.port;
+                    this.token = record.token ?? null;
                     this.healthChecked = true;
-                    return port;
+                    return record.port;
                 }
             }
@@ -123,7 +132,7 @@ export class MagicContextRpcClient {
         return null;
     }
-    private readPortFile(): number | null {
+    private readPortFile(): RpcPortFileRecord | null {
         const records: RpcPortFileRecord[] = [];
         try {
@@ -139,13 +148,13 @@ export class MagicContextRpcClient {
         if (records.length > 0) {
             records.sort((a, b) => b.started_at - a.started_at);
-            return records[0].port;
+            return records[0];
         }
         try {
             const record = parseRpcPortFile(readFileSync(this.legacyPortFilePath, "utf-8"));
             if (record?.pid && !isPidAlive(record.pid)) return null;
-            return record?.port ?? null;
+            return record;
         } catch {
             return null;
         }
@@ -174,6 +183,7 @@ export class MagicContextRpcClient {
     reset(): void {
         this.port = null;
+        this.token = null;
         this.healthChecked = false;
     }
 }

package/src/shared/rpc-notifications.test.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { describe, expect, test } from "bun:test";
-import { drainNotifications, pushNotification } from "./rpc-notifications";
+import { drainNotifications, isTuiConnected, pushNotification } from "./rpc-notifications";
 describe("rpc notifications", () => {
     test("keeps messages queued until the client acks their id", () => {
@@ -17,4 +17,57 @@ describe("rpc notifications", () => {
         const lastReceivedId = Math.max(...firstPoll.map((m) => m.id));
         expect(drainNotifications(lastReceivedId)).toEqual([]);
     });
+    test("scopes drain to the requesting session; other sessions' items survive", () => {
+        // drain everything left from prior tests
+        drainNotifications(Number.MAX_SAFE_INTEGER);
+        pushNotification("for-a", { action: "show-upgrade-dialog" }, "ses_A");
+        pushNotification("for-b", { action: "show-upgrade-dialog" }, "ses_B");
+        pushNotification("global", { action: "show-status-dialog" });
+        // Session A sees only its own item + the global one, never ses_B's.
+        const aPoll = drainNotifications(0, "ses_A");
+        expect(aPoll.map((m) => m.type).sort()).toEqual(["for-a", "global"]);
+        // Acking session A must NOT prune session B's still-unseen notification.
+        const ackId = Math.max(...aPoll.map((m) => m.id));
+        drainNotifications(ackId, "ses_A");
+        const bPoll = drainNotifications(0, "ses_B");
+        expect(bPoll.map((m) => m.type)).toContain("for-b");
+    });
+    test("session-less drain (legacy client) still receives all items", () => {
+        drainNotifications(Number.MAX_SAFE_INTEGER);
+        pushNotification("x", { ok: true }, "ses_1");
+        pushNotification("y", { ok: true }, "ses_2");
+        const poll = drainNotifications(0);
+        expect(poll.map((m) => m.type).sort()).toEqual(["x", "y"]);
+    });
+    test("isTuiConnected is per-session: a TUI on session A does not mark session B connected", () => {
+        // A TUI draining for tuiA must not make tuiB's producers think a TUI is
+        // polling for tuiB (which would route tuiB's /ctx-status, upgrade
+        // reminder, etc. to the dialog path and lose them in the unrelated TUI).
+        // Use ids no other test drains so the per-session window is unambiguous.
+        drainNotifications(0, "ses_tuiA_only");
+        expect(isTuiConnected("ses_tuiA_only")).toBe(true);
+        expect(isTuiConnected("ses_tuiB_never_drained")).toBe(false);
+        // The session-less (global) query still reports recent activity for the
+        // legacy callers that have no session context.
+        expect(isTuiConnected()).toBe(true);
+    });
+    test("queue-cap eviction is session-fair: a noisy session cannot evict another session's newest unseen item", () => {
+        drainNotifications(Number.MAX_SAFE_INTEGER);
+        // One quiet session with a single pending dialog.
+        pushNotification("quiet-dialog", { action: "show-upgrade-dialog" }, "ses_quiet");
+        // A noisy session floods well past the 100 cap.
+        for (let i = 0; i < 200; i += 1) {
+            pushNotification("noise", { i }, "ses_noisy");
+        }
+        // The quiet session's newest item must survive the eviction.
+        const quietPoll = drainNotifications(0, "ses_quiet");
+        expect(quietPoll.some((m) => m.type === "quiet-dialog")).toBe(true);
+    });
 });

