@imdeadpool/guardex 7.0.41 → 7.1.0

package/templates/scripts/codex-agent.sh

@@ -6,6 +6,7 @@ AGENT_NAME="${GUARDEX_AGENT_NAME:-agent}"
 BASE_BRANCH="${GUARDEX_BASE_BRANCH:-}"
 BASE_BRANCH_EXPLICIT=0
 CODEX_BIN="${GUARDEX_CODEX_BIN:-codex}"
+CODEX_APPROVAL_POLICY="${GUARDEX_CODEX_APPROVAL_POLICY-never}"
 NODE_BIN="${GUARDEX_NODE_BIN:-node}"
 CLI_ENTRY="${GUARDEX_CLI_ENTRY:-}"
 AUTO_FINISH_RAW="${GUARDEX_CODEX_AUTO_FINISH:-true}"
@@ -67,6 +68,29 @@ normalize_tier() {
   esac
 }
 
+codex_args_include_approval_policy() {
+  local arg
+  for arg in "$@"; do
+    case "$arg" in
+      -a|--ask-for-approval|--approval-policy|--dangerously-bypass-approvals-and-sandbox)
+        return 0
+        ;;
+      --ask-for-approval=*|--approval-policy=*)
+        return 0
+        ;;
+    esac
+  done
+  return 1
+}
+
+build_codex_launch_args() {
+  CODEX_LAUNCH_ARGS=()
+  if [[ -n "$CODEX_APPROVAL_POLICY" ]] && ! codex_args_include_approval_policy "$@"; then
+    CODEX_LAUNCH_ARGS+=("-a" "$CODEX_APPROVAL_POLICY")
+  fi
+  CODEX_LAUNCH_ARGS+=("$@")
+}
+
 string_contains_any() {
   local haystack="$1"
   shift
@@ -300,7 +324,6 @@ if ! git rev-parse --is-inside-work-tree >/dev/null 2>&1; then
   exit 1
 fi
 repo_root="$(git rev-parse --show-toplevel)"
-active_session_state_script="${repo_root}/scripts/agent-session-state.js"
 
 guardex_env_helper="${repo_root}/scripts/guardex-env.sh"
 if [[ -f "$guardex_env_helper" ]]; then
@@ -614,78 +637,6 @@ has_origin_remote() {
   git -C "$repo_root" remote get-url origin >/dev/null 2>&1
 }
 
-run_active_session_state() {
-  local action="$1"
-  shift
-
-  if [[ ! -f "$active_session_state_script" ]]; then
-    return 0
-  fi
-  if ! command -v "$NODE_BIN" >/dev/null 2>&1; then
-    return 0
-  fi
-
-  "$NODE_BIN" "$active_session_state_script" "$action" "$@" >/dev/null 2>&1 || true
-}
-
-record_active_session_state() {
-  local wt="$1"
-  local branch="$2"
-
-  run_active_session_state \
-    start \
-    --repo "$repo_root" \
-    --branch "$branch" \
-    --task "$TASK_NAME" \
-    --agent "$AGENT_NAME" \
-    --worktree "$wt" \
-    --pid "$$" \
-    --cli "$CODEX_BIN" \
-    --task-mode "$TASK_MODE" \
-    --openspec-tier "$OPENSPEC_TIER" \
-    --routing-reason "$TASK_ROUTING_REASON"
-}
-
-clear_active_session_state() {
-  local branch="$1"
-  run_active_session_state stop --repo "$repo_root" --branch "$branch"
-}
-
-heartbeat_active_session_state() {
-  local branch="$1"
-  run_active_session_state heartbeat --repo "$repo_root" --branch "$branch" --state working
-}
-
-normalize_heartbeat_interval_seconds() {
-  local raw="${GUARDEX_ACTIVE_SESSION_HEARTBEAT_INTERVAL_SECONDS:-15}"
-  if [[ "$raw" =~ ^[0-9]+$ ]] && [[ "$raw" -ge 1 ]]; then
-    printf '%s' "$raw"
-    return 0
-  fi
-  printf '15'
-}
-
-start_active_session_heartbeat() {
-  local branch="$1"
-  local interval
-  interval="$(normalize_heartbeat_interval_seconds)"
-  (
-    while true; do
-      sleep "$interval" || break
-      heartbeat_active_session_state "$branch"
-    done
-  ) &
-  active_session_heartbeat_pid="$!"
-}
-
-stop_active_session_heartbeat() {
-  if [[ -n "${active_session_heartbeat_pid:-}" ]]; then
-    kill "$active_session_heartbeat_pid" >/dev/null 2>&1 || true
-    wait "$active_session_heartbeat_pid" >/dev/null 2>&1 || true
-    active_session_heartbeat_pid=""
-  fi
-}
-
 origin_remote_supports_pr_finish() {
   local origin_url
   origin_url="$(git -C "$repo_root" remote get-url origin 2>/dev/null || true)"
@@ -735,9 +686,14 @@ print_takeover_prompt() {
 
