npm - @firstpick/pi-package-webui - Versions diffs - 0.3.7 → 0.3.9 - Mend

@firstpick/pi-package-webui 0.3.7 → 0.3.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/README.md +2 -1
package/WEBUI_TUI_NATIVE_PARITY.json +22 -22
package/bin/pi-webui.mjs +259 -112
package/images/WebUI_v0.3.7.png +0 -0
package/index.ts +15 -4
package/lib/auth-actions.mjs +81 -0
package/lib/native-command-adapter.mjs +220 -0
package/lib/session-actions.mjs +134 -0
package/lib/temp-artifacts.mjs +34 -0
package/lib/trust-boundaries.mjs +141 -0
package/package.json +8 -4
package/public/app.js +554 -94
package/public/index.html +2 -2
package/public/service-worker.js +23 -9
package/public/styles.css +111 -0
package/start-webui.sh +6 -5
package/tests/fixtures/fake-pi.mjs +73 -0
package/tests/http-endpoints-harness.test.mjs +146 -0
package/tests/mobile-static.test.mjs +45 -21
package/tests/native-parity-harness.test.mjs +147 -0
package/tests/native-parity.test.mjs +25 -6
package/tests/run-all.mjs +19 -0
package/tests/session-auth-harness.test.mjs +140 -0
package/tests/temp-artifacts-harness.test.mjs +38 -0

package/README.md CHANGED Viewed

@@ -2,7 +2,7 @@
 Local browser UI for [Pi coding agent](https://www.npmjs.com/package/@earendil-works/pi-coding-agent).
-![Pi Web UI main window showing multi-tab chat, controls, theme picker, and local status](https://unpkg.com/@firstpick/pi-package-webui/images/Main_Window_v0.1.7.png)
+![Pi Web UI main window showing multi-tab chat, controls, theme picker, and local status](https://unpkg.com/@firstpick/pi-package-webui/images/WebUI_v0.3.7.png)
 Pi Web UI gives you a local browser companion for Pi: multi-tab chat, streaming output, model controls, uploads, slash-command helpers, workspace navigation, and optional extension widgets.
@@ -158,6 +158,7 @@ Optional companions:
 - `@firstpick/pi-prompts-git-pr` — guided Git commit/push workflow.
 - `@firstpick/pi-extension-release-npm` — NPM publish menu and release widgets.
 - `@firstpick/pi-extension-release-aur` — AUR publish menu and release widgets.
+- `@firstpick/pi-extension-safety-guard` — interactive guardrails for dangerous bash commands and protected file edits.
 - `@firstpick/pi-extension-setup-skills` — TUI `/skills` setup command alongside WebUI-native skill toggles.
 - `@firstpick/pi-extension-todo-progress` — todo-progress rendering.
 - `@firstpick/pi-extension-tools` — TUI `/tools` active-tool manager alongside WebUI-native tool toggles.

