@h-rig/cli 0.0.6-alpha.87 → 0.0.6-alpha.89

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (78) hide show
  1. package/dist/bin/rig.js +1380 -865
  2. package/dist/src/app/board.js +462 -48
  3. package/dist/src/app-opentui/adapters/common.d.ts +3 -0
  4. package/dist/src/app-opentui/adapters/common.js +4 -0
  5. package/dist/src/app-opentui/adapters/doctor.js +458 -46
  6. package/dist/src/app-opentui/adapters/family.js +701 -151
  7. package/dist/src/app-opentui/adapters/fleet.js +477 -46
  8. package/dist/src/app-opentui/adapters/inbox.js +477 -46
  9. package/dist/src/app-opentui/adapters/init.js +497 -74
  10. package/dist/src/app-opentui/adapters/inspect.js +477 -46
  11. package/dist/src/app-opentui/adapters/pi-attach.d.ts +7 -0
  12. package/dist/src/app-opentui/adapters/pi-attach.js +1004 -519
  13. package/dist/src/app-opentui/adapters/run-detail.js +477 -46
  14. package/dist/src/app-opentui/adapters/server.d.ts +26 -0
  15. package/dist/src/app-opentui/adapters/server.js +676 -59
  16. package/dist/src/app-opentui/adapters/tasks.js +621 -549
  17. package/dist/src/app-opentui/autocomplete.js +4 -2
  18. package/dist/src/app-opentui/bootstrap.js +1376 -861
  19. package/dist/src/app-opentui/command-palette.js +37 -10
  20. package/dist/src/app-opentui/index.js +632 -528
  21. package/dist/src/app-opentui/intent.js +33 -8
  22. package/dist/src/app-opentui/keymap.js +43 -414
  23. package/dist/src/app-opentui/pi-host-child.js +496 -57
  24. package/dist/src/app-opentui/pi-pty-host.d.ts +14 -64
  25. package/dist/src/app-opentui/pi-pty-host.js +3 -397
  26. package/dist/src/app-opentui/react/App.js +144 -469
  27. package/dist/src/app-opentui/react/ChromeHost.js +44 -415
  28. package/dist/src/app-opentui/react/launch.js +659 -552
  29. package/dist/src/app-opentui/react/nav.js +1 -1
  30. package/dist/src/app-opentui/registry.js +1181 -742
  31. package/dist/src/app-opentui/remote-link.d.ts +10 -0
  32. package/dist/src/app-opentui/remote-link.js +47 -0
  33. package/dist/src/app-opentui/render/terminal-handoff.d.ts +16 -0
  34. package/dist/src/app-opentui/render/terminal-handoff.js +14 -0
  35. package/dist/src/app-opentui/runtime.js +632 -528
  36. package/dist/src/app-opentui/scenes/doctor.js +1 -1
  37. package/dist/src/app-opentui/scenes/error.js +50 -4
  38. package/dist/src/app-opentui/scenes/family.js +60 -6
  39. package/dist/src/app-opentui/scenes/fleet.js +65 -13
  40. package/dist/src/app-opentui/scenes/help.js +4 -2
  41. package/dist/src/app-opentui/scenes/init.js +12 -12
  42. package/dist/src/app-opentui/scenes/main.js +7 -7
  43. package/dist/src/app-opentui/scenes/server.js +83 -11
  44. package/dist/src/app-opentui/scenes/tasks.js +79 -16
  45. package/dist/src/app-opentui/state.js +25 -5
  46. package/dist/src/app-opentui/surface-catalog.js +4 -2
  47. package/dist/src/app-opentui/types.d.ts +1 -1
  48. package/dist/src/commands/_cli-format.d.ts +10 -1
  49. package/dist/src/commands/_cli-format.js +5 -2
  50. package/dist/src/commands/_connection-state.d.ts +11 -1
  51. package/dist/src/commands/_connection-state.js +50 -5
  52. package/dist/src/commands/_doctor-checks.js +458 -46
  53. package/dist/src/commands/_help-catalog.js +4 -2
  54. package/dist/src/commands/_json-output.js +4 -0
  55. package/dist/src/commands/_operator-view.js +496 -57
  56. package/dist/src/commands/_pi-frontend.d.ts +25 -0
  57. package/dist/src/commands/_pi-frontend.js +497 -57
  58. package/dist/src/commands/_preflight.js +509 -72
  59. package/dist/src/commands/_server-client.d.ts +33 -0
  60. package/dist/src/commands/_server-client.js +477 -46
  61. package/dist/src/commands/_server-events.js +446 -41
  62. package/dist/src/commands/_snapshot-upload.js +460 -48
  63. package/dist/src/commands/connect.js +620 -15
  64. package/dist/src/commands/doctor.js +458 -46
  65. package/dist/src/commands/github.js +462 -50
  66. package/dist/src/commands/inbox.js +458 -46
  67. package/dist/src/commands/init.js +497 -74
  68. package/dist/src/commands/inspect.js +458 -46
  69. package/dist/src/commands/run.js +496 -57
  70. package/dist/src/commands/server.js +647 -163
  71. package/dist/src/commands/setup.js +463 -51
  72. package/dist/src/commands/stats.js +462 -48
  73. package/dist/src/commands/task-run-driver.js +464 -52
  74. package/dist/src/commands/task.js +551 -85
  75. package/dist/src/commands.js +701 -151
  76. package/dist/src/index.js +705 -151
  77. package/dist/src/launcher.js +4 -0
  78. package/package.json +8 -8
@@ -2,15 +2,15 @@
2
2
  // @bun
3
3
 
4
4
