@lelouchhe/webagent 0.1.0

package/src/bridge.ts

@@ -0,0 +1,317 @@
+import { spawn, ChildProcess } from "node:child_process";
+import { Writable, Readable } from "node:stream";
+import { EventEmitter } from "node:events";
+import * as acp from "@agentclientprotocol/sdk";
+import type { AgentEvent, ConfigOption } from "./types.ts";
+
+export class AgentBridge extends EventEmitter {
+  private proc: ChildProcess | null = null;
+  private conn: acp.ClientSideConnection | null = null;
+  private permissionResolvers = new Map<string, (resp: acp.RequestPermissionResponse) => void>();
+  private permissionRequestSessions = new Map<string, string>();
+  private silentSessions = new Set<string>(); // Sessions that don't emit events
+  private silentBuffers = new Map<string, string>(); // Text buffers for silent sessions
+  readonly agentCmd: string;
+
+  constructor(agentCmd: string) {
+    super();
+    this.agentCmd = agentCmd;
+  }
+
+  async start(): Promise<void> {
+    const [cmd, ...args] = this.agentCmd.split(/\s+/);
+    this.proc = spawn(cmd, args, {
+      stdio: ["pipe", "pipe", "inherit"],
+    });
+
+    if (!this.proc.stdin || !this.proc.stdout) {
+      throw new Error(`Failed to start: ${this.agentCmd}`);
+    }
+
+    const input = Writable.toWeb(this.proc.stdin);
+    const output = Readable.toWeb(this.proc.stdout) as ReadableStream<Uint8Array>;
+    const stream = acp.ndJsonStream(input, output);
+
+    const client: acp.Client = {
+      requestPermission: async (params) => this.handlePermission(params),
+      sessionUpdate: async (params) => this.handleSessionUpdate(params),
+      readTextFile: async (params) => this.handleReadFile(params),
+      writeTextFile: async (params) => this.handleWriteFile(params),
+    };
+
+    this.conn = new acp.ClientSideConnection((_agent) => client, stream);
+
+    const init = await this.conn.initialize({
+      protocolVersion: acp.PROTOCOL_VERSION,
+      clientCapabilities: {
+        fs: { readTextFile: true, writeTextFile: true },
+        terminal: true,
+      },
+    });
+
+    const agentInfo = init.agentInfo;
+    this.emit("event", {
+      type: "connected",
+      agent: {
+        name: agentInfo?.name ?? "unknown",
+        version: agentInfo?.version ?? "?",
+      },
+      configOptions: [],
+    } satisfies AgentEvent);
+  }
+
+  async newSession(cwd: string, opts?: { silent?: boolean }): Promise<string> {
+    if (!this.conn) throw new Error("Not connected");
+    const session = await this.conn.newSession({ cwd, mcpServers: [] });
+    if (!opts?.silent) {
+      this.emit("event", {
+        type: "session_created",
+        sessionId: session.sessionId,
+        cwd,
+        configOptions: (session as any).configOptions ?? [],
+      } satisfies AgentEvent);
+    }
+    return session.sessionId;
+  }
+
+  async loadSession(sessionId: string, cwd: string): Promise<{ sessionId: string; configOptions: ConfigOption[] }> {
+    if (!this.conn) throw new Error("Not connected");
+    const session = await this.conn.loadSession({ sessionId, cwd, mcpServers: [] });
+    this.emit("event", {
+      type: "session_created",
+      sessionId: session.sessionId,
+      cwd,
+      configOptions: (session as any).configOptions ?? [],
+    } satisfies AgentEvent);
+    return { sessionId: session.sessionId, configOptions: (session as any).configOptions ?? [] };
+  }
+
+  async setConfigOption(sessionId: string, configId: string, value: string): Promise<ConfigOption[]> {
+    if (!this.conn) throw new Error("Not connected");
+    const result = await this.conn.setSessionConfigOption({ sessionId, configId, value });
+    return (result as any).configOptions ?? [];
+  }
+
+  async prompt(
+    sessionId: string,
+    text: string,
+    images?: Array<{ data: string; mimeType: string }>,
+  ): Promise<void> {
+    if (!this.conn) throw new Error("Not connected");
+    try {
+      const promptParts: Array<
+        | { type: "text"; text: string }
+        | { type: "image"; data: string; mimeType: string }
