@getpaseo/server 0.1.91-beta.1 → 0.1.91

package/dist/server/server/agent/providers/pi/session-descriptor.js

@@ -0,0 +1,304 @@
+import { open, readdir, readFile, stat } from "node:fs/promises";
+import { homedir } from "node:os";
+import path from "node:path";
+import { createRealpathAwarePathMatcher } from "../../../../utils/path.js";
+const PI_PROVIDER = "pi";
+const PI_CONFIG_DIR_NAME = ".pi";
+const PI_AGENT_DIR_ENV = "PI_CODING_AGENT_DIR";
+const PI_SESSION_DIR_ENV = "PI_CODING_AGENT_SESSION_DIR";
+const HEAD_BYTES = 64 * 1024;
+const TAIL_BYTES = 256 * 1024;
+const FULL_SCAN_LINE_LIMIT = 2000;
+export async function listPiPersistedAgents(options = {}) {
+    const provider = options.provider ?? PI_PROVIDER;
+    const sessionsDir = await resolvePiSessionsDir(options);
+    const files = await walkJsonlFiles(sessionsDir);
+    const matchesCwd = options.cwd ? createRealpathAwarePathMatcher(options.cwd) : null;
+    const limit = options.limit ?? 20;
+    const descriptors = [];
+    for (const file of files) {
+        const descriptor = await readPiSessionDescriptor(file, provider);
+        if (!descriptor)
+            continue;
+        if (matchesCwd && !matchesCwd(descriptor.cwd))
+            continue;
+        descriptors.push(descriptor);
+    }
+    return descriptors
+        .sort((left, right) => right.lastActivityAt.getTime() - left.lastActivityAt.getTime())
+        .slice(0, limit);
+}
+async function resolvePiSessionsDir(options) {
+    const env = options.env ?? process.env;
+    const homeDir = options.homeDir ?? homedir();
+    const baseDir = options.cwd ?? process.cwd();
+    if (options.sessionDir?.trim()) {
+        return resolveConfigPath(options.sessionDir, { baseDir, homeDir });
+    }
+    const agentDir = resolvePiAgentDir({ runtimeSettings: options.runtimeSettings, env, homeDir });
+    const envSessionDir = options.runtimeSettings?.env?.[PI_SESSION_DIR_ENV] ?? env[PI_SESSION_DIR_ENV];
+    if (envSessionDir?.trim()) {
+        return resolveConfigPath(envSessionDir, { baseDir, homeDir });
+    }
+    const settingsSessionDir = await readConfiguredSessionDir({
+        agentDir,
+        cwd: options.cwd,
+    });
+    if (settingsSessionDir?.trim()) {
+        return resolveConfigPath(settingsSessionDir, { baseDir, homeDir });
+    }
+    return path.join(agentDir, "sessions");
+}
+function resolvePiAgentDir(input) {
+    const configured = input.runtimeSettings?.env?.[PI_AGENT_DIR_ENV] ?? input.env[PI_AGENT_DIR_ENV];
+    if (configured?.trim()) {
+        return resolveConfigPath(configured, { baseDir: process.cwd(), homeDir: input.homeDir });
+    }
+    return path.join(input.homeDir, PI_CONFIG_DIR_NAME, "agent");
+}
+async function readConfiguredSessionDir(input) {
+    const values = await Promise.all([
+        readSessionDirFromSettings(path.join(input.agentDir, "settings.json")),
+        input.cwd
+            ? readSessionDirFromSettings(path.join(input.cwd, PI_CONFIG_DIR_NAME, "settings.json"))
+            : null,
+    ]);
+    return values[1] ?? values[0] ?? null;
+}
+async function readSessionDirFromSettings(settingsPath) {
+    try {
+        const parsed = JSON.parse(await readFile(settingsPath, "utf8"));
+        if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
+            return null;
+        }
+        const sessionDir = Reflect.get(parsed, "sessionDir");
+        return typeof sessionDir === "string" && sessionDir.trim() ? sessionDir : null;
+    }
+    catch {
+        return null;
+    }
+}
+function resolveConfigPath(value, options) {
+    if (value === "~") {
+        return options.homeDir;
+    }
+    if (value.startsWith("~/")) {