  // packages/cli/src/commands/_pi-frontend.ts
5
- import { existsSync as existsSync3, mkdirSync as mkdirSync2, mkdtempSync, readFileSync as readFileSync3, rmSync, writeFileSync as writeFileSync2 } from "fs";
5
+ import { existsSync as existsSync3, mkdirSync as mkdirSync3, mkdtempSync, readFileSync as readFileSync3, rmSync, writeFileSync as writeFileSync3 } from "fs";
6
6
  import { homedir as homedir2, tmpdir } from "os";
7
7
  import { join } from "path";
8
8
  import { main as runPiMain } from "@earendil-works/pi-coding-agent";
9
9
  import createPiRigExtension from "@rig/pi-rig";
10
10
 
11
11
  // packages/cli/src/commands/_server-client.ts
12
- import { existsSync as existsSync2, readFileSync as readFileSync2 } from "fs";
13
- import { resolve as resolve2 } from "path";
12
+ import { existsSync as existsSync2, mkdirSync as mkdirSync2, readFileSync as readFileSync2, writeFileSync as writeFileSync2 } from "fs";
13
+ import { dirname as dirname2, isAbsolute, resolve as resolve2 } from "path";
14
14
 
15
15
  // packages/cli/src/runner.ts
16
16
  import { EventBus } from "@rig/runtime/control-plane/runtime/events";
@@ -102,12 +102,28 @@ function readRepoConnection(projectRoot) {
102
102
  selected,
103
103
  project: typeof record.project === "string" ? record.project : undefined,
104
104
  linkedAt: typeof record.linkedAt === "string" ? record.linkedAt : undefined,
105
- serverProjectRoot: typeof record.serverProjectRoot === "string" && record.serverProjectRoot.trim() ? record.serverProjectRoot.trim() : undefined
105
+ serverProjectRoot: typeof record.serverProjectRoot === "string" && record.serverProjectRoot.trim() ? record.serverProjectRoot.trim() : undefined,
106
+ serverProjectRootAlias: typeof record.serverProjectRootAlias === "string" && record.serverProjectRootAlias.trim() ? record.serverProjectRootAlias.trim() : undefined,
107
+ serverProjectRootBaseUrl: typeof record.serverProjectRootBaseUrl === "string" && record.serverProjectRootBaseUrl.trim() ? record.serverProjectRootBaseUrl.trim().replace(/\/+$/, "") : undefined
106
108
  };
107
109
  }
108
110
  function writeRepoConnection(projectRoot, state) {
109
111
  writeJsonFile(resolveRepoConnectionPath(projectRoot), state);
110
112
  }
113
+ function rootAllowedForSelection(repo, connection) {
114
+ const root = repo.serverProjectRoot?.trim();
115
+ if (!root)
116
+ return;
117
+ if (connection.kind === "remote") {
118
+ if (repo.serverProjectRootAlias !== repo.selected)
119
+ return;
120
+ if (repo.serverProjectRootBaseUrl !== connection.baseUrl)
121
+ return;
122
+ } else if (repo.serverProjectRootAlias && repo.serverProjectRootAlias !== repo.selected) {
123
+ return;
124
+ }
125
+ return root;
126
+ }
111
127
  function resolveSelectedConnection(projectRoot, options = {}) {
112
128
  const repo = readRepoConnection(projectRoot);
113
129
  if (!repo)
@@ -119,13 +135,41 @@ function resolveSelectedConnection(projectRoot, options = {}) {
119
135
  if (!connection) {
120
136
  throw new CliError(`Selected Rig server "${repo.selected}" was not found. Run \`rig server list\` or \`rig server use local\`.`, 1);
121
137
  }
122
- return { alias: repo.selected, connection, serverProjectRoot: repo.serverProjectRoot };
138
+ return { alias: repo.selected, connection, serverProjectRoot: rootAllowedForSelection(repo, connection) };
139
+ }
140
+ function writeRepoServerProjectRoot(projectRoot, serverProjectRoot, metadata = {}) {
141
+ const repo = readRepoConnection(projectRoot);
142
+ if (!repo)
143
+ return;
144
+ let inferred = metadata;
145
+ if (!inferred.alias || !inferred.baseUrl) {
146
+ try {
147
+ const selected = resolveSelectedConnection(projectRoot);
148
+ if (selected?.connection.kind === "remote") {
149
+ inferred = {
150
+ alias: inferred.alias ?? selected.alias,
151
+ baseUrl: inferred.baseUrl ?? selected.connection.baseUrl
152
+ };
153
+ }
154
+ } catch {}
155
+ }
156
+ writeRepoConnection(projectRoot, {
157
+ ...repo,
158
+ ...metadata.project ? { project: metadata.project } : {},
159
+ serverProjectRoot,
160
+ ...inferred.alias ? { serverProjectRootAlias: inferred.alias } : {},
161
+ ...inferred.baseUrl ? { serverProjectRootBaseUrl: inferred.baseUrl.replace(/\/+$/, "") } : {}
162
+ });
123
163
  }
124
- function writeRepoServerProjectRoot(projectRoot, serverProjectRoot) {
164
+ function clearRepoServerProjectRoot(projectRoot) {
125
165
  const repo = readRepoConnection(projectRoot);
126
166
  if (!repo)
127
167
  return;
128
- writeRepoConnection(projectRoot, { ...repo, serverProjectRoot });
168
+ writeRepoConnection(projectRoot, {
169
