@obtoai/agent-bridge 0.1.0-beta.7 → 0.1.0-beta.9

package/cli/init.js

@@ -159,7 +159,7 @@ const main = async () => {
     const username = cliUsername || deriveUsername(email);
     const password = cliPassword || generatePassword();
     console.log('');
-    console.log('  Username: @' + username + (cliUsername ? '' : '   (derived from email)'));
+    console.log('  Username: ' + username + (cliUsername ? '' : '   (derived from email)'));
     if (!cliPassword) {
       console.log('  Password: ' + password + '   (auto-generated)');
       console.log('');
@@ -191,7 +191,7 @@ const main = async () => {
     registeredPassword = password;
     console.log('  ✓ Free account created.');
     console.log('    Account: ' + accountId);
-    console.log('    User:    @' + registeredUser);
+    console.log('    Username: ' + registeredUser + '   (sign in with this exact string — no @)');
     console.log('    Plan:    ' + (r.data.plan || 'free'));
     console.log('');
   }
@@ -258,13 +258,13 @@ const main = async () => {
 
   if (result.ok && result.parsed && result.parsed.account) {
     const a = result.parsed.account;
-    console.log('  ✓ Authenticated as @' + a.basicAuthUser + ' (' + a.accountId + ', status: ' + a.status + ')');
+    console.log('  ✓ Authenticated as ' + a.basicAuthUser + ' (' + a.accountId + ', status: ' + a.status + ')');
     console.log('');
     // The OBTO platform's root URL bounces unauthenticated users to /login.bto;
     // /api/view is the canonical bridge entry point that serves either the
     // sign-in form (unauthenticated) or the threads UI (authenticated).
     const signInUrl = baseUrl.replace(/\/$/, '') + '/api/view';
-    console.log('Sign in at ' + signInUrl + ' as @' + a.basicAuthUser + (registeredPassword ? ' (password above)' : '') + '.');
+    console.log('Sign in at ' + signInUrl + ' as ' + a.basicAuthUser + (registeredPassword ? ' (password above)' : '') + '.');
     console.log('Run:    obto-bridge start');
     return;
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@obtoai/agent-bridge",
-  "version": "0.1.0-beta.7",
+  "version": "0.1.0-beta.9",
   "description": "Local consumer for the OBTO Agent Bridge. Receives bridge events over SSE and drives a coding agent (Claude Code or OpenAI Codex) on your machine.",
   "license": "Apache-2.0",
   "author": "OBTO Inc.",

package/src/bridge-http.js

@@ -85,6 +85,13 @@ const postAgentActivity = (threadId, state) =>
 const claimThread = (threadId, agentId) =>
   postJson('/api/bridge/thread/claim', { threadId, agentId });
 
+// Phase 6.1 — push external (non-bridge) sessions discovered by the local
+// filesystem scanner so the bridge UI can render them alongside bridge-owned
+// threads. Fire-and-forget; the bridge tolerates partial payloads and
+// re-observes on the next 30s tick.
+const postExternalSync = (agentId, sessions) =>
+  postJson('/api/bridge/external/sync', { agentId, sessions });
+
 module.exports = {
   getCfg,
   buildHeaders,
@@ -92,4 +99,5 @@ module.exports = {
   getMessages,
   postAgentActivity,
   claimThread,
+  postExternalSync,
 };

package/src/daemon.js

@@ -4,8 +4,9 @@ const { loadConfig } = require('./config');
 const { startStream } = require('./stream-client');
 const { loadState, saveState, getAgentSession, setAgentSession } = require('./state');
 const { drive, tryResolvePermission, agentFor } = require('./driver');
-const { postAgentActivity, claimThread } = require('./bridge-http');
+const { postAgentActivity, claimThread, postExternalSync } = require('./bridge-http');
 const { detect: detectCapabilities } = require('./capabilities');
+const { scanAll: scanExternalSessions } = require('./external-scanner');
 
 const log = (level, msg, data) => {
   const line = { ts: new Date().toISOString(), level, msg };
@@ -207,11 +208,65 @@ const start = () => {
   });
 };
 