+        return path.join(options.homeDir, value.slice(2));
+    }
+    return path.isAbsolute(value) ? value : path.resolve(options.baseDir, value);
+}
+async function walkJsonlFiles(root) {
+    let entries;
+    try {
+        entries = await readdir(root, { withFileTypes: true });
+    }
+    catch {
+        return [];
+    }
+    const files = await Promise.all(entries.map(async (entry) => {
+        const entryPath = path.join(root, entry.name);
+        if (entry.isDirectory()) {
+            return await walkJsonlFiles(entryPath);
+        }
+        return entry.isFile() && entry.name.endsWith(".jsonl") ? [entryPath] : [];
+    }));
+    return files.flat();
+}
+async function readPiSessionDescriptor(filePath, provider) {
+    const firstLine = await readFirstLine(filePath);
+    if (!firstLine)
+        return null;
+    const header = parseSessionHeader(firstLine);
+    if (!header)
+        return null;
+    const tail = await readTail(filePath).catch(() => "");
+    const tailInfo = parseSessionTail(tail);
+    const headInfo = await scanSessionHead(filePath);
+    const title = tailInfo.title ?? headInfo.title ?? headInfo.firstUserMessage;
+    const lastActivityAt = tailInfo.lastActivityAt ?? (await readFileMtime(filePath)) ?? header.createdAt ?? new Date(0);
+    const timeline = buildPreviewTimeline({
+        firstUserMessage: headInfo.firstUserMessage,
+        lastUserMessage: tailInfo.lastUserMessage,
+    });
+    const persistence = {
+        provider,
+        sessionId: header.sessionId,
+        nativeHandle: filePath,
+        metadata: {
+            provider,
+            cwd: header.cwd,
+        },
+    };
+    return {
+        provider,
+        sessionId: header.sessionId,
+        cwd: header.cwd,
+        title,
+        lastActivityAt,
+        persistence,
+        timeline,
+    };
+}
+async function readFirstLine(filePath) {
+    const handle = await open(filePath, "r").catch(() => null);
+    if (!handle)
+        return null;
+    try {
+        const buffer = Buffer.alloc(HEAD_BYTES);
+        const { bytesRead } = await handle.read(buffer, 0, buffer.length, 0);
+        if (bytesRead <= 0)
+            return null;
+        const chunk = buffer.subarray(0, bytesRead).toString("utf8");
+        const newlineIndex = chunk.indexOf("\n");
+        return (newlineIndex === -1 ? chunk : chunk.slice(0, newlineIndex)).trim();
+    }
+    finally {
+        await handle.close().catch(() => undefined);
+    }
+}
+async function readTail(filePath) {
+    const fileStats = await stat(filePath);
+    const start = Math.max(0, fileStats.size - TAIL_BYTES);
+    const length = fileStats.size - start;
+    const handle = await open(filePath, "r");
+    try {
+        const buffer = Buffer.alloc(length);
+        const { bytesRead } = await handle.read(buffer, 0, buffer.length, start);
+        return buffer.subarray(0, bytesRead).toString("utf8");
+    }
+    finally {
+        await handle.close().catch(() => undefined);
+    }
+}
+async function readFileMtime(filePath) {
+    try {
+        return (await stat(filePath)).mtime;
+    }
+    catch {
+        return null;
+    }
+}
+function parseSessionHeader(firstLine) {
+    const entry = parseJsonRecord(firstLine);
+    if (!entry || entry.type !== "session")
+        return null;
+    const sessionId = typeof entry.id === "string" ? entry.id : null;
+    const cwd = typeof entry.cwd === "string" ? entry.cwd : null;
+    if (!sessionId || !cwd)
+        return null;
+    const createdAt = parseDate(entry.timestamp);
+    return { sessionId, cwd, createdAt };
+}
+function parseSessionTail(tail) {
+    const lines = tail.split(/\r?\n/u);