+ selected: repo.selected,
170
+ ...repo.project ? { project: repo.project } : {},
171
+ ...repo.linkedAt ? { linkedAt: repo.linkedAt } : {}
172
+ });
129
173
  }
130
174
 
131
175
  // packages/cli/src/commands/_server-client.ts
@@ -171,11 +215,10 @@ function readStoredGitHubAuthToken(projectRoot) {
171
215
  const parsed = readRemoteAuthState(projectRoot);
172
216
  return parsed ? cleanToken(typeof parsed.token === "string" ? parsed.token : undefined) : null;
173
217
  }
174
- function inferRemoteServerProjectRootFromAuthState(projectRoot) {
175
- const repo = readRepoConnection(projectRoot);
176
- const slug = repo?.project?.trim();
177
- if (!slug || !/^[^/]+\/[^/]+$/.test(slug))
218
+ function inferRemoteServerProjectRootCandidateFromAuthState(projectRoot, repoSlug) {
219
+ if (!/^[^/]+\/[^/]+$/.test(repoSlug))
178
220
  return null;
221
+ const repo = readRepoConnection(projectRoot);
179
222
  const auth = readRemoteAuthState(projectRoot);
180
223
  const authUpdatedAt = typeof auth?.updatedAt === "string" ? Date.parse(auth.updatedAt) : Number.NaN;
181
224
  const repoLinkedAt = typeof repo?.linkedAt === "string" ? Date.parse(repo.linkedAt) : Number.NaN;
@@ -184,25 +227,413 @@ function inferRemoteServerProjectRootFromAuthState(projectRoot) {
184
227
  const checkoutBaseDir = typeof auth?.checkoutBaseDir === "string" && auth.checkoutBaseDir.trim() ? auth.checkoutBaseDir.trim() : null;
185
228
  if (!checkoutBaseDir)
186
229
  return null;
187
- const inferred = `${checkoutBaseDir.replace(/\/+$/, "")}/${slug}`;
188
- writeRepoServerProjectRoot(projectRoot, inferred);
189
- return inferred;
230
+ return `${checkoutBaseDir.replace(/\/+$/, "")}/${repoSlug}`;
190
231
  }
191
232
  function readLocalConnectionFallbackToken(projectRoot) {
192
233
  return readGitHubBearerTokenForRemote(projectRoot) ?? cleanToken(process.env.RIG_GITHUB_TOKEN) ?? readStoredGitHubAuthToken(projectRoot);
193
234
  }
235
+ function normalizeRepoSlug(value) {
236
+ const slug = value?.trim();
237
+ return slug && /^[^/\s]+\/[^/\s]+$/.test(slug) ? slug : null;
238
+ }
239
+ function readProjectLinkSlug(projectRoot) {
240
+ const path = resolve2(projectRoot, ".rig", "state", "project-link.json");
241
+ if (!existsSync2(path))
242
+ return null;
243
+ try {
244
+ const parsed = JSON.parse(readFileSync2(path, "utf8"));
245
+ if (!parsed || typeof parsed !== "object" || Array.isArray(parsed))
246
+ return null;
247
+ return normalizeRepoSlug(typeof parsed.repoSlug === "string" ? String(parsed.repoSlug) : null);
248
+ } catch {
249
+ return null;
250
+ }
251
+ }
252
+ function writeProjectLinkConnection(projectRoot, repoSlug, alias) {
253
+ const path = resolve2(projectRoot, ".rig", "state", "project-link.json");
254
+ mkdirSync2(dirname2(path), { recursive: true });
255
+ writeFileSync2(path, `${JSON.stringify({ repoSlug, connection: alias, linkedAt: new Date().toISOString() }, null, 2)}
256
+ `, "utf8");
257
+ }
258
+ function remoteLinkRepairCommand(repoSlug) {
259
+ return repoSlug ? `rig server repair-link --repo ${repoSlug}` : "rig server repair-link --repo owner/repo";
260
+ }
261
+ function formatRemoteProjectLinkHint(resolution) {
262
+ const repair = remoteLinkRepairCommand(resolution.repoSlug);
263
+ if (resolution.status === "auth_required") {
264
+ return `Authenticate the selected remote${resolution.alias ? ` (${resolution.alias})` : ""}, then run \`${repair}\`. Use \`rig github auth import-gh\` or \`rig init --repair --server remote --github-auth device${resolution.repoSlug ? ` --repo ${resolution.repoSlug}` : ""}\`.`;
265
+ }
266
+ if (resolution.status === "missing_project") {
267
+ return `Record the repo slug, then run \`${repair}\` (or \`rig init --repo owner/repo --server remote --github-auth device\`).`;
268
+ }
269
+ if (resolution.status === "not_remote")
270
+ return "Select a remote server with `rig server use <alias>` before repairing a remote project link.";
271
+ return `Run \`${repair}\` to backfill or prepare a server-host checkout for the selected remote${resolution.alias ? ` (${resolution.alias})` : ""}.`;
272
+ }
273
+ function remoteProjectLinkFailure(input) {
274
+ const partial = {
275
+ status: input.status,
276
+ alias: input.alias,
277
+ baseUrl: input.baseUrl,
278
+ repoSlug: input.repoSlug
279
+ };
280
+ return {
281
+ ok: false,
282
+ ...input,
283
+ hint: formatRemoteProjectLinkHint(partial),
284
+ next: remoteLinkRepairCommand(input.repoSlug)
285
+ };
286
+ }
287
+ function remoteProjectLinkSuccess(input) {
288
+ return {
289
+ ok: true,
290
+ status: input.status,
291