+// Phase 6.1 — External Thread Discovery. Every 30s, scan ~/.claude/projects
+// and ~/.codex/sessions for sessions that didn't originate from the bridge
+// and POST them to /api/bridge/external/sync. Fire-and-forget; failures log
+// and the next tick retries. The bridge dedups by (accountId, sessionId).
+const EXTERNAL_SCAN_INTERVAL_MS = 30000;
+let externalScanTimer = null;
+const ownedSessionIdsFromState = () => {
+  const ids = new Set();
+  const bindings = (state && state.bindings) || {};
+  for (const tid of Object.keys(bindings)) {
+    const b = bindings[tid] || {};
+    const sessions = b.sessions && typeof b.sessions === 'object'
+      ? b.sessions
+      : (b.sessionId ? { _flat: b } : {});
+    for (const k of Object.keys(sessions)) {
+      const s = sessions[k] || {};
+      if (s.sessionId) ids.add(String(s.sessionId));
+    }
+  }
+  return ids;
+};
+const externalScanTick = async () => {
+  try {
+    const all = scanExternalSessions();
+    const owned = ownedSessionIdsFromState();
+    const external = all.filter((s) => s && s.sessionId && !owned.has(String(s.sessionId)));
+    if (external.length === 0) return;
+    const r = await postExternalSync(cfg.agentId, external);
+    if (!r || !r.ok) {
+      log('warn', 'external sync rejected', {
+        status: r && r.status,
+        body: r && r.data,
+        count: external.length,
+      });
+    } else {
+      log('debug', 'external sync ok', {
+        sent: external.length,
+        upserted: (r.data && r.data.count) || 0,
+      });
+    }
+  } catch (e) {
+    log('warn', 'external scan failed', { error: e && e.message ? e.message : String(e) });
+  }
+};
+const startExternalSync = () => {
+  // Wait 10s after daemon start before the first scan so the SSE connection
+  // is established first. Reduces "cold start everything at once" noise.
+  setTimeout(() => {
+    externalScanTick();
+    externalScanTimer = setInterval(externalScanTick, EXTERNAL_SCAN_INTERVAL_MS);
+  }, 10000);
+};
+
 const shutdown = (signal) => {
   if (stopped) return;
   stopped = true;
   log('info', 'shutting down', { signal });
   try { stream && stream.stop(); } catch (_) {}
+  if (externalScanTimer) { try { clearInterval(externalScanTimer); } catch (_) {} }
   setTimeout(() => process.exit(0), 200);
 };
 