   finish_cmd="gx branch finish --branch \"${branch}\" --base ${base_branch} --via-pr --wait-for-merge --cleanup"
 
-  echo "[codex-agent] Takeover sandbox: ${wt}"
-  echo "[codex-agent] Takeover routing: $(describe_task_routing) (${TASK_ROUTING_REASON})"
-  echo "[codex-agent] Takeover prompt: Continue \`${change_slug}\` on branch \`${branch}\`. Work inside \`${wt}\`, review \`${change_artifact}\`, continue from the current state instead of creating a new sandbox, and when the work is done run \`${finish_cmd}\`."
+  echo "[codex-agent] Resume this sandbox:"
+  echo "  change:   ${change_slug}"
+  echo "  branch:   ${branch}"
+  echo "  worktree: ${wt}"
+  echo "  spec:     ${change_artifact}"
+  echo "  routing:  $(describe_task_routing) (${TASK_ROUTING_REASON})"
+  echo "  rule:     continue current state; do not create a new sandbox"
+  echo "  finish:   ${finish_cmd}"
 }
 
 sync_worktree_with_base() {
@@ -1034,7 +990,8 @@ run_finish_flow() {
     (
       cd "$wt"
       set +e
-      "$CODEX_BIN" "$review_prompt"
+      build_codex_launch_args "$review_prompt"
+      "$CODEX_BIN" "${CODEX_LAUNCH_ARGS[@]}"
       review_exit="$?"
       set -e
       if [[ "$review_exit" -ne 0 ]]; then
@@ -1073,35 +1030,18 @@ fi
 
 echo "[codex-agent] Task routing: $(describe_task_routing) (${TASK_ROUTING_REASON})"
 
-active_session_recorded=0
-active_session_heartbeat_pid=""
-cleanup_active_session_state_on_exit() {
-  set +e
-  if [[ "${active_session_recorded:-0}" -eq 1 && -n "${worktree_branch:-}" && "${worktree_branch:-}" != "HEAD" ]]; then
-    stop_active_session_heartbeat
-    clear_active_session_state "$worktree_branch"
-    active_session_recorded=0
-  fi
-}
-
-record_active_session_state "$worktree_path" "$worktree_branch"
-active_session_recorded=1
-start_active_session_heartbeat "$worktree_branch"
-trap cleanup_active_session_state_on_exit EXIT INT TERM
-
 echo "[codex-agent] Launching ${CODEX_BIN} in sandbox: $worktree_path"
 cd "$worktree_path"
 set +e
+build_codex_launch_args "$@"
 GUARDEX_TASK_MODE="$TASK_MODE" \
 GUARDEX_OPENSPEC_TIER="$OPENSPEC_TIER" \
 GUARDEX_TASK_ROUTING_REASON="$TASK_ROUTING_REASON" \
-  "$CODEX_BIN" "$@"
+  "$CODEX_BIN" "${CODEX_LAUNCH_ARGS[@]}"
 codex_exit="$?"
 set -e
 
 cd "$repo_root"
-cleanup_active_session_state_on_exit
-trap - EXIT INT TERM
 final_exit="$codex_exit"
 auto_finish_completed=0
 