package/WEBUI_TUI_NATIVE_PARITY.json CHANGED Viewed

@@ -235,7 +235,7 @@
       "priority": "P1",
       "sensitive": true,
       "guards": ["trusted-context", "confirmation", "feature-flag"],
-      "currentBehavior": "Browser shows non-secret guidance only.",
+      "currentBehavior": "Browser selector lists provider auth status from GET /api/auth-providers but still directs OAuth/API-key login to the Pi TUI.",
       "targetBehavior": "Support OAuth/device-code/API-key providers through server AuthStorage; API keys only over trusted contexts and never browser storage/logs/transcripts."
     },
     {
@@ -244,12 +244,12 @@
       "category": "native-command",
       "title": "Provider logout",
       "command": { "name": "logout", "description": "Remove provider authentication" },
-      "webStatus": "degraded",
+      "webStatus": "implemented",
       "priority": "P1",
       "sensitive": true,
       "guards": ["confirmation", "feature-flag"],
-      "currentBehavior": "Browser shows guidance only.",
-      "targetBehavior": "List auth.json credentials only, label env/config credentials as not removable here, confirm per provider, and refresh auth/model state."
+      "currentBehavior": "Browser selector lists auth.json credentials only, confirms per provider, and removes them through localhost-only POST /api/auth-logout.",
+      "targetBehavior": "Keep auth.json-only removal with env/config credentials labeled as not removable from the Web UI."
     },
     {
       "id": "/new",
@@ -287,8 +287,8 @@
       "priority": "P1",
       "sensitive": true,
       "guards": ["confirmation", "feature-flag"],
-      "currentBehavior": "Partial browser selector supports current/all scope and switch.",
-      "targetBehavior": "Add sort/path/named toggles, metadata rename, safe trash delete, active/open tab guards, and compact path default."
+      "currentBehavior": "Browser selector supports current/all scope, switch, metadata rename, and localhost-only safe delete with open-tab/active-session guards.",
+      "targetBehavior": "Add sort/path/named toggles and compact path default."
     },
     {
       "id": "/reload",
@@ -517,7 +517,7 @@
       "priority": "P1",
       "sensitive": true,
       "guards": ["confirmation"],
-      "currentBehavior": "Switch endpoint validates .jsonl path, opens SessionManager, and sends RPC switch_session.",
+      "currentBehavior": "Switch endpoint validates .jsonl path, confines it to the configured Pi session directory, opens SessionManager, and sends RPC switch_session.",
       "targetBehavior": "Preserve tab-scoped switch and add richer selector metadata."
     },
     {
@@ -525,24 +525,24 @@
       "kind": "session-action",
       "category": "session",
       "title": "Resume rename metadata",
-      "webStatus": "unsupported",
+      "webStatus": "implemented",
       "priority": "P1",
       "sensitive": false,
       "guards": ["feature-flag"],
-      "currentBehavior": "No Web UI resume rename endpoint.",
-      "targetBehavior": "Append-only session_info metadata rename without file rename."
+      "currentBehavior": "POST /api/session-rename appends session_info metadata through SessionManager.appendSessionInfo without renaming the .jsonl file; target paths are confined to the Pi session directory.",
+      "targetBehavior": "Keep append-only session_info metadata rename without file rename."
     },
     {
       "id": "session.resume.delete",
       "kind": "session-action",
       "category": "session",
       "title": "Resume safe delete",
-      "webStatus": "unsupported",
+      "webStatus": "implemented",
       "priority": "P1",
       "sensitive": true,
       "guards": ["confirmation", "feature-flag"],
-      "currentBehavior": "No Web UI session delete endpoint.",
-      "targetBehavior": "Trash/noninvasive delete with active/open-tab guards and confirmation."
+      "currentBehavior": "POST /api/session-delete is localhost-only, requires confirmed: true, blocks active/open-tab sessions, confines targets to the Pi session directory, and prefers trash with unlink fallback.",
+      "targetBehavior": "Keep trash/noninvasive delete with active/open-tab guards and confirmation."
     },
     {
       "id": "extension-ui.notify",
@@ -657,36 +657,36 @@
       "kind": "native-command-adapter",
       "category": "foundation",
       "title": "Native command adapter response shape",
-      "webStatus": "unsupported",
+      "webStatus": "implemented",
       "priority": "P0",
       "sensitive": false,
       "guards": ["none"],
-      "currentBehavior": "Native command handling is split between frontend selectors and server switch cases with inconsistent result shape.",
-      "targetBehavior": "Central server-authoritative adapter response supporting transcript cards, toasts/events, tab metadata, downloads/open URLs, clipboard text, warnings/confirmations, refresh hints, and degraded/unavailable states."
+      "currentBehavior": "Server-native slash commands route through lib/native-command-adapter.mjs with a shared response envelope (status, cards, toasts, warnings, refresh, download, copyText, tab metadata). Frontend applyNativeSlashCommandEffects consumes the adapter shape.",
+      "targetBehavior": "Keep the centralized adapter current as new native slash commands and selector flows are added."
     },
     {
       "id": "security.trust-boundaries",
       "kind": "security-guard",
       "category": "foundation",
       "title": "Sensitive native feature trust boundaries",
-      "webStatus": "degraded",
+      "webStatus": "implemented",
       "priority": "P0",
       "sensitive": true,
       "guards": ["localhost", "trusted-context", "confirmation"],
-      "currentBehavior": "Some endpoints are localhost-gated; native parity features do not yet share a common policy.",
-      "targetBehavior": "Shared localhost/trusted-context/confirmation policy for login/logout/share/import/export/quit/bash/optional installs/network exposure."
+      "currentBehavior": "lib/trust-boundaries.mjs centralizes localhost route gating (including network open/close), native-command guard evaluation, and remote-shell warnings for LAN clients. Session switch/rename/delete paths are confined to the Pi session directory. Sensitive slash commands return blocked adapter cards instead of raw HTTP errors.",
+      "targetBehavior": "Extend the shared policy to remaining sensitive native flows (login/logout/share/import/quit) and explicit confirmation UI where required."
     },
     {
       "id": "tests.native-parity-harness",
       "kind": "test-harness",
       "category": "foundation",
       "title": "Native parity helper/endpoint tests",
-      "webStatus": "degraded",
+      "webStatus": "implemented",
       "priority": "P0",
       "sensitive": false,
       "guards": ["none"],
-      "currentBehavior": "Static tests exist; no focused native parity matrix/helper harness yet.",
-      "targetBehavior": "Fixture-driven server helper tests first, lightweight HTTP endpoint tests where request semantics matter, and fake RPC tab adapters in normal CI."
+      "currentBehavior": "tests/native-parity-harness.test.mjs exercises trust-boundaries and native-command-adapter helpers against WEBUI_TUI_NATIVE_PARITY.json fixtures, and tests/http-endpoints-harness.test.mjs boots the real server with a fake pi RPC stub to cover command routing, bash queue serialization, session-dir confinement, and localhost trust guards over HTTP.",
+      "targetBehavior": "Extend HTTP endpoint coverage to SSE events, tab lifecycle (create/patch/close), and session selector flows."
     }
   ]
 }