package/src/external-scanner.js

@@ -0,0 +1,244 @@
+'use strict';
+
+// Phase 6.1 — External Thread Discovery (scanner half).
+//
+// Scans the local filesystem for AI coding sessions started OUTSIDE the bridge
+// and returns a flat list of session records the daemon can POST to
+// /api/bridge/external/sync. The bridge UI then renders them alongside
+// bridge-owned threads — single pane of glass over all the user's AI work.
+//
+// Sources scanned:
+//   - Claude Code (CLI + VSCode Claude extension): both write JSONL session
+//     files at ~/.claude/projects/<encoded-projectdir>/<sessionId>.jsonl
+//   - Codex CLI: ~/.codex/sessions/YYYY/MM/DD/rollout-<ts>-<sessionId>.jsonl
+//   - opencode is NOT scanned — its SDK is server-bound, no shared JSONL store
+//   - Web tools (claude.ai chat, ChatGPT) are out of reach by design
+//
+// Privacy: we extract metadata + the LAST message preview only (1–2 lines,
+// capped at 200 chars). Full transcripts NEVER leave the user's machine.
+// The daemon POSTs the extracted records; the bridge stores them in the
+// agent_bridge_external_sessions Mongo collection.
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+const CLAUDE_DIR = path.join(os.homedir(), '.claude', 'projects');
+const CODEX_DIR = path.join(os.homedir(), '.codex', 'sessions');
+
+const PREVIEW_MAX_CHARS = 200;
+const TAIL_READ_BYTES = 8192; // read the last 8KB of each JSONL for the last message
+
+// Read the tail of a (potentially large) JSONL file without slurping the
+// whole thing into memory. Returns a string (UTF-8) or '' on any failure.
+const readTail = (filePath, maxBytes = TAIL_READ_BYTES) => {
+  let fd = null;
+  try {
+    const stat = fs.statSync(filePath);
+    const size = stat.size;
+    const start = Math.max(0, size - maxBytes);
+    const len = size - start;
+    if (len <= 0) return '';
+    fd = fs.openSync(filePath, 'r');
+    const buf = Buffer.alloc(len);
+    fs.readSync(fd, buf, 0, len, start);
+    return buf.toString('utf8');
+  } catch (_) {
+    return '';
+  } finally {
+    if (fd !== null) { try { fs.closeSync(fd); } catch (_) {} }
+  }
+};
+
+// Walk a JSONL tail backwards, parse each non-empty line as JSON, return the
+// first one we can extract a message from. Tolerant of multiple shapes —
+// Claude and Codex write slightly different envelopes and the formats have
+// drifted across SDK versions.
+const extractLastMessage = (jsonlTail) => {
+  if (!jsonlTail) return null;
+  const lines = jsonlTail.split(/\r?\n/).filter((l) => l.trim().length > 0);
+  for (let i = lines.length - 1; i >= 0; i--) {
+    let obj;
+    try {
+      obj = JSON.parse(lines[i]);
+    } catch (_) {
+      continue;
+    }
+
+    // ── Claude Code session JSONL shapes ─────────────────────────────────
+    // Common:
+    //   { type: 'user',      message: { role: 'user',      content: '...' } }
+    //   { type: 'assistant', message: { role: 'assistant', content: [{type:'text', text:'...'}, ...] } }
+    if (obj && obj.message && (obj.message.role || obj.type)) {
+      const role = obj.message.role || (obj.type === 'user' ? 'user' : 'assistant');
+      let raw = obj.message.content;
+      let text = '';
+      if (typeof raw === 'string') text = raw;
+      else if (Array.isArray(raw)) {
+        text = raw
+          .filter((p) => p && (p.type === 'text' || typeof p.text === 'string'))
+          .map((p) => String(p.text || ''))
+          .join(' ');
+      }
+      text = text.trim();
+      if (text) return { author: role === 'user' ? 'user' : 'assistant', preview: text.slice(0, PREVIEW_MAX_CHARS) };
+    }
+
+    // ── Codex SDK rollout shapes ────────────────────────────────────────
+    //   { record_type: 'message', role: 'assistant', content: [{type:'text', text:'...'}] }
+    //   { type: 'message', role: 'user', content: '...' }
+    //   { event: 'output_text', text: '...', role: 'assistant' }
+    if (obj && (obj.role || obj.event) && (obj.content || obj.text)) {
+      const role = obj.role || (obj.event === 'input_text' ? 'user' : 'assistant');
+      let raw = obj.content != null ? obj.content : obj.text;
+      let text = '';
+      if (typeof raw === 'string') text = raw;
+      else if (Array.isArray(raw)) {
+        text = raw
+          .filter((p) => p && (p.type === 'text' || typeof p.text === 'string'))
+          .map((p) => String(p.text || ''))
+          .join(' ');
+      }
+      text = text.trim();
+      if (text) return { author: role === 'user' ? 'user' : 'assistant', preview: text.slice(0, PREVIEW_MAX_CHARS) };
+    }
+  }
+  return null;
+};
+
+// Decode Claude's project-dir filename encoding back to a path-like string.
+// Claude turns `/Users/divyansh/foo` → `-Users-divyansh-foo`. We can't
+// perfectly reverse it (project names with literal `-` are ambiguous), but
+// for display purposes leading-dash → leading-slash + dashes → slashes is
+// usually close enough. The BridgeExternal stores both the raw encoded