@@ -1161,7 +1101,11 @@ else
       echo "[codex-agent] Branch kept intentionally. Cleanup on demand: gx cleanup --branch \"${worktree_branch}\""
     else
       print_takeover_prompt "$worktree_path" "$worktree_branch"
-      echo "[codex-agent] If finished, merge with: gx branch finish --branch \"${worktree_branch}\" --base dev --via-pr --wait-for-merge"
+      finish_base_branch="$(resolve_worktree_base_branch "$worktree_path")"
+      if [[ -z "$finish_base_branch" ]]; then
+        finish_base_branch="dev"
+      fi
+      echo "[codex-agent] If finished, merge with: gx branch finish --branch \"${worktree_branch}\" --base ${finish_base_branch} --via-pr --wait-for-merge --cleanup"
       echo "[codex-agent] Cleanup on demand: gx cleanup --branch \"${worktree_branch}\""
     fi
   fi

package/templates/scripts/openspec/init-plan-workspace.sh

@@ -84,6 +84,7 @@ if [[ ! -f "$PLAN_DIR/README.md" ]]; then
     echo
     echo "Each role folder contains OpenSpec-style artifacts:"
     echo "- \`.openspec.yaml\`"
+    echo "- \`prompt.md\` (copy/paste role prompt)"
     echo "- \`proposal.md\`"
     echo "- \`tasks.md\` (Spec / Tests / Implementation / Checkpoints checklists)"
     echo "- \`specs/<role>/spec.md\`"
@@ -108,6 +109,7 @@ Drive this plan from draft to execution-ready status with strict checkpoint disc
 - \`openspec/plan/${PLAN_SLUG}/checkpoints.md\`
 - \`openspec/plan/${PLAN_SLUG}/open-questions.md\`
 - \`openspec/plan/${PLAN_SLUG}/planner/plan.md\`
+- role \`prompt.md\` files for copy/paste helper startup
 - role \`tasks.md\` files for planner/architect/critic/executor/writer/verifier
 
 ## Coordinator responsibilities
@@ -282,6 +284,7 @@ Role workspace for \`${role}\`.
 
 Default artifacts:
 - \`.openspec.yaml\`
+- \`prompt.md\`
 - \`proposal.md\`
 - \`tasks.md\`
 - \`specs/<role>/spec.md\`
@@ -302,12 +305,52 @@ plan: ${PLAN_SLUG}
 role: ${role}
 status: draft
 artifacts:
+  prompt: prompt.md
   proposal: proposal.md
   tasks: tasks.md
   spec: specs/${ROLE_SPEC_SLUG}/spec.md
 ROLEYAMLEOF
   fi
 
+  if [[ ! -f "$ROLE_DIR/prompt.md" ]]; then
+    cat > "$ROLE_DIR/prompt.md" <<ROLEPROMPTEOF
+# ${role} Prompt
+
+You are the \`${role}\` role for OpenSpec plan \`${PLAN_SLUG}\`.
+
+## Objective
+
+Complete only this role's assigned checklist and leave compact evidence for the coordinator.
+
+## Source of truth
+
+- \`openspec/plan/${PLAN_SLUG}/summary.md\`
+- \`openspec/plan/${PLAN_SLUG}/checkpoints.md\`
+- \`openspec/plan/${PLAN_SLUG}/open-questions.md\`
+- \`openspec/plan/${PLAN_SLUG}/${role}/tasks.md\`
+- \`openspec/plan/${PLAN_SLUG}/${role}/proposal.md\`
+
+## Before edits
+
+1. Confirm branch/worktree with \`git status --short --branch\`.
+2. Claim every touched file before editing:
+   - Prefer Colony \`task_claim_file\` when an active task exists.
+   - Otherwise run \`gx locks claim --branch <agent-branch> <file...>\`.
+3. Stay inside assigned files/modules; coordinate before touching shared paths.
+
+## Working rules
+
+- Update \`${role}/tasks.md\` as each item completes.
+- Record durable unresolved questions in \`open-questions.md\`.
+- Keep handoffs short: files changed, behavior touched, verification, risks.
+- Do not revert another agent's edits.
+
+## Cleanup
+
+Only the owner/finalizer lane runs \`gx branch finish --branch <agent-branch> --base dev --via-pr --wait-for-merge --cleanup\`. If blocked, append \`BLOCKED:\` with branch, task, blocker, next, evidence.
+ROLEPROMPTEOF
+  fi
+
   if [[ ! -f "$ROLE_DIR/proposal.md" ]]; then
     cat > "$ROLE_DIR/proposal.md" <<ROLEPROPOSALEOF
 # Proposal: ${role} (${PLAN_SLUG})