+      > = [];
+      if (images) {
+        for (const img of images) {
+          promptParts.push({ type: "image", data: img.data, mimeType: img.mimeType });
+        }
+      }
+      promptParts.push({ type: "text", text });
+      const result = await this.conn.prompt({
+        sessionId,
+        prompt: promptParts,
+      });
+      this.emit("event", {
+        type: "prompt_done",
+        sessionId,
+        stopReason: result.stopReason ?? "end_turn",
+      } satisfies AgentEvent);
+    } catch (err: unknown) {
+      const message = err instanceof Error ? err.message : (typeof err === "string" ? err : JSON.stringify(err));
+      if (/cancel/i.test(message)) {
+        this.emit("event", {
+          type: "prompt_done",
+          sessionId,
+          stopReason: "cancelled",
+        } satisfies AgentEvent);
+        return;
+      }
+      this.emit("event", { type: "error", sessionId, message } satisfies AgentEvent);
+    }
+  }
+
+  async cancel(sessionId: string): Promise<void> {
+    for (const [requestId, requestSessionId] of this.permissionRequestSessions) {
+      if (requestSessionId === sessionId) {
+        this.denyPermission(requestId);
+      }
+    }
+    await this.conn?.cancel({ sessionId });
+  }
+
+  /** Send a prompt and collect the full text response without emitting events. */
+  async promptForText(sessionId: string, text: string): Promise<string> {
+    if (!this.conn) throw new Error("Not connected");
+    this.silentSessions.add(sessionId);
+    this.silentBuffers.set(sessionId, "");
+    try {
+      await this.conn.prompt({ sessionId, prompt: [{ type: "text", text }] });
+      return this.silentBuffers.get(sessionId) ?? "";
+    } catch (err: unknown) {
+      const message = err instanceof Error ? err.message : (typeof err === "string" ? err : JSON.stringify(err));
+      if (/cancel/i.test(message)) {
+        return "";
+      }
+      throw err;
+    } finally {
+      this.silentSessions.delete(sessionId);
+      this.silentBuffers.delete(sessionId);
+    }
+  }
+
+  resolvePermission(requestId: string, optionId: string): void {
+    const resolve = this.permissionResolvers.get(requestId);
+    if (resolve) {
+      resolve({ outcome: { outcome: "selected", optionId } });
+      this.permissionResolvers.delete(requestId);
+      this.permissionRequestSessions.delete(requestId);
+    }
+  }
+
+  denyPermission(requestId: string): void {
+    const resolve = this.permissionResolvers.get(requestId);
+    if (resolve) {
+      resolve({ outcome: { outcome: "cancelled" } });
+      this.permissionResolvers.delete(requestId);
+      this.permissionRequestSessions.delete(requestId);
+    }
+  }
+
+  async shutdown(): Promise<void> {
+    // Reject all pending permissions
+    for (const [id, resolve] of this.permissionResolvers) {
+      resolve({ outcome: { outcome: "cancelled" } });
+    }
+    this.permissionResolvers.clear();
+    this.permissionRequestSessions.clear();
+
+    if (this.proc && this.proc.exitCode === null) {
+      this.proc.kill();
+      await new Promise<void>((resolve) => {
+        const timer = setTimeout(() => {
+          this.proc?.kill("SIGKILL");
+          resolve();
+        }, 5000);
+        this.proc?.on("exit", () => {
+          clearTimeout(timer);
+          resolve();
+        });
+      });
+    }
+    this.proc = null;
+    this.conn = null;
+  }
+
+  // --- ACP Client callbacks ---
+
+  private handlePermission(params: acp.RequestPermissionRequest): Promise<acp.RequestPermissionResponse> {
+    const requestId = crypto.randomUUID();
+    const title = params.toolCall?.title ?? "Permission requested";
+    const toolCallId = params.toolCall?.toolCallId ?? null;
+
+    return new Promise((resolve) => {
+      // Register resolver BEFORE emitting, so synchronous auto-approve can find it
+      this.permissionResolvers.set(requestId, resolve);
+      this.permissionRequestSessions.set(requestId, params.sessionId);
+      this.emit("event", {