+ alias: input.alias,
292
+ baseUrl: input.baseUrl,
293
+ repoSlug: input.repoSlug,
294
+ serverProjectRoot: input.serverProjectRoot,
295
+ source: input.source,
296
+ prepared: input.prepared ?? input.status === "prepared",
297
+ validated: input.validated ?? false,
298
+ message: input.message ?? `Remote project link ready for ${input.repoSlug}.`,
299
+ hint: "Remote-scoped task/run/status requests will send x-rig-project-root for this server-host checkout.",
300
+ next: "rig task list"
301
+ };
302
+ }
303
+ function localCheckoutPathCandidate(projectRoot, candidate) {
304
+ try {
305
+ const local = resolve2(projectRoot);
306
+ const resolved = resolve2(candidate);
307
+ return resolved === local || resolved.startsWith(`${local}/`);
308
+ } catch {
309
+ return false;
310
+ }
311
+ }
312
+ async function requestRemoteProjectLinkJson(baseUrl, pathname, authToken, init = {}) {
313
+ const requestUrl = new URL(`${baseUrl}${pathname}`);
314
+ if (authToken && queryAuthFallbackEnabled())
315
+ requestUrl.searchParams.set("rt", authToken);
316
+ const response = await fetch(requestUrl, {
317
+ ...init,
318
+ headers: mergeHeaders(init.headers, authToken)
319
+ });
320
+ const text = await response.text();
321
+ const payload = text.trim().length > 0 ? (() => {
322
+ try {
323
+ return JSON.parse(text);
324
+ } catch {
325
+ return null;
326
+ }
327
+ })() : null;
328
+ return { ok: response.ok, status: response.status, payload, text };
329
+ }
330
+ function payloadError(payload, fallback) {
331
+ if (payload && typeof payload === "object" && !Array.isArray(payload)) {
332
+ const record = payload;
333
+ const value = record.error ?? record.message ?? record.reason;
334
+ if (typeof value === "string" && value.trim())
335
+ return value.trim();
336
+ }
337
+ return fallback;
338
+ }
339
+ function checkoutPathsFromProjectPayload(payload) {
340
+ if (!payload || typeof payload !== "object" || Array.isArray(payload))
341
+ return [];
342
+ const project = payload.project;
343
+ if (!project || typeof project !== "object" || Array.isArray(project))
344
+ return [];
345
+ const checkouts = project.checkouts;
346
+ if (!Array.isArray(checkouts))
347
+ return [];
348
+ return [...checkouts].reverse().flatMap((entry) => {
349
+ if (!entry || typeof entry !== "object" || Array.isArray(entry))
350
+ return [];
351
+ const path = entry.path;
352
+ return typeof path === "string" && path.trim() ? [path.trim()] : [];
353
+ });
354
+ }
355
+ function checkoutPathFromPreparePayload(payload) {
356
+ if (!payload || typeof payload !== "object" || Array.isArray(payload))
357
+ return null;
358
+ const checkout = payload.checkout;
359
+ if (!checkout || typeof checkout !== "object" || Array.isArray(checkout))
360
+ return null;
361
+ const path = checkout.path;
362
+ return typeof path === "string" && path.trim() ? path.trim() : null;
363
+ }
364
+ async function validateAndPersistRemoteRoot(input) {
365
+ const candidate = input.candidate.trim();
366
+ if (!candidate || !isAbsolute(candidate)) {
367
+ return remoteProjectLinkFailure({
368
+ status: "invalid_root",
369
+ alias: input.alias,
370
+ baseUrl: input.baseUrl,
371
+ repoSlug: input.repoSlug,
372
+ message: `Remote project root candidate is not an absolute server-host path: ${candidate || "(empty)"}.`
373
+ });
374
+ }
375
+ if (localCheckoutPathCandidate(input.projectRoot, candidate)) {
376
+ return remoteProjectLinkFailure({
377
+ status: "invalid_root",
378
+ alias: input.alias,
379
+ baseUrl: input.baseUrl,
380
+ repoSlug: input.repoSlug,
381
+ message: `Refusing to use local checkout path ${candidate} as a remote server project root.`
382
+ });
383
+ }
384
+ let response;
385
+ try {
386
+ response = await requestRemoteProjectLinkJson(input.baseUrl, "/api/server/project-root", input.authToken, {
387
+ method: "POST",
388
+ headers: { "content-type": "application/json" },
389
+ body: JSON.stringify({ projectRoot: candidate })
390
+ });
391
+ } catch (error) {
392
+ return remoteProjectLinkFailure({
393
+ status: "error",
394
+ alias: input.alias,
395
+ baseUrl: input.baseUrl,
396
+ repoSlug: input.repoSlug,
397
+ message: `Could not validate remote project root ${candidate}: ${error instanceof Error ? error.message : String(error)}`
398
+ });
399
+ }
400
+ if (response.status === 401 || response.status === 403) {
401
+ return remoteProjectLinkFailure({
402
+ status: "auth_required",
403
+ alias: input.alias,
404
+ baseUrl: input.baseUrl,
405
+ repoSlug: input.repoSlug,
406
+ statusCode: response.status,
407