+    let title = null;
+    let lastActivityAt = null;
+    let fallbackTimestamp = null;
+    let lastUserMessage = null;
+    for (let index = lines.length - 1; index >= 0; index -= 1) {
+        const entry = parseJsonRecord(lines[index].trim());
+        if (!entry)
+            continue;
+        if (!title && entry.type === "session_info") {
+            title = readNonEmptyString(entry.name);
+        }
+        const entryTimestamp = parseDate(entry.timestamp);
+        if (!fallbackTimestamp && entryTimestamp) {
+            fallbackTimestamp = entryTimestamp;
+        }
+        if (entry.type !== "message") {
+            continue;
+        }
+        if (!lastActivityAt && entryTimestamp) {
+            lastActivityAt = entryTimestamp;
+        }
+        if (!lastUserMessage && isRecord(entry.message) && entry.message.role === "user") {
+            lastUserMessage = extractMessageText(entry.message.content);
+        }
+        if (title && lastActivityAt && lastUserMessage) {
+            break;
+        }
+    }
+    return { title, lastActivityAt: lastActivityAt ?? fallbackTimestamp, lastUserMessage };
+}
+async function scanSessionHead(filePath) {
+    let content;
+    try {
+        content = await readFile(filePath, "utf8");
+    }
+    catch {
+        return { title: null, firstUserMessage: null };
+    }
+    let title = null;
+    let firstUserMessage = null;
+    let lineCount = 0;
+    for (const rawLine of content.split(/\r?\n/u)) {
+        lineCount += 1;
+        const entry = parseJsonRecord(rawLine.trim());
+        if (!entry)
+            continue;
+        if (entry.type === "session_info") {
+            title = readNonEmptyString(entry.name) ?? title;
+        }
+        if (!firstUserMessage && entry.type === "message" && isRecord(entry.message)) {
+            if (entry.message.role === "user") {
+                firstUserMessage = extractMessageText(entry.message.content);
+            }
+        }
+        if (title && firstUserMessage) {
+            break;
+        }
+        if (lineCount >= FULL_SCAN_LINE_LIMIT && firstUserMessage) {
+            break;
+        }
+    }
+    return { title, firstUserMessage };
+}
+function buildPreviewTimeline(input) {
+    const items = [];
+    if (input.firstUserMessage) {
+        items.push({ type: "user_message", text: input.firstUserMessage });
+    }
+    if (input.lastUserMessage && input.lastUserMessage !== input.firstUserMessage) {
+        items.push({ type: "user_message", text: input.lastUserMessage });
+    }
+    return items;
+}
+function parseJsonRecord(line) {
+    if (!line)
+        return null;
+    try {
+        const parsed = JSON.parse(line);
+        return isRecord(parsed) ? parsed : null;
+    }
+    catch {
+        return null;
+    }
+}
+function isRecord(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function readNonEmptyString(value) {
+    return typeof value === "string" && value.trim() ? value.trim() : null;
+}
+function parseDate(value) {
+    if (typeof value !== "string" && typeof value !== "number") {
+        return null;
+    }
+    const date = new Date(value);
+    return Number.isNaN(date.getTime()) ? null : date;
+}
+function extractMessageText(content) {
+    if (typeof content === "string") {
+        return content.trim() || null;
+    }
+    if (!Array.isArray(content)) {
+        return null;
+    }
+    const text = content
+        .flatMap((part) => isRecord(part) && part.type === "text" && typeof part.text === "string" ? [part.text] : [])
+        .join("\n\n")
+        .trim();
+    return text || null;
+}
+//# sourceMappingURL=session-descriptor.js.map