+        type: "permission_request",
+        requestId,
+        sessionId: params.sessionId,
+        title,
+        toolCallId,
+        options: params.options,
+      } satisfies AgentEvent);
+    });
+  }
+
+  private handleSessionUpdate(params: acp.SessionNotification): Promise<void> {
+    const update = params.update;
+    const sessionId = params.sessionId;
+
+    // Silent sessions: only buffer text, don't emit events
+    if (this.silentSessions.has(sessionId)) {
+      if (update.sessionUpdate === "agent_message_chunk" && update.content.type === "text") {
+        const buf = (this.silentBuffers.get(sessionId) ?? "") + update.content.text;
+        this.silentBuffers.set(sessionId, buf);
+      }
+      return Promise.resolve();
+    }
+
+    switch (update.sessionUpdate) {
+      case "agent_message_chunk":
+        if (update.content.type === "text") {
+          this.emit("event", {
+            type: "message_chunk",
+            sessionId,
+            text: update.content.text,
+          } satisfies AgentEvent);
+        }
+        break;
+
+      case "agent_thought_chunk":
+        if (update.content.type === "text") {
+          this.emit("event", {
+            type: "thought_chunk",
+            sessionId,
+            text: update.content.text,
+          } satisfies AgentEvent);
+        }
+        break;
+
+      case "tool_call":
+        this.emit("event", {
+          type: "tool_call",
+          sessionId,
+          id: update.toolCallId ?? "",
+          title: update.title ?? "",
+          kind: update.kind ?? "unknown",
+          rawInput: update.rawInput,
+        } satisfies AgentEvent);
+        break;
+
+      case "tool_call_update":
+        this.emit("event", {
+          type: "tool_call_update",
+          sessionId,
+          id: update.toolCallId ?? "",
+          status: update.status ?? "",
+          content: update.content,
+        } satisfies AgentEvent);
+        break;
+
+      case "plan":
+        this.emit("event", {
+          type: "plan",
+          sessionId,
+          entries: update.entries ?? [],
+        } satisfies AgentEvent);
+        break;
+
+      case "config_option_update":
+        this.emit("event", {
+          type: "config_option_update",
+          sessionId,
+          configOptions: (update as any).configOptions ?? [],
+        } satisfies AgentEvent);
+        break;
+    }
+
+    return Promise.resolve();
+  }
+
+  private async handleReadFile(params: acp.ReadTextFileRequest): Promise<acp.ReadTextFileResponse> {
+    const { readFile } = await import("node:fs/promises");
+    const content = await readFile(params.path, "utf-8");
+    return { content };
+  }
+
+  private async handleWriteFile(params: acp.WriteTextFileRequest): Promise<acp.WriteTextFileResponse> {
+    const { writeFile, mkdir } = await import("node:fs/promises");
+    const { dirname } = await import("node:path");
+    await mkdir(dirname(params.path), { recursive: true });
+    await writeFile(params.path, params.content);
+    return {};
+  }
+}

package/src/config.ts

@@ -0,0 +1,65 @@
+import { readFileSync } from "node:fs";
+import { parse as parseTOML } from "smol-toml";
+import { z } from "zod";
+
+const ConfigSchema = z.object({
+  port: z.number().int().positive().default(6800),
+  data_dir: z.string().default("data"),
+  default_cwd: z.string().default(process.cwd()),
+  public_dir: z.string().default("dist"),
+  agent_cmd: z.string().default("copilot --acp"),
+
+  limits: z.object({
+    bash_output: z.number().int().positive().default(1_048_576),   // 1 MB
+    image_upload: z.number().int().positive().default(10_485_760), // 10 MB
+    cancel_timeout: z.number().int().nonnegative().default(10_000), // 10s; 0 disables
+  }).default({
+    bash_output: 1_048_576,
+    image_upload: 10_485_760,
+    cancel_timeout: 10_000,
+  }),
+});
+
+export type Config = z.infer<typeof ConfigSchema>;
+
+let _config: Config | null = null;
+
+function parseArgs(): string | null {