package/src/shared/rpc-notifications.ts CHANGED Viewed

@@ -16,10 +16,22 @@ export interface RpcNotification {
 let queue: RpcNotification[] = [];
 let nextNotificationId = 1;
-// Timestamp of last drain — used to detect if TUI is actively polling.
+// Timestamp of last drain — used to detect if a TUI is actively polling.
 // The TUI polls every 500ms; we consider it connected if it polled within
 // the last 3 seconds (6× the poll interval, tolerates transient delays).
-let lastDrainAt = 0;
+//
+// PER-SESSION: a single server process can serve MANY sessions (e.g. a TUI on
+// session A plus an OpenCode Desktop opened on session B for the same project,
+// whose newer RPC server this TUI's port discovery then selects). The TUI
+// poller drains with ITS active session id, so a session is "TUI-connected"
+// only if a TUI recently drained FOR THAT session. A process-global timestamp
+// would make session B's producers (`/ctx-status`, upgrade reminder) take the
+// TUI-dialog path because session A's TUI is polling — queuing a B-scoped
+// dialog action that A's poller correctly refuses to show, so B's notice is
+// lost (it also suppressed B's non-TUI fallback). Tracking drains per session
+// routes each producer to the right delivery path.
+const lastDrainAtBySession = new Map<string, number>();
+let lastDrainAtAny = 0;
 const TUI_CONNECTED_WINDOW_MS = 3_000;
 /** Push a notification for TUI to pick up via polling. */
@@ -29,25 +41,82 @@ export function pushNotification(
     sessionId?: string,
 ): void {
     queue.push({ id: nextNotificationId++, type, payload, sessionId });
-    // Cap queue size to prevent unbounded growth if TUI is not polling
+    // Cap queue size to prevent unbounded growth if a TUI is not draining.
+    // Session-FAIR eviction: a naive `slice(-50)` drops the globally-oldest
+    // items, so a noisy session could evict ANOTHER session's single unseen
+    // notification. Instead, always retain each session's newest item, then
+    // fill the rest of the budget with the newest overall — no session can
+    // starve another's pending dialog out of the window.
     if (queue.length > 100) {
-        queue = queue.slice(-50);
+        const newestPerSession = new Map<string | undefined, number>();
+        for (const n of queue) {
+            const prev = newestPerSession.get(n.sessionId);
+            if (prev === undefined || n.id > prev) {
+                newestPerSession.set(n.sessionId, n.id);
+            }
+        }
+        const mustKeep = new Set(newestPerSession.values());
+        const byNewest = [...queue].sort((a, b) => b.id - a.id);
+        const kept: RpcNotification[] = [];
+        for (const n of byNewest) {
+            if (kept.length < 50 || mustKeep.has(n.id)) kept.push(n);
+        }
+        queue = kept.sort((a, b) => a.id - b.id);
     }
 }
 /** Return pending notifications after acking the client's last received id.
- *  Updates lastDrainAt so isTuiConnected() reflects recent activity. */
-export function drainNotifications(lastReceivedId = 0): RpcNotification[] {
-    lastDrainAt = Date.now();
+ *  Updates lastDrainAt so isTuiConnected() reflects recent activity.
+ *
+ *  Session scoping: when `sessionId` is provided, only notifications tagged for
+ *  that session (or session-less/global ones) are returned and pruned — a
+ *  notification tagged for a DIFFERENT session is never handed to this client
+ *  and is never pruned by this client's ack. This matters because the in-memory
+ *  queue is per-process but a TUI can end up draining a process that also serves
+ *  OTHER sessions: e.g. opening OpenCode Desktop on the same project starts a
+ *  newer RPC server that the TUI's port discovery (newest-pid-wins) then selects,
+ *  so a Desktop-session upgrade-dialog action would otherwise surface in an
+ *  unrelated TUI session. Each client also tracks its own `lastReceivedId`, so a
+ *  global watermark prune would let session A's ack drop session B's still-unseen
+ *  notification — scoping the prune to the acking session prevents that too.
+ *
+ *  Delivery is at-least-once (non-destructive return + prune-on-ack): a returned
+ *  notification stays queued until a later call acks it via a higher
+ *  `lastReceivedId`, so a lost poll response re-delivers on the next poll. */
+export function drainNotifications(lastReceivedId = 0, sessionId?: string): RpcNotification[] {
+    const now = Date.now();
+    lastDrainAtAny = now;
+    if (sessionId !== undefined) lastDrainAtBySession.set(sessionId, now);
+    const matchesClient = (notification: RpcNotification): boolean =>
+        sessionId === undefined ||
+        notification.sessionId === undefined ||
+        notification.sessionId === sessionId;
     if (lastReceivedId > 0) {
-        queue = queue.filter((notification) => notification.id > lastReceivedId);
+        // Prune only notifications THIS client both owns (session-matched) and has
+        // acked (id <= lastReceivedId). Other sessions' notifications survive.
+        queue = queue.filter(
+            (notification) => !(notification.id <= lastReceivedId && matchesClient(notification)),
+        );
     }
-    return [...queue];
+    return queue.filter(
+        (notification) => notification.id > lastReceivedId && matchesClient(notification),
+    );
 }
 /** Whether a TUI client is actively polling for notifications.
- *  Returns true only if the TUI has drained within the last 3 seconds.
- *  This prevents stale-connected state after TUI closes or disconnects. */
-export function isTuiConnected(): boolean {
-    return lastDrainAt > 0 && Date.now() - lastDrainAt < TUI_CONNECTED_WINDOW_MS;
+ *  Returns true only if a TUI has drained within the last 3 seconds.
+ *
+ *  Pass `sessionId` (preferred) to ask whether a TUI is polling FOR THAT
+ *  SESSION — this is what producers (`/ctx-status`, `/ctx-recomp`, the upgrade
+ *  reminder) must use to decide dialog-vs-message, so a TUI on a different
+ *  session in the same process does not misroute their delivery. Omit it only
+ *  for legacy/global callers that genuinely have no session context; they fall
+ *  back to "any session recently drained" (the pre-per-session behavior). */
+export function isTuiConnected(sessionId?: string): boolean {
+    const now = Date.now();
+    if (sessionId !== undefined) {
+        const at = lastDrainAtBySession.get(sessionId) ?? 0;
+        return at > 0 && now - at < TUI_CONNECTED_WINDOW_MS;
+    }
+    return lastDrainAtAny > 0 && now - lastDrainAtAny < TUI_CONNECTED_WINDOW_MS;
 }

