@johpaz/hive 1.7.19 → 2.0.1

package/README.md

@@ -114,7 +114,7 @@ docker run -d \
   -v hive-data:/root/.hive \
   --name hive \
   --restart unless-stopped \
-  johpaz/hive:1.7.19
+  johpaz/hive:2.0.1
 ```
 
 **Variables de entorno disponibles:**
@@ -188,10 +188,10 @@ En el equipo donde tienes conexión a internet:
 
 ```bash
 # Descargar la imagen si no la tienes
-docker pull johpaz/hive:1.7.19
+docker pull johpaz/hive:2.0.1
 
 # Exportar a archivo tar (cabe en cualquier USB de 512 MB+)
-docker save johpaz/hive:1.7.19 -o /media/usb/hive-image.tar
+docker save johpaz/hive:2.0.1 -o /media/usb/hive-image.tar
 ```
 
 **Paso 2 — Crear la estructura en la USB**
@@ -209,7 +209,7 @@ Crea el `docker-compose.yml` en la USB con el volumen apuntando a la USB:
 ```yaml
 services:
   hive:
-    image: johpaz/hive:1.7.19
+    image: johpaz/hive:2.0.1
     ports:
       - "18790:18790"
     volumes:
@@ -288,11 +288,11 @@ Descarga manual de cualquier plataforma o versión específica.
 
 | Plataforma | Archivo | Descarga directa |
 |------------|---------|------------------|
-| Linux x64 | `hive-v1.7.19-linux-x64` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v1.7.19-linux-x64) |
-| Linux ARM64 (Raspberry Pi, etc.) | `hive-v1.7.19-linux-arm64` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v1.7.19-linux-arm64) |
-| macOS Apple Silicon (M1/M2/M3/M4) | `hive-v1.7.19-macos-arm64` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v1.7.19-macos-arm64) |
-| macOS Intel | `hive-v1.7.19-macos-x64` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v1.7.19-macos-x64) |
-| Windows x64 | `hive-v1.7.19-windows-x64.exe` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v1.7.19-windows-x64.exe) |
+| Linux x64 | `hive-v2.0.1-linux-x64` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v2.0.1-linux-x64) |
+| Linux ARM64 (Raspberry Pi, etc.) | `hive-v2.0.1-linux-arm64` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v2.0.1-linux-arm64) |
+| macOS Apple Silicon (M1/M2/M3/M4) | `hive-v2.0.1-macos-arm64` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v2.0.1-macos-arm64) |
+| macOS Intel | `hive-v2.0.1-macos-x64` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v2.0.1-macos-x64) |
+| Windows x64 | `hive-v2.0.1-windows-x64.exe` | [Descargar](https://github.com/johpaz/hive/releases/latest/download/hive-v2.0.1-windows-x64.exe) |
 
 > Los links anteriores siempre apuntan a la última versión publicada. Si necesitas una versión específica, visita la [página de releases](https://github.com/johpaz/hive/releases).
 
@@ -302,7 +302,7 @@ Descarga manual de cualquier plataforma o versión específica.
 
 ```bash
 # 1. Descargar el binario (reemplaza "linux-x64" por "linux-arm64" si es ARM)
-curl -L -o hive https://github.com/johpaz/hive/releases/latest/download/hive-v1.7.19-linux-x64
+curl -L -o hive https://github.com/johpaz/hive/releases/latest/download/hive-v2.0.1-linux-x64
 
 # 2. Dar permisos de ejecución
 chmod +x hive
@@ -334,7 +334,7 @@ hive start
 
 ```bash
 # 1. Descargar
-curl -L -o hive https://github.com/johpaz/hive/releases/latest/download/hive-v1.7.19-macos-arm64
+curl -L -o hive https://github.com/johpaz/hive/releases/latest/download/hive-v2.0.1-macos-arm64
 
 # 2. Dar permisos de ejecución
 chmod +x hive
@@ -374,7 +374,7 @@ hive start
 Igual que Apple Silicon pero descarga `macos-x64`:
 
 ```bash
-curl -L -o hive https://github.com/johpaz/hive/releases/latest/download/hive-v1.7.19-macos-x64
+curl -L -o hive https://github.com/johpaz/hive/releases/latest/download/hive-v2.0.1-macos-x64
 chmod +x hive
 xattr -d com.apple.quarantine hive
 curl -L https://github.com/johpaz/hive/releases/latest/download/ui-dist.tar.gz \
@@ -389,7 +389,7 @@ mkdir -p ~/.hive/ui && cp -r ui-dist/* ~/.hive/ui/
 
 **Paso 1 — Descargar el binario**
 
-Descarga [`hive-v1.7.19-windows-x64.exe`](https://github.com/johpaz/hive/releases/latest/download/hive-v1.7.19-windows-x64.exe) desde GitHub o desde [hiveagents.io](https://www.hiveagents.io/#installation).
+Descarga [`hive-v2.0.1-windows-x64.exe`](https://github.com/johpaz/hive/releases/latest/download/hive-v2.0.1-windows-x64.exe) desde GitHub o desde [hiveagents.io](https://www.hiveagents.io/#installation).
 
 **Paso 2 — Windows SmartScreen**
 
@@ -419,7 +419,7 @@ tar -xzf ui-dist.tar.gz -C "$env:USERPROFILE\.hive\ui"
 **Paso 4 — Ejecutar**
 
 ```powershell
-.\hive-v1.7.19-windows-x64.exe start
+.\hive-v2.0.1-windows-x64.exe start
 ```
 
 El navegador se abre automáticamente en `http://localhost:18790`.
@@ -428,7 +428,7 @@ El navegador se abre automáticamente en `http://localhost:18790`.
 