+// projectDir AND a decoded label; the view route picks the friendlier one.
+const decodeClaudeProjectDir = (encoded) => {
+  if (!encoded) return '';
+  if (encoded.startsWith('-')) {
+    return '/' + encoded.slice(1).replace(/-/g, '/');
+  }
+  return encoded.replace(/-/g, '/');
+};
+
+// Scan ~/.claude/projects/<encoded-projectdir>/<sessionId>.jsonl
+const scanClaude = () => {
+  const out = [];
+  let topEntries;
+  try { topEntries = fs.readdirSync(CLAUDE_DIR); } catch (_) { return out; }
+
+  for (const entry of topEntries) {
+    const projectPath = path.join(CLAUDE_DIR, entry);
+    let projectStat;
+    try { projectStat = fs.statSync(projectPath); } catch (_) { continue; }
+    if (!projectStat.isDirectory()) continue;
+
+    let sessionFiles;
+    try { sessionFiles = fs.readdirSync(projectPath); } catch (_) { continue; }
+
+    for (const file of sessionFiles) {
+      if (!file.endsWith('.jsonl')) continue;
+      const sessionId = file.slice(0, -'.jsonl'.length);
+      const filePath = path.join(projectPath, file);
+      let stat;
+      try { stat = fs.statSync(filePath); } catch (_) { continue; }
+      const tail = readTail(filePath);
+      const lastMsg = extractLastMessage(tail);
+      out.push({
+        source: 'claude',
+        sessionId,
+        projectDir: entry,                         // raw encoded form
+        projectName: decodeClaudeProjectDir(entry), // best-effort decoded
+        lastActivityAt: stat.mtimeMs,
+        lastMessagePreview: lastMsg ? lastMsg.preview : '',
+        lastMessageAuthor: lastMsg ? lastMsg.author : null,
+      });
+    }
+  }
+  return out;
+};
+
+// Scan ~/.codex/sessions/YYYY/MM/DD/rollout-<ts>-<sessionId>.jsonl
+// The first JSONL line for a Codex rollout is a session-meta record that
+// contains the working directory; we read it once for projectDir.
+const scanCodex = () => {
+  const out = [];
+  let years;
+  try { years = fs.readdirSync(CODEX_DIR); } catch (_) { return out; }
+
+  for (const y of years) {
+    if (!/^\d{4}$/.test(y)) continue;
+    const yPath = path.join(CODEX_DIR, y);
+    let months;
+    try { months = fs.readdirSync(yPath); } catch (_) { continue; }
+    for (const m of months) {
+      if (!/^\d{2}$/.test(m)) continue;
+      const mPath = path.join(yPath, m);
+      let days;
+      try { days = fs.readdirSync(mPath); } catch (_) { continue; }
+      for (const d of days) {
+        if (!/^\d{2}$/.test(d)) continue;
+        const dPath = path.join(mPath, d);
+        let files;
+        try { files = fs.readdirSync(dPath); } catch (_) { continue; }
+        for (const f of files) {
+          if (!f.startsWith('rollout-') || !f.endsWith('.jsonl')) continue;
+          // session id is the last hex/uuid block before .jsonl
+          const sidMatch = f.match(/-([0-9a-f-]{8,})\.jsonl$/i);
+          if (!sidMatch) continue;
+          const sessionId = sidMatch[1];
+          const filePath = path.join(dPath, f);
+          let stat;
+          try { stat = fs.statSync(filePath); } catch (_) { continue; }
+
+          // Read the first KB to pull the session-meta's working directory.
+          let projectDir = '';
+          let fd = null;
+          try {
+            fd = fs.openSync(filePath, 'r');
+            const headBuf = Buffer.alloc(Math.min(2048, stat.size));
+            fs.readSync(fd, headBuf, 0, headBuf.length, 0);
+            const firstLine = headBuf.toString('utf8').split(/\r?\n/)[0] || '';
+            try {
+              const meta = JSON.parse(firstLine);
+              projectDir = String(
+                meta?.cwd ||
+                meta?.workingDirectory ||
+                meta?.working_directory ||
+                meta?.session_meta?.cwd ||
+                meta?.payload?.cwd ||
+                ''
+              );
+            } catch (_) { /* not a meta line — leave projectDir blank */ }
+          } catch (_) {} finally {
+            if (fd !== null) { try { fs.closeSync(fd); } catch (_) {} }
+          }
+
+          const tail = readTail(filePath);
+          const lastMsg = extractLastMessage(tail);
+          out.push({
+            source: 'codex',
+            sessionId,
+            projectDir: projectDir || `${y}/${m}/${d}`,
+            projectName: projectDir || null,
+            lastActivityAt: stat.mtimeMs,
+            lastMessagePreview: lastMsg ? lastMsg.preview : '',
+            lastMessageAuthor: lastMsg ? lastMsg.author : null,
+          });
+        }
+      }
+    }
+  }
+  return out;
+};
+
+// Public entry: returns a flat list of every external session found.
+// Synchronous on purpose — the daemon calls this on a 30s timer and the
+// total IO is dominated by readdir + a single readSync per file. Async
+// would only complicate retry/cancel semantics with no real benefit.
+const scanAll = () => {
+  const claude = scanClaude();
+  const codex = scanCodex();
+  return claude.concat(codex);
+};
+
+module.exports = { scanAll, scanClaude, scanCodex, extractLastMessage, decodeClaudeProjectDir };