+ message: `Remote server ${input.alias} requires authentication before validating project root ${candidate}.`
408
+ });
409
+ }
410
+ if (!response.ok) {
411
+ return remoteProjectLinkFailure({
412
+ status: "invalid_root",
413
+ alias: input.alias,
414
+ baseUrl: input.baseUrl,
415
+ repoSlug: input.repoSlug,
416
+ statusCode: response.status,
417
+ message: `Remote server rejected project root ${candidate} (${response.status}): ${payloadError(response.payload, response.text || "project-root validation failed")}`
418
+ });
419
+ }
420
+ const record = response.payload && typeof response.payload === "object" && !Array.isArray(response.payload) ? response.payload : {};
421
+ if (record.ok !== true) {
422
+ return remoteProjectLinkFailure({
423
+ status: "invalid_root",
424
+ alias: input.alias,
425
+ baseUrl: input.baseUrl,
426
+ repoSlug: input.repoSlug,
427
+ message: `Remote server did not accept project root ${candidate}: ${payloadError(response.payload, "project-root validation failed")}`
428
+ });
429
+ }
430
+ const accepted = typeof record.projectRoot === "string" && record.projectRoot.trim() ? record.projectRoot.trim() : typeof record.requestedProjectRoot === "string" && record.requestedProjectRoot.trim() ? record.requestedProjectRoot.trim() : candidate;
431
+ writeRepoServerProjectRoot(input.projectRoot, accepted, { alias: input.alias, baseUrl: input.baseUrl, project: input.repoSlug });
432
+ writeProjectLinkConnection(input.projectRoot, input.repoSlug, input.alias);
433
+ const status = input.status ?? (input.prepared ? "prepared" : "backfilled");
434
+ return remoteProjectLinkSuccess({
435
+ status,
436
+ alias: input.alias,
437
+ baseUrl: input.baseUrl,
438
+ repoSlug: input.repoSlug,
439
+ serverProjectRoot: accepted,
440
+ source: input.source,
441
+ prepared: input.prepared,
442
+ validated: true,
443
+ message: status === "ready" ? `Remote project link already points to ${accepted} and was validated on ${input.alias}.` : input.prepared ? `Prepared and linked remote checkout ${accepted} for ${input.repoSlug}.` : `Backfilled remote checkout ${accepted} for ${input.repoSlug}.`
444
+ });
445
+ }
446
+ async function ensureRemoteProjectRootLink(projectRoot, options = {}) {
447
+ let selected;
448
+ try {
449
+ selected = resolveSelectedConnection(projectRoot);
450
+ } catch (error) {
451
+ return remoteProjectLinkFailure({ status: "error", message: error instanceof Error ? error.message : String(error) });
452
+ }
453
+ if (!selected || selected.connection.kind !== "remote") {
454
+ return remoteProjectLinkFailure({ status: "not_remote", message: "No remote Rig server is selected for this repo." });
455
+ }
456
+ const repo = readRepoConnection(projectRoot);
457
+ const explicitRepoRequested = options.repoSlug !== undefined;
458
+ const explicitRepoSlug = explicitRepoRequested ? normalizeRepoSlug(options.repoSlug) : null;
459
+ const repoProjectSlug = normalizeRepoSlug(repo?.project);
460
+ const repoSlug = explicitRepoSlug ?? repoProjectSlug ?? readProjectLinkSlug(projectRoot);
461
+ const alias = selected.alias;
462
+ const baseUrl = selected.connection.baseUrl;
463
+ const authToken = options.authToken === undefined ? readGitHubBearerTokenForRemote(projectRoot) : options.authToken;
464
+ const mode = options.mode ?? "backfill-only";
465
+ if (explicitRepoRequested && !explicitRepoSlug) {
466
+ return remoteProjectLinkFailure({
467
+ status: "missing_project",
468
+ alias,
469
+ baseUrl,
470
+ message: `Invalid --repo value ${JSON.stringify(options.repoSlug)}. Expected owner/repo.`
471
+ });
472
+ }
473
+ if (!repoSlug) {
474
+ return remoteProjectLinkFailure({
475
+ status: "missing_project",
476
+ alias,
477
+ baseUrl,
478
+ message: `Remote server ${alias} is selected, but this checkout has no GitHub repo slug recorded.`
479
+ });
480
+ }
481
+ const skippedCandidates = [];
482
+ const storedRoot = selected.serverProjectRoot?.trim() || null;
483
+ const storedRootMatchesResolvedRepo = repoProjectSlug === repoSlug;
484
+ if (storedRoot && storedRootMatchesResolvedRepo) {
485
+ if (localCheckoutPathCandidate(projectRoot, storedRoot)) {
486
+ clearRepoServerProjectRoot(projectRoot);
487
+ skippedCandidates.push(storedRoot);
488
+ } else {
489
+ const storedResult = await validateAndPersistRemoteRoot({
490
+ projectRoot,
491
+ alias,
492
+ baseUrl,
493
+ authToken,
494
+ repoSlug,
495
+ candidate: storedRoot,
496
+ source: "stored",
497
+ status: "ready"
498
+ });
499
+ if (storedResult.ok || storedResult.status === "auth_required" || storedResult.status === "error")
500
+ return storedResult;
501
+ clearRepoServerProjectRoot(projectRoot);