+  const idx = process.argv.indexOf("--config");
+  if (idx !== -1 && idx + 1 < process.argv.length) {
+    return process.argv[idx + 1];
+  }
+  return null;
+}
+
+export function loadConfig(): Config {
+  const configPath = parseArgs();
+  let raw: Record<string, unknown> = {};
+
+  if (configPath) {
+    try {
+      const content = readFileSync(configPath, "utf-8");
+      raw = parseTOML(content) as Record<string, unknown>;
+      console.log(`[config] loaded: ${configPath}`);
+    } catch (err) {
+      console.error(`[config] failed to read ${configPath}:`, err);
+      process.exit(1);
+    }
+  } else {
+    console.log("[config] no --config provided, using defaults");
+  }
+
+  const result = ConfigSchema.safeParse(raw);
+  if (!result.success) {
+    console.error("[config] validation error:", result.error.format());
+    process.exit(1);
+  }
+
+  _config = result.data;
+  return _config;
+}
+
+export function getConfig(): Config {
+  if (!_config) throw new Error("Config not loaded. Call loadConfig() first.");
+  return _config;
+}

package/src/routes.ts

@@ -0,0 +1,147 @@
+import { readFile, writeFile, mkdir } from "node:fs/promises";
+import { join, extname } from "node:path";
+import type { IncomingMessage, ServerResponse } from "node:http";
+import type { Store } from "./store.ts";
+import type { Config } from "./config.ts";
+
+const SAFE_ID = /^[a-zA-Z0-9_-]+$/;
+
+const MIME: Record<string, string> = {
+  ".html": "text/html",
+  ".js": "application/javascript",
+  ".css": "text/css",
+  ".json": "application/json",
+  ".svg": "image/svg+xml",
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".gif": "image/gif",
+  ".webp": "image/webp",
+};
+
+export function createRequestHandler(store: Store, publicDir: string, dataDir: string, limits: Config["limits"]) {
+  return async (req: IncomingMessage, res: ServerResponse): Promise<void> => {
+    const url = req.url ?? "/";
+
+    // --- API routes ---
+    if (url.startsWith("/api/")) {
+      res.setHeader("Content-Type", "application/json");
+
+      // GET /api/sessions
+      if (url === "/api/sessions" && req.method === "GET") {
+        res.end(JSON.stringify(store.listSessions()));
+        return;
+      }
+
+      // GET /api/sessions/:id/events?thinking=0|1
+      const eventsMatch = url.match(/^\/api\/sessions\/([^/]+)\/events(\?.*)?$/);
+      if (eventsMatch && req.method === "GET") {
+        const sessionId = decodeURIComponent(eventsMatch[1]);
+        const params = new URLSearchParams(eventsMatch[2]?.slice(1) ?? "");
+        const excludeThinking = params.get("thinking") === "0";
+        const afterSeqRaw = params.get("after_seq");
+        const afterSeq = afterSeqRaw != null ? Number(afterSeqRaw) : undefined;
+        const session = store.getSession(sessionId);
+        if (!session) {
+          res.writeHead(404);
+          res.end(JSON.stringify({ error: "Session not found" }));
+          return;
+        }
+        const events = store.getEvents(sessionId, { excludeThinking, afterSeq });
+        res.end(JSON.stringify(events));
+        return;
+      }
+
+      // POST /api/images/:sessionId
+      const imgMatch = url.match(/^\/api\/images\/([^/]+)$/);
+      if (imgMatch && req.method === "POST") {
+        const sessionId = decodeURIComponent(imgMatch[1]);
+        if (!SAFE_ID.test(sessionId)) {
+          res.writeHead(400);
+          res.end(JSON.stringify({ error: "Invalid session ID" }));
+          return;
+        }
+        // Enforce upload size limit
+        const contentLength = parseInt(req.headers["content-length"] ?? "0", 10);
+        if (contentLength > limits.image_upload) {
+          res.writeHead(413);
+          res.end(JSON.stringify({ error: "Upload too large" }));
+          return;
+        }
+        const chunks: Buffer[] = [];
+        let totalSize = 0;
+        for await (const chunk of req) {
+          totalSize += (chunk as Buffer).length;
+          if (totalSize > limits.image_upload) {