package/templates/scripts/review-bot-watch.sh

@@ -64,6 +64,36 @@ normalize_bool() {
   esac
 }
 
+gh_api_probe_looks_like_network_failure() {
+  local probe_output="$1"
+  [[ "$probe_output" =~ error[[:space:]]connecting[[:space:]]to[[:space:]]api\.github\.com|Could[[:space:]]not[[:space:]]resolve[[:space:]]host|could[[:space:]]not[[:space:]]resolve[[:space:]]host|Failed[[:space:]]to[[:space:]]connect|failed[[:space:]]to[[:space:]]connect|Network[[:space:]]is[[:space:]]unreachable|network[[:space:]]is[[:space:]]unreachable|Connection[[:space:]]timed[[:space:]]out|connection[[:space:]]timed[[:space:]]out|Temporary[[:space:]]failure[[:space:]]in[[:space:]]name[[:space:]]resolution|temporary[[:space:]]failure[[:space:]]in[[:space:]]name[[:space:]]resolution ]]
+}
+
+ensure_gh_auth_or_explain() {
+  local auth_output probe_output
+  if auth_output="$(gh auth status 2>&1)"; then
+    return 0
+  fi
+
+  if probe_output="$(gh api user --jq .login 2>&1)"; then
+    echo "[review-bot-watch] gh auth status failed, but gh api user succeeded; continuing with usable GitHub auth." >&2
+    return 0
+  fi
+
+  if gh_api_probe_looks_like_network_failure "$probe_output"; then
+    echo "[review-bot-watch] GitHub API is unreachable, so gh cannot validate the stored token." >&2
+    echo "[review-bot-watch] This is a network or Codex sandbox connectivity problem, not proof that the token is invalid." >&2
+    echo "$probe_output" >&2
+    return 1
+  fi
+
+  echo "[review-bot-watch] gh is not authenticated. Run: gh auth login" >&2
+  if [[ -n "$auth_output" ]]; then
+    echo "$auth_output" >&2
+  fi
+  return 1
+}
+
 ONCE=0
 
 while [[ $# -gt 0 ]]; do
@@ -153,8 +183,7 @@ if ! command -v codex >/dev/null 2>&1; then
   exit 127
 fi
 
-if ! gh auth status >/dev/null 2>&1; then
-  echo "[review-bot-watch] gh is not authenticated. Run: gh auth login" >&2
+if ! ensure_gh_auth_or_explain; then
   exit 1
 fi
 