502
+ skippedCandidates.push(storedRoot);
503
+ }
504
+ } else if (storedRoot) {
505
+ skippedCandidates.push(storedRoot);
506
+ }
507
+ const authCandidate = inferRemoteServerProjectRootCandidateFromAuthState(projectRoot, repoSlug);
508
+ if (authCandidate) {
509
+ const authResult = await validateAndPersistRemoteRoot({ projectRoot, alias, baseUrl, authToken, repoSlug, candidate: authCandidate, source: "auth-state" });
510
+ if (authResult.ok || authResult.status === "auth_required")
511
+ return authResult;
512
+ }
513
+ let registryResponse;
514
+ try {
515
+ registryResponse = await requestRemoteProjectLinkJson(baseUrl, `/api/projects/${encodeURIComponent(repoSlug)}`, authToken);
516
+ } catch (error) {
517
+ return remoteProjectLinkFailure({
518
+ status: "error",
519
+ alias,
520
+ baseUrl,
521
+ repoSlug,
522
+ message: `Could not read remote project registry for ${repoSlug} on ${alias}: ${error instanceof Error ? error.message : String(error)}`
523
+ });
524
+ }
525
+ if (registryResponse.status === 401 || registryResponse.status === 403) {
526
+ return remoteProjectLinkFailure({
527
+ status: "auth_required",
528
+ alias,
529
+ baseUrl,
530
+ repoSlug,
531
+ statusCode: registryResponse.status,
532
+ message: `Remote server ${alias} requires authentication before reading the ${repoSlug} project registry.`
533
+ });
534
+ }
535
+ if (registryResponse.ok) {
536
+ const candidates = checkoutPathsFromProjectPayload(registryResponse.payload);
537
+ for (const candidate of candidates) {
538
+ const result = await validateAndPersistRemoteRoot({ projectRoot, alias, baseUrl, authToken, repoSlug, candidate, source: "registry" });
539
+ if (result.ok || result.status === "auth_required")
540
+ return result;
541
+ skippedCandidates.push(candidate);
542
+ }
543
+ if (mode === "backfill-only") {
544
+ return remoteProjectLinkFailure({
545
+ status: candidates.length > 0 ? "invalid_root" : "no_server_checkout",
546
+ alias,
547
+ baseUrl,
548
+ repoSlug,
549
+ message: candidates.length > 0 ? `Remote registry has checkout candidates for ${repoSlug}, but none validated for ${alias}.` : `Remote registry has ${repoSlug}, but no server checkout path is linked yet.`,
550
+ skippedCandidates
551
+ });
552
+ }
553
+ } else if (registryResponse.status === 404) {
554
+ if (mode === "backfill-only") {
555
+ return remoteProjectLinkFailure({
556
+ status: "project_not_registered",
557
+ alias,
558
+ baseUrl,
559
+ repoSlug,
560
+ statusCode: registryResponse.status,
561
+ message: `Remote server ${alias} has no registered project record for ${repoSlug}.`
562
+ });
563
+ }
564
+ } else {
565
+ return remoteProjectLinkFailure({
566
+ status: "error",
567
+ alias,
568
+ baseUrl,
569
+ repoSlug,
570
+ statusCode: registryResponse.status,
571
+ message: `Could not backfill ${repoSlug} from remote registry (${registryResponse.status}): ${payloadError(registryResponse.payload, registryResponse.text || "registry lookup failed")}`,
572
+ skippedCandidates
573
+ });
574
+ }
575
+ let prepareResponse;
576
+ try {
577
+ prepareResponse = await requestRemoteProjectLinkJson(baseUrl, `/api/projects/${encodeURIComponent(repoSlug)}/prepare-checkout`, authToken, {
578
+ method: "POST",
579
+ headers: { "content-type": "application/json" },
580
+ body: JSON.stringify({ checkout: { kind: "managed-clone" }, repoUrl: `https://github.com/${repoSlug}.git` })
581
+ });
582
+ } catch (error) {
583
+ return remoteProjectLinkFailure({
584
+ status: "error",
585
+ alias,
586
+ baseUrl,
587
+ repoSlug,
588
+ message: `Could not prepare remote checkout for ${repoSlug} on ${alias}: ${error instanceof Error ? error.message : String(error)}`
589
+ });
590
+ }
591
+ if (prepareResponse.status === 401 || prepareResponse.status === 403) {
592
+ return remoteProjectLinkFailure({
593
+ status: "auth_required",
594
+ alias,
595
+ baseUrl,
596
+ repoSlug,
597
+ statusCode: prepareResponse.status,
598
+ message: `Remote server ${alias} requires authentication before preparing ${repoSlug}.`
599
+ });
600
+ }
601
+ if (!prepareResponse.ok) {
602
+ return remoteProjectLinkFailure({
603
+ status: "error",
604
+ alias,
605
+ baseUrl,
606
+ repoSlug,
607
+ statusCode: prepareResponse.status,
608
+ message: `Remote checkout prepare failed for ${repoSlug} (${prepareResponse.status}): ${payloadError(prepareResponse.payload, prepareResponse.text || "prepare-checkout failed")}`,
609
+ skippedCandidates
610
+ });
611
+ }
612
+ const preparedPath = checkoutPathFromPreparePayload(prepareResponse.payload);
613
+ if (!preparedPath) {
614
+ return remoteProjectLinkFailure({