package/dist/server/server/agent/providers/pi/test-utils/fake-pi.d.ts

@@ -15,6 +15,10 @@ export declare class FakePiSession implements PiRuntimeSession {
         message: string;
         imageCount: number;
     }>;
+    readonly compactRequests: Array<{
+        customInstructions?: string;
+    }>;
+    readonly setAutoCompactionRequests: boolean[];
     readonly setModelRequests: Array<{
         provider: string;
         modelId: string;
@@ -41,6 +45,8 @@ export declare class FakePiSession implements PiRuntimeSession {
     messages: PiAgentMessage[];
     stats: PiSessionStats;
     commands: PiRpcSlashCommand[];
+    compactError: Error | null;
+    emitCompactEnd: boolean;
     state: PiSessionState;
     private readonly subscribers;
     constructor(launch: PiRuntimeLaunch);
@@ -50,6 +56,8 @@ export declare class FakePiSession implements PiRuntimeSession {
         data: string;
         mimeType: string;
     }>): Promise<void>;
+    compact(customInstructions?: string): Promise<void>;
+    setAutoCompaction(enabled: boolean): Promise<void>;
     abort(): Promise<void>;
     getState(): Promise<PiSessionState>;
     getMessages(): Promise<PiAgentMessage[]>;

package/dist/server/server/agent/providers/pi/test-utils/fake-pi.js

@@ -31,6 +31,8 @@ export class FakePi {
 export class FakePiSession {
     constructor(launch) {
         this.prompts = [];
+        this.compactRequests = [];
+        this.setAutoCompactionRequests = [];
         this.setModelRequests = [];
         this.setThinkingLevelRequests = [];
         this.treeNavigationRequests = [];
@@ -46,12 +48,15 @@ export class FakePiSession {
             cost: 0,
         };
         this.commands = [];
+        this.compactError = null;
+        this.emitCompactEnd = true;
         this.subscribers = new Set();
         this.state = {
             model: null,
             thinkingLevel: "medium",
             isStreaming: false,
             isCompacting: false,
+            autoCompactionEnabled: true,
             sessionFile: launch.session ?? "/tmp/pi-session",
             sessionId: "pi-session-1",
             messageCount: 0,
@@ -69,6 +74,23 @@ export class FakePiSession {
         this.handleTreeNavigationCommand(message);
         this.handleEntryCaptureCommand(message);
     }
+    async compact(customInstructions) {
+        this.compactRequests.push(customInstructions === undefined ? {} : { customInstructions });
+        this.emit({ type: "compaction_start", reason: "manual" });
+        if (this.emitCompactEnd) {
+            this.emit({ type: "compaction_end", reason: "manual" });
+        }
+        if (this.compactError) {
+            throw this.compactError;
+        }
+    }
+    async setAutoCompaction(enabled) {
+        this.setAutoCompactionRequests.push(enabled);
+        this.state = {
+            ...this.state,
+            autoCompactionEnabled: enabled,
+        };
+    }
     async abort() {
         this.abortRequested = true;
     }

package/dist/server/server/agent/runtime-mcp-config.d.ts

@@ -0,0 +1,8 @@
+import type { AgentSessionConfig } from "./agent-sdk-types.js";
+export declare function stripInternalPaseoMcpServer(config: AgentSessionConfig): AgentSessionConfig;
+export declare function withRuntimePaseoMcpServer(params: {
+    config: AgentSessionConfig;
+    agentId: string;
+    mcpBaseUrl: string | null;
+}): AgentSessionConfig;
+//# sourceMappingURL=runtime-mcp-config.d.ts.map

package/dist/server/server/agent/runtime-mcp-config.js

@@ -0,0 +1,50 @@
+const PASEO_MCP_SERVER_NAME = "paseo";
+const PASEO_MCP_PATHNAME = "/mcp/agents";
+export function stripInternalPaseoMcpServer(config) {
+    const mcpServers = config.mcpServers;
+    if (!mcpServers) {
+        return config;
+    }
+    const paseoServer = mcpServers[PASEO_MCP_SERVER_NAME];
+    if (!paseoServer || !isInternalPaseoMcpServer(paseoServer)) {
+        return config;
+    }
+    const nextMcpServers = { ...mcpServers };
+    delete nextMcpServers[PASEO_MCP_SERVER_NAME];
+    const next = { ...config };
+    if (Object.keys(nextMcpServers).length > 0) {
+        next.mcpServers = nextMcpServers;
+    }
+    else {
+        delete next.mcpServers;
+    }
+    return next;
+}
+export function withRuntimePaseoMcpServer(params) {
+    const storedConfig = stripInternalPaseoMcpServer(params.config);
+    if (!params.mcpBaseUrl || storedConfig.mcpServers?.[PASEO_MCP_SERVER_NAME]) {
+        return storedConfig;
+    }
+    return {
+        ...storedConfig,
+        mcpServers: {
+            [PASEO_MCP_SERVER_NAME]: {
+                type: "http",
+                url: `${params.mcpBaseUrl}?callerAgentId=${params.agentId}`,
+            },
+            ...storedConfig.mcpServers,
+        },
+    };
+}
+function isInternalPaseoMcpServer(config) {
+    if (config.type !== "http" && config.type !== "sse") {
+        return false;
+    }
+    try {
+        return new URL(config.url).pathname === PASEO_MCP_PATHNAME;
+    }
+    catch {
+        return false;
+    }
+}
+//# sourceMappingURL=runtime-mcp-config.js.map