 ```powershell
 # Mover a una carpeta ya en el PATH, por ejemplo:
-Move-Item .\hive-v1.7.19-windows-x64.exe C:\Windows\System32\hive.exe
+Move-Item .\hive-v2.0.1-windows-x64.exe C:\Windows\System32\hive.exe
 
 # Luego ejecutar desde cualquier lugar:
 hive start
@@ -479,7 +479,7 @@ El binario standalone es ideal para llevarlo en una USB. Tu agente viaja contigo
 **Preparar la USB:**
 
 ```bash
-cp hive-v1.7.19-linux-x64 /media/usb/hive
+cp hive-v2.0.1-linux-x64 /media/usb/hive
 chmod +x /media/usb/hive
 cp -r ui-dist/* /media/usb/ui/
 
@@ -944,6 +944,19 @@ const data = await browser_script({
 
 ---
 
+## Seguridad
+
+| Tema | Resumen |
+|------|---------|
+| **Autenticación** | Define `HIVE_AUTH_TOKEN` siempre en producción. Sin él, cualquiera que alcance el puerto puede usar el dashboard. |
+| **Red** | En VPS o servidores, pon Hive detrás de un reverse proxy con HTTPS y abre solo el puerto `18790`. |
+| **Container** | El proceso corre como `root` dentro del contenedor (sin `--privileged`). Migración a usuario no-root pendiente en versiones futuras. |
+| **Datos** | Todo se almacena en el volumen `hive-data` / `~/.hive/`. No se envía telemetría a servidores externos. Las API keys se guardan cifradas. |
+
+Consulta [SECURITY.md](SECURITY.md) para instrucciones detalladas de configuración, backup y hardening.
+
+---
+
 ## Desarrollo
 
 ```bash

package/dist/hive.js

@@ -555622,6 +555622,41 @@ function isSetupMode() {
     return true;
   }
 }
+function handleSetupProviders(addCorsHeaders, req) {
+  const llmModelsByProvider = new Map;
+  for (const model of SEED_DATA.models) {
+    if (model.modelType !== "llm")
+      continue;
+    if (!llmModelsByProvider.has(model.providerId)) {
+      llmModelsByProvider.set(model.providerId, []);
+    }
+    llmModelsByProvider.get(model.providerId).push({ id: model.id, name: model.name });
+  }
+  const result2 = SEED_DATA.providers.filter((p2) => llmModelsByProvider.has(p2.id) || p2.id === "ollama").map((p2) => ({
+    id: p2.id,
+    name: p2.name,
+    models: llmModelsByProvider.get(p2.id) ?? []
+  }));
+  return addCorsHeaders(Response.json(result2), req);
+}
+function handleSetupEthics(addCorsHeaders, req) {
+  try {
+    const db = getDb();
+    const ethics = db.query(`
+      SELECT id, name, description, content, is_default, active FROM ethics ORDER BY id
+    `).all();
+    return addCorsHeaders(Response.json(ethics.map((e) => ({
+      id: e.id,
+      name: e.name,
+      description: e.description,
+      content: e.content,
+      isDefault: e.is_default === 1,
+      active: e.active === 1
+    }))), req);
+  } catch (error50) {
+    return addCorsHeaders(Response.json({ error: error50.message }, { status: 500 }), req);
+  }
+}
 async function handleSetupStatus() {
   const setupMode = isSetupMode();
   return Response.json({
@@ -555826,9 +555861,17 @@ async function handleCompleteSetup(req, config3, addCorsHeaders) {
         ttsProvider: body.ttsProvider || "elevenlabs"
       });
     }
-    activateEthics(userId, "default");
+    if (body.ethicsRules && typeof body.ethicsRules === "object") {
+      for (const [ethicsId, enabled] of Object.entries(body.ethicsRules)) {
+        if (enabled)
+          activateEthics(userId, ethicsId);
+      }
+    } else {
+      activateEthics(userId, "default");
+    }
     const authToken = randomUUID2().replace(/-/g, "");
     process.env.HIVE_AUTH_TOKEN = authToken;
+    setTimeout(() => process.exit(0), 800);
     return addCorsHeaders(Response.json({
       success: true,
       userId,
@@ -555845,6 +555888,7 @@ async function handleCompleteSetup(req, config3, addCorsHeaders) {
 }
 var init_setup = __esm(() => {
   init_sqlite();
+  init_seed();
   init_onboarding();
 });
 