615
+ status: "invalid_root",
616
+ alias,
617
+ baseUrl,
618
+ repoSlug,
619
+ message: `Remote checkout prepare for ${repoSlug} did not return a checkout.path.`,
620
+ skippedCandidates
621
+ });
622
+ }
623
+ return validateAndPersistRemoteRoot({ projectRoot, alias, baseUrl, authToken, repoSlug, candidate: preparedPath, source: "prepare", prepared: true });
624
+ }
194
625
  async function ensureServerForCli(projectRoot) {
195
626
  try {
196
627
  const selected = resolveSelectedConnection(projectRoot);
197
628
  if (selected?.connection.kind === "remote") {
198
629
  reportServerPhase(`Connecting to ${selected.alias}\u2026`);
199
630
  const authToken = readGitHubBearerTokenForRemote(projectRoot);
200
- const serverProjectRoot = selected.serverProjectRoot ?? inferRemoteServerProjectRootFromAuthState(projectRoot) ?? await backfillRemoteServerProjectRoot(projectRoot, selected.connection.baseUrl, authToken);
631
+ const link = await ensureRemoteProjectRootLink(projectRoot, { mode: "backfill-only", authToken });
201
632
  return {
202
633
  baseUrl: selected.connection.baseUrl,
203
634
  authToken,
204
635
  connectionKind: "remote",
205
- serverProjectRoot
636
+ serverProjectRoot: link.ok ? link.serverProjectRoot ?? null : null
206
637
  };
207
638
  }
208
639
  reportServerPhase("Starting local Rig server\u2026");
@@ -220,32 +651,6 @@ async function ensureServerForCli(projectRoot) {
220
651
  throw error;
221
652
  }
222
653
  }
223
- async function backfillRemoteServerProjectRoot(projectRoot, baseUrl, authToken) {
224
- const repo = readRepoConnection(projectRoot);
225
- const slug = repo?.project?.trim();
226
- if (!slug)
227
- return null;
228
- try {
229
- const url = new URL(`${baseUrl}/api/projects/${encodeURIComponent(slug)}`);
230
- if (authToken && queryAuthFallbackEnabled())
231
- url.searchParams.set("rt", authToken);
232
- const response = await fetch(url, {
233
- headers: mergeHeaders(undefined, authToken)
234
- });
235
- if (!response.ok)
236
- return null;
237
- const payload = await response.json();
238
- const project = payload.project && typeof payload.project === "object" && !Array.isArray(payload.project) ? payload.project : null;
239
- const checkouts = Array.isArray(project?.checkouts) ? project.checkouts : [];
240
- const latestCheckout = [...checkouts].reverse().find((entry) => Boolean(entry && typeof entry === "object" && !Array.isArray(entry) && typeof entry.path === "string"));
241
- const path = typeof latestCheckout?.path === "string" && latestCheckout.path.trim() ? latestCheckout.path.trim() : null;
242
- if (path)
243
- writeRepoServerProjectRoot(projectRoot, path);
244
- return path;
245
- } catch {
246
- return null;
247
- }
248
- }
249
654
  function mergeCookie(existing, name, value) {
250
655
  const encoded = `${name}=${encodeURIComponent(value)}`;
251
656
  if (!existing?.trim())
@@ -337,13 +742,20 @@ function canUseRemoteWithoutProjectRoot(pathname) {
337
742
  async function requestServerJson(context, pathname, init = {}) {
338
743
  const server = await ensureServerForCli(context.projectRoot);
339
744
  const requestUrl = new URL(`${server.baseUrl}${pathname}`);
340
- if (server.connectionKind === "remote" && !server.serverProjectRoot && !canUseRemoteWithoutProjectRoot(requestUrl.pathname) && (server.authToken || !isLoopbackRemoteBaseUrl(server.baseUrl))) {
341
- const repo = readRepoConnection(context.projectRoot);
342
- throw new CliError(`Remote server is selected for ${repo?.project ?? "this repo"}, but this checkout has no server-host project root link.`, 1, { hint: "Run `rig init --repair` or `rig init --yes --repo owner/repo --server remote` to repair the remote project link before task/run commands." });
745
+ let scopedServerProjectRoot = server.serverProjectRoot;
746
+ if (server.connectionKind === "remote" && !scopedServerProjectRoot && !canUseRemoteWithoutProjectRoot(requestUrl.pathname) && (server.authToken || !isLoopbackRemoteBaseUrl(server.baseUrl))) {
747
+ const link = await ensureRemoteProjectRootLink(context.projectRoot, { mode: "backfill-only", authToken: server.authToken });
748
+ if (link.ok && link.serverProjectRoot) {
749
+ scopedServerProjectRoot = link.serverProjectRoot;
750
+ } else {
751
+ const repo = readRepoConnection(context.projectRoot);
752
+ const target = link.alias && link.baseUrl ? `${link.alias} (${link.baseUrl})` : server.baseUrl;
753
+ throw new CliError(`Remote server ${target} is selected for ${link.repoSlug ?? repo?.project ?? "this repo"}, but this checkout has no server-host project root link. ${link.message}`, 1, { hint: link.hint });