package/src/shared/rpc-server.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+import { randomBytes } from "node:crypto";
 import {
     mkdirSync,
     readdirSync,
@@ -20,6 +21,11 @@ export class MagicContextRpcServer {
     private portFilePath: string;
     private portDir: string;
     private startedAt = Date.now();
+    // Unguessable per-process bearer token, published in the (user-private) port
+    // file and required on every non-health RPC call. Defends side-effecting
+    // endpoints (recomp/upgrade/dismiss) against any local process or
+    // browser-origin script that merely discovers/guesses the port.
+    private readonly token = randomBytes(32).toString("hex");
     constructor(storageDir: string, directory: string) {
         this.portFilePath = rpcPortFilePath(storageDir, directory);
@@ -57,7 +63,15 @@ export class MagicContextRpcServer {
                 try {
                     this.warnIfOtherLiveInstance();
                     const dir = dirname(this.portFilePath);
-                    mkdirSync(dir, { recursive: true });
+                    // The port file holds the per-process bearer token that
+                    // gates side-effecting RPC endpoints (recomp/upgrade/
+                    // dismiss). Under the default umask 0o022 a plain write
+                    // lands at 0o644 in a 0o755 dir — world-readable, so any
+                    // local UID could read the token and drive those endpoints,
+                    // defeating the auth defense. Restrict both: dir 0o700,
+                    // file 0o600. renameSync preserves the tmp file's mode, so
+                    // the 0o600 on the write covers the final file.
+                    mkdirSync(dir, { recursive: true, mode: 0o700 });
                     const tmpPath = `${this.portFilePath}.tmp`;
                     writeFileSync(
                         tmpPath,
@@ -65,8 +79,9 @@ export class MagicContextRpcServer {
                             port: this.port,
                             pid: process.pid,
                             started_at: this.startedAt,
+                            token: this.token,
                         }),
-                        "utf-8",
+                        { encoding: "utf-8", mode: 0o600 },
                     );
                     renameSync(tmpPath, this.portFilePath);
                     log(`[rpc] server listening on 127.0.0.1:${this.port}`);
@@ -114,8 +129,10 @@ export class MagicContextRpcServer {
     private dispatch(req: IncomingMessage, res: ServerResponse): void {
         const url = req.url ?? "";
-        // CORS headers for same-origin fetch
-        res.setHeader("Access-Control-Allow-Origin", "*");
+        // No wildcard CORS: the only legitimate client is the in-process TUI
+        // client, which is not a browser origin. Omitting
+        // Access-Control-Allow-Origin makes browsers refuse to read responses,
+        // closing the CSRF-style read path a malicious local page could use.
         if (req.method === "GET" && url === "/health") {
             res.writeHead(200, { "Content-Type": "application/json" });
@@ -129,6 +146,18 @@ export class MagicContextRpcServer {
             return;
         }
+        // Require the per-process bearer token on every side-effecting call.
+        // The legitimate TUI client reads it from the same port file it used to
+        // discover the port; a process that only guessed the port cannot.
+        const auth = req.headers.authorization;
+        const presented = typeof auth === "string" ? auth.replace(/^Bearer\s+/i, "") : "";
+        if (presented !== this.token) {
+            res.writeHead(401, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Unauthorized" }));
+            req.resume();
+            return;
+        }
         const method = url.slice(5); // strip "/rpc/"
         const handler = this.handlers.get(method);
         if (!handler) {