package/templates/scripts/agent-session-state.js

@@ -1,171 +0,0 @@
-#!/usr/bin/env node
-
-const fs = require('node:fs');
-const path = require('node:path');
-
-function resolveSessionSchemaModule() {
-  const candidates = [
-    path.resolve(__dirname, '..', 'vscode', 'guardex-active-agents', 'session-schema.js'),
-    path.resolve(__dirname, '..', 'templates', 'vscode', 'guardex-active-agents', 'session-schema.js'),
-  ];
-
-  for (const candidate of candidates) {
-    if (fs.existsSync(candidate)) {
-      return require(candidate);
-    }
-  }
-
-  throw new Error('Could not resolve Guardex active-agent session schema module.');
-}
-
-const sessionSchema = resolveSessionSchemaModule();
-
-function usage() {
-  return (
-    'Usage:\n' +
-    '  node scripts/agent-session-state.js start --repo <path> --branch <name> --task <task> --agent <agent> --worktree <path> --pid <pid> --cli <name> [--task-mode <caveman|omx>] [--openspec-tier <T0|T1|T2|T3>] [--routing-reason <text>] [--state <working|thinking|idle>]\n' +
-    '  node scripts/agent-session-state.js heartbeat --repo <path> --branch <name> [--state <working|thinking|idle>]\n' +
-    '  node scripts/agent-session-state.js terminate --repo <path> --branch <name>\n' +
-    '  node scripts/agent-session-state.js stop --repo <path> --branch <name>\n'
-  );
-}
-
-function parseOptions(argv) {
-  const options = {};
-  for (let index = 0; index < argv.length; index += 1) {
-    const token = argv[index];
-    if (!token.startsWith('--')) {
-      throw new Error(`Unexpected argument: ${token}`);
-    }
-    const key = token.slice(2);
-    const value = argv[index + 1];
-    if (!value || value.startsWith('--')) {
-      throw new Error(`Missing value for --${key}`);
-    }
-    options[key] = value;
-    index += 1;
-  }
-  return options;
-}
-
-function requireOption(options, key) {
-  const value = options[key];
-  if (!value) {
-    throw new Error(`Missing required option --${key}`);
-  }
-  return value;
-}
-
-function writeSessionRecord(options) {
-  const repoRoot = requireOption(options, 'repo');
-  const branch = requireOption(options, 'branch');
-  const record = sessionSchema.buildSessionRecord({
-    repoRoot,
-    branch,
-    taskName: requireOption(options, 'task'),
-    agentName: requireOption(options, 'agent'),
-    worktreePath: requireOption(options, 'worktree'),
-    pid: requireOption(options, 'pid'),
-    cliName: requireOption(options, 'cli'),
-    taskMode: options['task-mode'],
-    openspecTier: options['openspec-tier'],
-    taskRoutingReason: options['routing-reason'],
-    state: options.state,
-  });
-
-  const targetPath = sessionSchema.sessionFilePathForBranch(repoRoot, branch);
-  fs.mkdirSync(path.dirname(targetPath), { recursive: true });
-  fs.writeFileSync(targetPath, `${JSON.stringify(record, null, 2)}\n`, 'utf8');
-}
-
-function refreshSessionRecord(options) {
-  const repoRoot = requireOption(options, 'repo');
-  const branch = requireOption(options, 'branch');
-  const targetPath = sessionSchema.sessionFilePathForBranch(repoRoot, branch);
-  if (!fs.existsSync(targetPath)) {
-    return;
-  }
-
-  const parsed = JSON.parse(fs.readFileSync(targetPath, 'utf8'));
-  const nextRecord = {
-    ...parsed,
-    lastHeartbeatAt: new Date().toISOString(),
-  };
-  if (options.state) {
-    nextRecord.state = options.state;
-  }
-
-  fs.writeFileSync(targetPath, `${JSON.stringify(nextRecord, null, 2)}\n`, 'utf8');
-}
-
-function readSessionRecord(options) {
-  const repoRoot = requireOption(options, 'repo');
-  const branch = requireOption(options, 'branch');
-  const targetPath = sessionSchema.sessionFilePathForBranch(repoRoot, branch);
-  if (!fs.existsSync(targetPath)) {
-    return null;
-  }
-  return JSON.parse(fs.readFileSync(targetPath, 'utf8'));
-}
-
-function terminateSessionProcess(options) {
-  const record = readSessionRecord(options);
-  const pid = Number(record?.pid);
-  if (!Number.isInteger(pid) || pid <= 0) {
-    throw new Error('No live pid recorded for branch.');
-  }
-
-  try {
-    process.kill(pid, 'SIGTERM');
-  } catch (error) {
-    if (error?.code === 'ESRCH') {
-      return;
-    }
-    throw error;
-  }
-}
-
-function removeSessionRecord(options) {
-  const repoRoot = requireOption(options, 'repo');
-  const branch = requireOption(options, 'branch');
-  const targetPath = sessionSchema.sessionFilePathForBranch(repoRoot, branch);
-  if (fs.existsSync(targetPath)) {
-    fs.unlinkSync(targetPath);
-  }
-}
-
-function main() {
-  const [command, ...rest] = process.argv.slice(2);
-  if (!command || ['-h', '--help', 'help'].includes(command)) {
-    process.stdout.write(usage());
-    return;
-  }
-
-  const options = parseOptions(rest);
-  if (command === 'start') {
-    writeSessionRecord(options);
-    return;
-  }
-  if (command === 'heartbeat') {
-    refreshSessionRecord(options);
-    return;
-  }
-  if (command === 'terminate') {
-    terminateSessionProcess(options);
-    return;
-  }
-  if (command === 'stop') {
-    removeSessionRecord(options);
-    return;
-  }
-
-  throw new Error(`Unknown subcommand: ${command}`);
-}
-
-try {
-  main();
-} catch (error) {
-  process.stderr.write(`[guardex-active-session] ${error.message}\n`);
-  process.stderr.write(usage());
-  process.exitCode = 1;
-}