+            res.writeHead(413);
+            res.end(JSON.stringify({ error: "Upload too large" }));
+            return;
+          }
+          chunks.push(chunk as Buffer);
+        }
+        let body: { data: string; mimeType: string };
+        try {
+          body = JSON.parse(Buffer.concat(chunks).toString());
+        } catch {
+          res.writeHead(400);
+          res.end(JSON.stringify({ error: "Invalid JSON" }));
+          return;
+        }
+        const { data, mimeType } = body;
+        const ext = mimeType.split("/")[1]?.replace("jpeg", "jpg") ?? "png";
+        const seq = Date.now();
+        const relPath = `images/${sessionId}/${seq}.${ext}`;
+        const absPath = join(dataDir, relPath);
+        await mkdir(join(dataDir, "images", sessionId), { recursive: true });
+        await writeFile(absPath, Buffer.from(data, "base64"));
+        const imgUrl = `/data/${relPath}`;
+        res.end(JSON.stringify({ path: relPath, url: imgUrl }));
+        return;
+      }
+
+      res.writeHead(404);
+      res.end(JSON.stringify({ error: "Not found" }));
+      return;
+    }
+
+    // --- Serve uploaded images: /data/images/... ---
+    if (url.startsWith("/data/images/")) {
+      const filePath = join(dataDir, url.slice(6)); // strip "/data/"
+      if (!filePath.startsWith(join(dataDir, "images"))) {
+        res.writeHead(403);
+        res.end("Forbidden");
+        return;
+      }
+      try {
+        const data = await readFile(filePath);
+        const ext = extname(filePath);
+        res.writeHead(200, {
+          "Content-Type": MIME[ext] ?? "application/octet-stream",
+          "Cache-Control": "public, max-age=31536000, immutable",
+        });
+        res.end(data);
+      } catch {
+        res.writeHead(404);
+        res.end("Not found");
+      }
+      return;
+    }
+
+    // --- Static files ---
+    const filePath = join(publicDir, url === "/" ? "/index.html" : url);
+    if (!filePath.startsWith(publicDir)) {
+      res.writeHead(403);
+      res.end("Forbidden");
+      return;
+    }
+    try {
+      const data = await readFile(filePath);
+      const ext = extname(filePath);
+      res.writeHead(200, { "Content-Type": MIME[ext] ?? "application/octet-stream" });
+      res.end(data);
+    } catch {
+      res.writeHead(404);
+      res.end("Not found");
+    }
+  };
+}

package/src/server.ts

@@ -0,0 +1,159 @@
+import { createServer } from "node:http";
+import { join } from "node:path";
+import { fileURLToPath } from "node:url";
+import { WebSocketServer } from "ws";
+import { loadConfig } from "./config.ts";
+import { AgentBridge } from "./bridge.ts";
+import { Store } from "./store.ts";
+import { SessionManager } from "./session-manager.ts";
+import { TitleService } from "./title-service.ts";
+import { createRequestHandler } from "./routes.ts";
+import { setupWsHandler, broadcast } from "./ws-handler.ts";
+import type { AgentEvent } from "./types.ts";
+
+const config = loadConfig();
+const __dirname = fileURLToPath(new URL(".", import.meta.url));
+const PUBLIC_DIR = join(__dirname, "..", config.public_dir);
+
+// --- Core dependencies ---
+
+const store = new Store(config.data_dir);
+console.log(`[store] using ${config.data_dir}/`);
+
+const sessions = new SessionManager(store, config.default_cwd, config.data_dir);
+const titleService = new TitleService(store, sessions, config.default_cwd);
+
+let bridge: AgentBridge | null = null;
+
+// --- HTTP + WebSocket servers ---
+
+const server = createServer(createRequestHandler(store, PUBLIC_DIR, config.data_dir, config.limits));
+const wss = new WebSocketServer({ server });
+
+setupWsHandler({
+  wss,
+  store,
+  sessions,
+  titleService,
+  getBridge: () => bridge,
+  limits: config.limits,
+});
+
+// --- Bridge initialization ---
+
+async function initBridge(): Promise<AgentBridge> {
+  const b = new AgentBridge(config.agent_cmd);
+
+  b.on("event", (event: AgentEvent) => {
+    if (sessions.restoringSessions.has(event.sessionId)) return;
+