package/dist/server/server/auth.js

@@ -84,10 +84,25 @@ export function createRequireBearerMiddleware(auth, onReject) {
         })();
     };
 }
+// Routes that authenticate via their own capability and therefore must not be
+// gated a second time behind the daemon password.
+const BEARER_AUTH_BYPASS_PATHS = new Set([
+    // Unauthenticated liveness probe.
+    "/api/health",
+    // Guarded by a single-use download token (crypto-random UUID, 60s TTL,
+    // consumed on first use) that is only ever issued over the
+    // already-authenticated WebSocket. The token IS the capability for this
+    // route. Requiring the daemon password on top of it breaks browser and
+    // Electron downloads: those trigger the download via an anchor navigation,
+    // which cannot attach an `Authorization` header. The download endpoint still
+    // rejects requests without a valid token (400/403), so dropping the bearer
+    // here does not make the route unauthenticated.
+    "/api/files/download",
+]);
 export function shouldBypassBearerAuth(method, path) {
     if (method === "OPTIONS") {
         return true;
     }
-    return path === "/api/health";
+    return BEARER_AUTH_BYPASS_PATHS.has(path);
 }
 //# sourceMappingURL=auth.js.map

package/dist/server/server/auto-archive-on-merge/archive-if-safe.js

@@ -34,10 +34,10 @@ export async function archiveIfSafe(input) {
         if (!snapshot) {
             return;
         }
-        if (snapshot.git.isDirty === true || snapshot.git.aheadOfOrigin === null) {
+        if (snapshot.git.isDirty === true) {
             return;
         }
-        if (snapshot.git.aheadOfOrigin > 0) {
+        if (typeof snapshot.git.aheadOfOrigin === "number" && snapshot.git.aheadOfOrigin > 0) {
             return;
         }
         const ownership = await deps.isPaseoOwnedWorktreeCwd(cwd, {