754
+ }
343
755
  }
344
756
  const headers = mergeHeaders(init.headers, server.authToken);
345
- if (server.serverProjectRoot)
346
- headers.set("x-rig-project-root", server.serverProjectRoot);
757
+ if (scopedServerProjectRoot)
758
+ headers.set("x-rig-project-root", scopedServerProjectRoot);
347
759
  if (server.connectionKind === "remote" && server.authToken && queryAuthFallbackEnabled()) {
348
760
  requestUrl.searchParams.set("rt", server.authToken);
349
761
  }
@@ -642,7 +1054,7 @@ function statusFromRunDetails(run) {
642
1054
  async function prepareOperatorConsole(context, runId, tempSessionDir) {
643
1055
  const server = await ensureServerForCli(context.projectRoot);
644
1056
  const localCwd = join(homedir2(), ".rig", "drones", runId.slice(0, 8));
645
- mkdirSync2(localCwd, { recursive: true });
1057
+ mkdirSync3(localCwd, { recursive: true });
646
1058
  trustDroneCwd(localCwd);
647
1059
  installRigPiTheme();
648
1060
  let sessionFileArg = [];
@@ -664,7 +1076,7 @@ async function prepareOperatorConsole(context, runId, tempSessionDir) {
664
1076
  return line;
665
1077
  }).join(`
666
1078
  `);
667
- writeFileSync2(localSessionPath, content);
1079
+ writeFileSync3(localSessionPath, content);
668
1080
  sessionFileArg = ["--session", localSessionPath];
669
1081
  }
670
1082
  } catch {}
@@ -754,12 +1166,12 @@ var RIG_PI_THEME = {
754
1166
  function trustDroneCwd(localCwd) {
755
1167
  try {
756
1168
  const agentDir = join(homedir2(), ".pi", "agent");
757
- mkdirSync2(agentDir, { recursive: true });
1169
+ mkdirSync3(agentDir, { recursive: true });
758
1170
  const trustPath = join(agentDir, "trust.json");
759
1171
  const store = existsSync3(trustPath) ? JSON.parse(readFileSync3(trustPath, "utf8")) : {};
760
1172
  if (store[localCwd] !== true) {
761
1173
  store[localCwd] = true;
762
- writeFileSync2(trustPath, `${JSON.stringify(store, null, "\t")}
1174
+ writeFileSync3(trustPath, `${JSON.stringify(store, null, "\t")}
763
1175
  `);
764
1176
  }
765
1177
  } catch {}
@@ -767,15 +1179,38 @@ function trustDroneCwd(localCwd) {
767
1179
  function installRigPiTheme() {
768
1180
  try {
769
1181
  const themesDir = join(homedir2(), ".pi", "agent", "themes");
770
- mkdirSync2(themesDir, { recursive: true });
1182
+ mkdirSync3(themesDir, { recursive: true });
771
1183
  const themePath = join(themesDir, "rig.json");
772
1184
  const next = `${JSON.stringify(RIG_PI_THEME, null, "\t")}
773
1185
  `;
774
1186
  if (!existsSync3(themePath) || readFileSync3(themePath, "utf8") !== next) {
775
- writeFileSync2(themePath, next);
1187
+ writeFileSync3(themePath, next);
776
1188
  }
777
1189
  } catch {}
778
1190
  }
1191
+ async function runWithProcessExitGuard(body) {
1192
+ const realExit = process.exit;
1193
+ let exitCode = 0;
1194
+ let signalQuit = () => {};
1195
+ const quit = new Promise((resolve3) => {
1196
+ signalQuit = resolve3;
1197
+ });
1198
+ const guardedExit = (code) => {
1199
+ exitCode = typeof code === "number" ? code : 0;
1200
+ signalQuit();
1201
+ return;
1202
+ };
1203
+ process.exit = guardedExit;
1204
+ try {
1205
+ await Promise.race([Promise.resolve().then(body), quit]);
1206
+ } finally {
1207
+ process.exit = realExit;
1208
+ }
1209
+ return exitCode;
1210
+ }
1211
+ function runPiMainReturningOnQuit(args, options) {
1212
+ return runWithProcessExitGuard(() => runPiMain(args, options));
1213
+ }
779
1214
  async function attachRunBundledPiFrontend(context, input) {
780
1215
  const tempSessionDir = mkdtempSync(join(tmpdir(), "rig-pi-frontend-sessions-"));
781
1216
  const { server, sessionFileArg } = await withSpinner(`Opening Pi console for run ${input.runId}\u2026`, () => prepareOperatorConsole(context, input.runId, tempSessionDir), { outputMode: context.outputMode });
@@ -791,16 +1226,20 @@ async function attachRunBundledPiFrontend(context, input) {
791
1226
  };
792
1227
  let detached = false;
793
1228
  try {
794
- await runPiMain([
1229
+ const piArgs = [
795
1230
  "--offline",
796
1231
  "--no-extensions",
797
1232
  "--no-skills",
798
1233
  "--no-prompt-templates",
799
1234
  "--no-context-files",
800
1235
  ...sessionFileArg
801
- ], {
802
- extensionFactories: [piRigExtensionFactory]
803
- });
1236
+ ];
1237
+ const piOptions = { extensionFactories: [piRigExtensionFactory] };
1238
+ if (input.returnOnQuit) {
1239
+ await runPiMainReturningOnQuit(piArgs, piOptions);
1240
+ } else {
1241
+ await runPiMain(piArgs, piOptions);
1242
+ }
804
1243
  detached = true;
805
1244
  } finally {
806
1245
  restoreEnv();