package/templates/scripts/install-vscode-active-agents-extension.js

@@ -1,135 +0,0 @@
-#!/usr/bin/env node
-
-const fs = require('node:fs');
-const os = require('node:os');
-const path = require('node:path');
-
-const PATCH_COMPATIBILITY_WINDOW = 20;
-const RETIRED_EXTENSION_IDS = [
-  'recodeee.gitguardex-active-agents',
-];
-
-function parseOptions(argv) {
-  const options = {};
-  for (let index = 0; index < argv.length; index += 1) {
-    const token = argv[index];
-    if (!token.startsWith('--')) {
-      throw new Error(`Unexpected argument: ${token}`);
-    }
-    const key = token.slice(2);
-    const value = argv[index + 1];
-    if (!value || value.startsWith('--')) {
-      throw new Error(`Missing value for --${key}`);
-    }
-    options[key] = value;
-    index += 1;
-  }
-  return options;
-}
-
-function resolveExtensionSource(repoRoot) {
-  const candidates = [
-    path.join(repoRoot, 'vscode', 'guardex-active-agents'),
-    path.join(repoRoot, 'templates', 'vscode', 'guardex-active-agents'),
-  ];
-
-  for (const candidate of candidates) {
-    if (fs.existsSync(path.join(candidate, 'package.json'))) {
-      return candidate;
-    }
-  }
-
-  throw new Error('Could not find the Guardex VS Code companion sources.');
-}
-
-function removeIfExists(targetPath) {
-  if (fs.existsSync(targetPath)) {
-    fs.rmSync(targetPath, { recursive: true, force: true });
-  }
-}
-
-function parseSimpleSemver(version) {
-  const parts = String(version || '').trim().split('.').map((part) => Number.parseInt(part, 10));
-  if (parts.length !== 3 || parts.some((part) => Number.isNaN(part))) {
-    throw new Error(`Expected simple semver for the Active Agents companion, received "${version}".`);
-  }
-  return parts;
-}
-
-function buildInstallTargets(extensionId, version, extensionsDir) {
-  const [major, minor, patch] = parseSimpleSemver(version);
-  const firstCompatiblePatch = Math.max(0, patch - PATCH_COMPATIBILITY_WINDOW);
-  const targets = [path.join(extensionsDir, extensionId)];
-
-  for (let compatiblePatch = firstCompatiblePatch; compatiblePatch <= patch; compatiblePatch += 1) {
-    targets.push(path.join(extensionsDir, `${extensionId}-${major}.${minor}.${compatiblePatch}`));
-  }
-
-  return targets;
-}
-
-function isRetiredExtensionInstall(entryName, currentExtensionId) {
-  return RETIRED_EXTENSION_IDS
-    .filter((extensionId) => extensionId !== currentExtensionId)
-    .some((extensionId) => entryName === extensionId || entryName.startsWith(`${extensionId}-`));
-}
-
-function main() {
-  const repoRoot = path.resolve(__dirname, '..');
-  const options = parseOptions(process.argv.slice(2));
-  const sourceDir = resolveExtensionSource(repoRoot);
-  const manifest = JSON.parse(fs.readFileSync(path.join(sourceDir, 'package.json'), 'utf8'));
-  const extensionId = `${manifest.publisher}.${manifest.name}`;
-  const extensionsDir = path.resolve(
-    options['extensions-dir'] ||
-      process.env.GUARDEX_VSCODE_EXTENSIONS_DIR ||
-      process.env.VSCODE_EXTENSIONS_DIR ||
-      path.join(os.homedir(), '.vscode', 'extensions'),
-  );
-
-  fs.mkdirSync(extensionsDir, { recursive: true });
-  const targetDirs = buildInstallTargets(extensionId, manifest.version, extensionsDir);
-  const canonicalTargetDir = targetDirs[0];
-  const keepDirNames = new Set(targetDirs.map((targetDir) => path.basename(targetDir)));
-  let retiredInstallCount = 0;
-
-  for (const entry of fs.readdirSync(extensionsDir, { withFileTypes: true })) {
-    if (!entry.isDirectory()) {
-      continue;
-    }
-    if (isRetiredExtensionInstall(entry.name, extensionId)) {
-      removeIfExists(path.join(extensionsDir, entry.name));
-      retiredInstallCount += 1;
-      continue;
-    }
-    if (keepDirNames.has(entry.name)) {
-      continue;
-    }
-    if (entry.name === extensionId || entry.name.startsWith(`${extensionId}-`)) {
-      removeIfExists(path.join(extensionsDir, entry.name));
-    }
-  }
-
-  for (const targetDir of targetDirs) {
-    removeIfExists(targetDir);
-    fs.cpSync(sourceDir, targetDir, {
-      recursive: true,
-      force: true,
-      preserveTimestamps: true,
-    });
-  }
-
-  process.stdout.write(
-    `[guardex-active-agents] Installed ${extensionId}@${manifest.version} to ${canonicalTargetDir}\n` +
-      `[guardex-active-agents] Refreshed ${targetDirs.length - 1} recent patch compatibility path(s) for already-open windows.\n` +
-      `[guardex-active-agents] Removed ${retiredInstallCount} retired extension install path(s).\n` +
-      '[guardex-active-agents] Reload each already-open VS Code window to activate the newest Source Control companion.\n',
-  );
-}
-
-try {
-  main();
-} catch (error) {
-  process.stderr.write(`[guardex-active-agents] ${error.message}\n`);
-  process.exitCode = 1;
-}