package/dist/server/server/daemon-worker.js

@@ -1,8 +1,39 @@
+import { appendFileSync, mkdirSync } from "node:fs";
+import path from "node:path";
 import { createPaseoDaemon } from "./bootstrap.js";
 import { loadConfig } from "./config.js";
 import { resolvePaseoHome } from "./paseo-home.js";
 import { createRootLogger } from "./logger.js";
 process.title = "Paseo Daemon";
+function isPidAlive(pid) {
+    try {
+        process.kill(pid, 0);
+        return true;
+    }
+    catch (err) {
+        if (typeof err === "object" && err !== null && "code" in err && err.code === "EPERM") {
+            return true;
+        }
+        return false;
+    }
+}
+function writeWorkerLifecycleLog(paseoHome, message, fields = {}) {
+    try {
+        const logPath = path.join(paseoHome, "daemon.log");
+        mkdirSync(path.dirname(logPath), { recursive: true });
+        appendFileSync(logPath, `${JSON.stringify({
+            level: "warn",
+            time: new Date().toISOString(),
+            pid: process.pid,
+            name: "DaemonWorker",
+            msg: message,
+            ...fields,
+        })}\n`, "utf8");
+    }
+    catch {
+        // Exit-reason logging must never prevent the worker from exiting.
+    }
+}
 function bootstrapFromEnvironment() {
     try {
         const paseoHome = resolvePaseoHome();
@@ -31,7 +62,7 @@ function applyCliFlagOverrides(config) {
     }
 }
 async function main() {
-    const { logger, config } = bootstrapFromEnvironment();
+    const { paseoHome, logger, config } = bootstrapFromEnvironment();
     let daemon = null;
     let shutdownPromise = null;
     let exitHookInstalled = false;
@@ -107,6 +138,58 @@ async function main() {
         }
         beginShutdown("restart lifecycle intent", { successExitCode: 0 });
     };
+    const installSupervisorLivenessGuard = () => {
+        if (typeof process.send !== "function") {
+            return;
+        }
+        const supervisorPid = process.ppid;
+        let lastSupervisorHeartbeatAt = Date.now();
+        let supervisorExitRequested = false;
+        const exitAfterSupervisorLoss = (reason) => {
+            if (supervisorExitRequested) {
+                return;
+            }
+            supervisorExitRequested = true;
+            writeWorkerLifecycleLog(paseoHome, "Supervisor liveness lost; worker exiting", {
+                reason,
+                supervisorPid,
+                currentParentPid: process.ppid,
+                ipcConnected: typeof process.connected === "boolean" ? process.connected : null,
+                heartbeatAgeMs: Date.now() - lastSupervisorHeartbeatAt,
+            });
+            // The supervisor owns the worker's stdout/stderr pipes. Once it is gone,
+            // logging during graceful shutdown can block on the broken pipe and leave
+            // the daemon orphaned, so supervisor loss is a hard process boundary.
+            process.exit(0);
+        };
+        process.on("message", (message) => {
+            if (typeof message === "object" &&
+                message !== null &&
+                "type" in message &&
+                message.type === "paseo:supervisor-heartbeat") {
+                lastSupervisorHeartbeatAt = Date.now();
+            }
+        });
+        process.on("disconnect", () => exitAfterSupervisorLoss("ipc_disconnect_event"));
+        const timer = setInterval(() => {
+            const ipcConnected = typeof process.connected === "boolean" ? process.connected : true;
+            const heartbeatExpired = Date.now() - lastSupervisorHeartbeatAt > 3500;
+            const supervisorChanged = process.ppid !== supervisorPid;
+            if (ipcConnected === false) {
+                exitAfterSupervisorLoss("ipc_disconnected");
+                return;
+            }
+            if (supervisorChanged) {
+                exitAfterSupervisorLoss("supervisor_parent_pid_changed");
+                return;
+            }
+            if (heartbeatExpired && !isPidAlive(supervisorPid)) {
+                exitAfterSupervisorLoss("supervisor_pid_dead");
+            }
+        }, 1000);
+        timer.unref();
+    };
+    installSupervisorLivenessGuard();
     try {
         daemon = await createPaseoDaemon({
             ...config,

package/dist/server/server/file-upload/index.d.ts

@@ -0,0 +1,27 @@
+import { type FileTransferFrame } from "@getpaseo/protocol/binary-frames/index";
+import type { FileUploadRequest, FileUploadResponse } from "../messages.js";
+interface FileUploadStoreOptions {
+    paseoHome: string;
+    staleUploadTimeoutMs?: number;
+}
+export declare class FileUploadStore {
+    private static readonly defaultStaleUploadTimeoutMs;
+    private readonly paseoHome;
+    private readonly staleUploadTimeoutMs;
+    private readonly pending;
+    constructor(options: FileUploadStoreOptions);
+    beginUpload(request: FileUploadRequest): void;
+    receiveFrame(frame: FileTransferFrame): Promise<FileUploadResponse | null>;
+    private applyFrame;
+    private startWriting;
+    private writeChunk;
+    private completeUpload;
+    private createStaleUploadTimeout;
+    private refreshStaleUploadTimeout;
+    private expireStaleUpload;
+    private clearPendingUpload;
+    private removeFailedUpload;
+    private removeUploadDirectory;
+}
+export {};
+//# sourceMappingURL=index.d.ts.map