@@ -558056,7 +558100,7 @@ function addCorsHeaders(response, request3) {
   const origin = request3.headers.get("Origin");
   if (!origin)
     return response;
-  const isLocalhost = origin.includes("localhost") || origin.includes("127.0.0.1");
+  const isLocalhost = origin.includes("localhost") || origin.includes("127.0.0.1") || origin.includes("0.0.0.0");
   const isCorsOrigin = CORS_ORIGINS.some((o2) => origin.includes(o2.replace("http://", "")));
   if (isCorsOrigin || isLocalhost) {
     const headers = new Headers(response.headers);
@@ -558995,7 +559039,7 @@ async function startGateway(config3) {
     hostname: host,
     fetch: (req) => {
       const origin = req.headers.get("Origin") ?? "";
-      const isLocalhost = origin.includes("localhost") || origin.includes("127.0.0.1");
+      const isLocalhost = origin.includes("localhost") || origin.includes("127.0.0.1") || origin.includes("0.0.0.0");
       const corsHeaders = isLocalhost ? {
         "Access-Control-Allow-Origin": origin,
         "Access-Control-Allow-Methods": "GET, POST, PUT, PATCH, DELETE, OPTIONS",
@@ -559004,13 +559048,18 @@ async function startGateway(config3) {
       } : {};
       if (req.method === "OPTIONS")
         return new Response(null, { status: 204, headers: corsHeaders });
-      return Response.json({ status: "starting" }, { headers: corsHeaders });
+      const pathname = new URL(req.url).pathname;
+      if (pathname === "/health" || pathname === "/health/") {
+        return Response.json({ status: "starting" }, { headers: corsHeaders });
+      }
+      return Response.json({ status: "starting" }, { status: 503, headers: corsHeaders });
     },
     websocket: { open() {}, message() {}, close() {} }
   });
   log69.info(`Port ${port} bound (initializing gateway...)`);
   try {
     initializeDatabase();
+    seedAllData();
   } catch {}
   let gatewaySetupMode = false;
   try {
@@ -559268,7 +559317,7 @@ ${messageContent}`;
       const handleRequest = async () => {
         if (req.method === "OPTIONS") {
           const origin = req.headers.get("Origin");
-          if (origin && (origin.includes("localhost") || origin.includes("127.0.0.1") || CORS_ORIGINS.some((o2) => origin.includes(o2.replace("http://", ""))))) {
+          if (origin && (origin.includes("localhost") || origin.includes("127.0.0.1") || origin.includes("0.0.0.0") || CORS_ORIGINS.some((o2) => origin.includes(o2.replace("http://", ""))))) {
             return new Response(null, {
               status: 204,
               headers: {
@@ -559385,6 +559434,12 @@ ${messageContent}`;
         if (url3.pathname === "/api/setup/status" || url3.pathname === "/api/setup/status/") {
           return addCorsHeaders(await handleSetupStatus(), req);
         }
+        if (url3.pathname === "/api/setup/providers" && req.method === "GET") {
+          return handleSetupProviders(addCorsHeaders, req);
+        }
+        if (url3.pathname === "/api/setup/ethics" && req.method === "GET") {
+          return handleSetupEthics(addCorsHeaders, req);
+        }
         if (url3.pathname === "/api/setup/verify-provider" && req.method === "POST") {
           return addCorsHeaders(await handleVerifyProvider(req), req);
         }
@@ -560466,6 +560521,7 @@ var init_server = __esm(() => {
   init_lane_queue();
   init_slash_commands();
   init_sqlite();
+  init_seed();
   init_canvas_manager();
   init_emitter();
   init_bridge_events();
@@ -562787,7 +562843,7 @@ async function start(flags) {
  \u2551   \u2588\u2588\u2551  \u2588\u2588\u2551\u2588\u2588\u2551 \u255A\u2588\u2588\u2588\u2588\u2554\u255D \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557             \u2551
  \u2551   \u255A\u2550\u255D  \u255A\u2550\u255D\u255A\u2550\u255D  \u255A\u2550\u2550\u2550\u255D  \u255A\u2550\u2550\u2550\u2550\u2550\u2550\u255D             \u2551
  \u2551                                            \u2551
- \u2551   Personal Swarm AI Gateway \u2014 v1.7.19       \u2551
+ \u2551   Personal Swarm AI Gateway \u2014 v2.0.1       \u2551
  \u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D
 `);
   }
@@ -564997,7 +565053,7 @@ async function executeAsync(gatewayUrl, payload, spinner) {
 }
 
 // packages/cli/src/index.ts
-var VERSION4 = "1.7.19";
+var VERSION4 = "2.0.1";
 var HELP = `
 \uD83D\uDC1D Hive \u2014 Personal Swarm AI Gateway v${VERSION4}
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@johpaz/hive",
-  "version": "1.7.19",
+  "version": "2.0.1",
   "description": "Tu colmena de agentes IA. Local-first. Multi-canal. Open source. Construido desde Colombia para el mundo.",
   "private": false,
   "bin": {