package/templates/vscode/guardex-active-agents/README.md

@@ -1,34 +0,0 @@
-# GitGuardex Active Agents
-
-Local VS Code companion for Guardex-managed repos.
-
-## Quick Start
-
-Use the dedicated Active Agents sidebar icon to create or inspect Guardex sandboxes quickly.
-
-1. Install from a Guardex-wired repo:
-
-```sh
-node scripts/install-vscode-active-agents-extension.js
-```
-
-2. Reload the VS Code window.
-3. In the Activity Bar, open the dedicated `Active Agents` hive icon. Use `Start agent` to enter a task + agent name and launch the repo Guardex agent runner. The companion prefers `bash scripts/codex-agent.sh` when present, falls back to `npm run agent:codex --`, and only uses `gx branch start` as a last resort.
-
-What it does:
-
-- Bundles a local GitGuardex icon so repo installs show branded extension metadata inside VS Code.
-- Bundles the optional `GitGuardex File Icons` theme for OpenSpec, agent worktree, and hook files in Explorer.
-- Adds a dedicated `Active Agents` Activity Bar container with a hive icon and live badge count for active sessions.
-- Renders one repo node per live Guardex workspace with grouped `ACTIVE AGENTS` and `CHANGES` sections.
-- Splits live sessions inside `ACTIVE AGENTS` into `BLOCKED`, `WORKING NOW`, `THINKING`, `STALLED`, and `DEAD` groups so stuck, active, and inactive lanes stand out immediately.
-- Mirrors the same live state in the VS Code status bar so the selected session or active-agent count stays visible outside the tree.
-- Keeps the built-in Source Control view focused on real Git repositories; the Active Agents commit command prompts for a message from its own toolbar action.
-- Shows one row per live Guardex sandbox session inside those activity groups, with changed-file rows nested under sessions that are touching files.
-- Labels session rows with provider identity and snapshot context; snapshot-backed rows use a one-letter snapshot badge such as `N` for `nagyviktor@edixa.com`.
-- Shows raw agent branch groups with the `git-branch` icon instead of the generic folder icon.
-- Shows repo-root git changes in a sibling `CHANGES` section when the guarded repo itself is dirty.
-- Derives session state from dirty worktree status, git conflict markers, heartbeat freshness, PID liveness, and recent file mtimes, surfaces working/dead/conflict counts in the repo/header summary, and shows changed-file counts for active edits.
-- Uses distinct VS Code codicons for each session state, including animated `loading~spin` for `WORKING NOW`.
-- Reads repo-local presence files from `.omx/state/active-sessions/`, expects `lastHeartbeatAt` freshness, and falls back to managed worktree-root `AGENT.lock` telemetry when the launcher session file is absent.
-- Publishes `guardex.hasAgents` and `guardex.hasConflicts` context keys for other VS Code contributions.