package/src/shared/rpc-types.ts CHANGED Viewed

@@ -24,10 +24,23 @@ export interface SidebarSnapshot {
     compartmentTokens: number;
     factTokens: number;
     memoryTokens: number;
+    /**
+     * Token estimate of the injected <project-docs> block (root ARCHITECTURE.md
+     * + STRUCTURE.md) that lives in m[0] in v2. Part of the message stream, not
+     * conversation. Display layer shows this as "Docs".
+     */
+    docsTokens: number;
+    /**
+     * Token estimate of the injected <user-profile> block (promoted user
+     * memories) that lives in m[0] in v2. Part of the message stream, not
+     * conversation. Display layer shows this as "Profile".
+     */
+    profileTokens: number;
     /**
      * Token estimate of real user/assistant discussion (text + reasoning +
-     * image parts) inside messages, excluding injected <session-history>
-     * blocks. Display layer shows this as "Conversation".
+     * image parts) inside messages, excluding injected <session-history>,
+     * <project-docs>, and <user-profile> blocks. Display layer shows this as
+     * "Conversation".
      */
     conversationTokens: number;
     /**
@@ -55,6 +68,23 @@ export interface SidebarSnapshot {
      * scheduler and transform paths.
      */
     executeThreshold: number;
+    newWorkTokens?: number | null;
+    totalInputTokens?: number | null;
+    /**
+     * Live recomp / session-upgrade progress for this session, or null when no
+     * recomp is running (and no recent terminal state is being shown). Drives the
+     * sidebar "Recomp"/"Upgrade" progress bar and the /ctx-status dialog. Mirrors
+     * the runtime `RecompProgress` shape from compartment-runner-types.ts.
+     */
+    recompProgress?: {
+        phase: "recomp" | "migration" | "done" | "failed";
+        processedMessages: number;
+        totalMessages: number;
+        passCount: number;
+        compartmentsCreated: number;
+        message?: string;
+        note?: string;
+    } | null;
 }
 export interface StatusDetail extends SidebarSnapshot {

package/src/shared/rpc-utils.ts CHANGED Viewed

@@ -5,6 +5,15 @@ export interface RpcPortFileRecord {
     port: number;
     pid: number;
     started_at: number;
+    /**
+     * Per-process bearer token. The server requires it on all non-health RPC
+     * calls so a random local process or browser-origin script that merely
+     * discovers/guesses the port cannot drive side-effecting endpoints
+     * (recomp/upgrade/dismiss). Optional in the type for forward/backward
+     * compatibility with port files written by older builds (treated as "no
+     * auth required" only when the server itself didn't set one).
+     */
+    token?: string;
 }
 /**
@@ -56,6 +65,7 @@ export function parseRpcPortFile(content: string, fallbackPid = 0): RpcPortFileR
                 port,
                 pid,
                 started_at: Number.isFinite(startedAt) ? startedAt : 0,
+                token: typeof parsed.token === "string" ? parsed.token : undefined,
             };
         } catch {
             return null;

package/src/shared/sqlite-helpers.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 /**
- * Cross-runtime helpers that smooth over the small bun:sqlite ↔ better-sqlite3
- * API differences without leaking either library into call sites.
+ * Cross-runtime helpers that smooth over the small bun:sqlite ↔ node:sqlite
+ * API differences without leaking either backend into call sites.
  */
 import type { Database } from "./sqlite";
@@ -8,17 +8,17 @@ import type { Database } from "./sqlite";
 /**
  * Close a database, ignoring errors.
  *
- * bun:sqlite supports `db.close(throwOnError = false)`. better-sqlite3 has
- * only `db.close()` and throws on already-closed databases. This helper
- * mirrors the bun "swallow errors" semantics for both runtimes — useful in
- * test teardown and `finally` blocks where the caller doesn't care whether
- * the close succeeded.
+ * bun:sqlite supports `db.close(throwOnError = false)`. node:sqlite has only
+ * `db.close()` and throws ("database is not open") on an already-closed
+ * handle. This helper mirrors the bun "swallow errors" semantics for both
+ * runtimes — useful in test teardown and `finally` blocks where the caller
+ * doesn't care whether the close succeeded.
  */
 export function closeQuietly(db: Database | null | undefined): void {
     if (!db) return;
     // Just attempt close and swallow errors. bun:sqlite has no `open` property,
-    // and better-sqlite3 throws TypeError on already-closed databases — both
-    // are handled by the bare try/catch.
+    // and node:sqlite throws on an already-closed handle — both are handled by
+    // the bare try/catch.
     try {
         db.close();
     } catch {