+    switch (event.type) {
+      case "connected":
+        event.cancelTimeout = config.limits.cancel_timeout;
+        break;
+      case "session_created":
+        if (event.configOptions?.length) sessions.cachedConfigOptions = event.configOptions;
+        for (const opt of event.configOptions ?? []) {
+          store.updateSessionConfig(event.sessionId, opt.id, opt.currentValue);
+        }
+        break;
+      case "config_option_update":
+        if (event.configOptions?.length) sessions.cachedConfigOptions = event.configOptions;
+        for (const opt of event.configOptions ?? []) {
+          store.updateSessionConfig(event.sessionId, opt.id, opt.currentValue);
+        }
+        break;
+      case "message_chunk":
+        sessions.flushThinkingBuffer(event.sessionId);
+        sessions.appendAssistant(event.sessionId, event.text);
+        break;
+      case "thought_chunk":
+        sessions.flushAssistantBuffer(event.sessionId);
+        sessions.appendThinking(event.sessionId, event.text);
+        break;
+      case "tool_call":
+        sessions.flushBuffers(event.sessionId);
+        store.saveEvent(event.sessionId, event.type, { id: event.id, title: event.title, kind: event.kind, rawInput: event.rawInput });
+        break;
+      case "tool_call_update":
+        store.saveEvent(event.sessionId, event.type, { id: event.id, status: event.status, content: event.content });
+        break;
+      case "plan":
+        sessions.flushBuffers(event.sessionId);
+        store.saveEvent(event.sessionId, event.type, { entries: event.entries });
+        break;
+      case "permission_request": {
+        sessions.flushBuffers(event.sessionId);
+        store.saveEvent(event.sessionId, event.type, {
+          requestId: event.requestId, title: event.title, options: event.options,
+        });
+        // Auto-approve permissions in autopilot mode (allow_once only to avoid persisting across mode switches)
+        const mode = store.getSession(event.sessionId)?.mode ?? "";
+        if (mode.includes("#autopilot")) {
+          const opt = event.options.find((o: any) => o.kind === "allow_once");
+          if (opt) {
+            b.resolvePermission(event.requestId, opt.optionId);
+            const optionName = opt.label ?? opt.optionId;
+            store.saveEvent(event.sessionId, "permission_response", {
+              requestId: event.requestId, optionName, denied: false,
+            });
+            // Skip broadcasting the permission_request — send resolved directly
+            broadcast(wss, {
+              type: "permission_resolved",
+              sessionId: event.sessionId,
+              requestId: event.requestId,
+              optionName,
+              denied: false,
+            } as any);
+            return;
+          }
+        }
+        break;
+      }
+      case "prompt_done":
+        sessions.activePrompts.delete(event.sessionId);
+        sessions.flushBuffers(event.sessionId);
+        store.saveEvent(event.sessionId, event.type, { stopReason: event.stopReason });
+        break;
+      case "error":
+        if (event.sessionId) {
+          sessions.activePrompts.delete(event.sessionId);
+        }
+        break;
+    }
+    broadcast(wss, event);
+  });
+
+  await b.start();
+  bridge = b;
+  return b;
+}
+
+// --- Graceful shutdown ---
+
+async function shutdown() {
+  console.log("\n[server] shutting down...");
+  sessions.killAllBashProcs();
+  wss.close();
+  await bridge?.shutdown();
+  store.close();
+  server.close();
+  process.exit(0);
+}
+
+process.on("SIGINT", shutdown);
+process.on("SIGTERM", shutdown);
+
+// --- Start ---
+
+server.listen(config.port, "0.0.0.0", async () => {
+  console.log(`[server] listening on http://localhost:${config.port}`);
+  console.log(`[bridge] starting: ${config.agent_cmd}...`);
+  try {
+    await initBridge();
+    console.log(`[bridge] ready`);
+    sessions.hydrate();
+  } catch (err) {
+    console.error(`[bridge] failed to start:`, err);
+  }
+});