@openparachute/agent 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/scheduled_tasks.lock +1 -0
- package/.claude/settings.json +5 -0
- package/.claude/skills/add-atomic-chat-tool/SKILL.md +243 -0
- package/.claude/skills/add-atomic-chat-tool/atomic-chat-mcp-stdio.ts +229 -0
- package/.claude/skills/add-codex/SKILL.md +161 -0
- package/.claude/skills/add-dashboard/SKILL.md +138 -0
- package/.claude/skills/add-dashboard/resources/dashboard-pusher.ts +495 -0
- package/.claude/skills/add-emacs/SKILL.md +296 -0
- package/.claude/skills/add-gcal-tool/SKILL.md +210 -0
- package/.claude/skills/add-gchat/REMOVE.md +6 -0
- package/.claude/skills/add-gchat/SKILL.md +92 -0
- package/.claude/skills/add-gchat/VERIFY.md +3 -0
- package/.claude/skills/add-github/REMOVE.md +6 -0
- package/.claude/skills/add-github/SKILL.md +148 -0
- package/.claude/skills/add-github/VERIFY.md +3 -0
- package/.claude/skills/add-gmail-tool/SKILL.md +229 -0
- package/.claude/skills/add-imessage/REMOVE.md +6 -0
- package/.claude/skills/add-imessage/SKILL.md +113 -0
- package/.claude/skills/add-imessage/VERIFY.md +3 -0
- package/.claude/skills/add-karpathy-llm-wiki/SKILL.md +110 -0
- package/.claude/skills/add-karpathy-llm-wiki/llm-wiki.md +75 -0
- package/.claude/skills/add-linear/REMOVE.md +6 -0
- package/.claude/skills/add-linear/SKILL.md +168 -0
- package/.claude/skills/add-linear/VERIFY.md +3 -0
- package/.claude/skills/add-macos-statusbar/SKILL.md +133 -0
- package/.claude/skills/add-macos-statusbar/add/src/statusbar.swift +147 -0
- package/.claude/skills/add-matrix/REMOVE.md +6 -0
- package/.claude/skills/add-matrix/SKILL.md +148 -0
- package/.claude/skills/add-matrix/VERIFY.md +3 -0
- package/.claude/skills/add-ollama-provider/SKILL.md +179 -0
- package/.claude/skills/add-ollama-tool/SKILL.md +193 -0
- package/.claude/skills/add-opencode/SKILL.md +229 -0
- package/.claude/skills/add-parallel/SKILL.md +290 -0
- package/.claude/skills/add-resend/REMOVE.md +6 -0
- package/.claude/skills/add-resend/SKILL.md +93 -0
- package/.claude/skills/add-resend/VERIFY.md +3 -0
- package/.claude/skills/add-signal/REMOVE.md +13 -0
- package/.claude/skills/add-signal/SKILL.md +318 -0
- package/.claude/skills/add-signal/VERIFY.md +5 -0
- package/.claude/skills/add-slack/REMOVE.md +6 -0
- package/.claude/skills/add-slack/SKILL.md +112 -0
- package/.claude/skills/add-slack/VERIFY.md +3 -0
- package/.claude/skills/add-teams/REMOVE.md +6 -0
- package/.claude/skills/add-teams/SKILL.md +207 -0
- package/.claude/skills/add-teams/VERIFY.md +3 -0
- package/.claude/skills/add-vercel/SKILL.md +147 -0
- package/.claude/skills/add-vercel/container-skills/vercel-cli/SKILL.md +103 -0
- package/.claude/skills/add-webex/REMOVE.md +6 -0
- package/.claude/skills/add-webex/SKILL.md +88 -0
- package/.claude/skills/add-webex/VERIFY.md +3 -0
- package/.claude/skills/add-wechat/REMOVE.md +49 -0
- package/.claude/skills/add-wechat/SKILL.md +170 -0
- package/.claude/skills/add-wechat/scripts/wire-dm.ts +172 -0
- package/.claude/skills/add-whatsapp/SKILL.md +264 -0
- package/.claude/skills/add-whatsapp-cloud/REMOVE.md +6 -0
- package/.claude/skills/add-whatsapp-cloud/SKILL.md +95 -0
- package/.claude/skills/add-whatsapp-cloud/VERIFY.md +3 -0
- package/.claude/skills/claw/SKILL.md +131 -0
- package/.claude/skills/claw/scripts/claw +374 -0
- package/.claude/skills/convert-to-apple-container/SKILL.md +212 -0
- package/.claude/skills/customize/SKILL.md +110 -0
- package/.claude/skills/debug/SKILL.md +349 -0
- package/.claude/skills/get-qodo-rules/SKILL.md +122 -0
- package/.claude/skills/get-qodo-rules/references/output-format.md +41 -0
- package/.claude/skills/get-qodo-rules/references/pagination.md +33 -0
- package/.claude/skills/get-qodo-rules/references/repository-scope.md +26 -0
- package/.claude/skills/init-first-agent/SKILL.md +120 -0
- package/.claude/skills/init-onecli/SKILL.md +270 -0
- package/.claude/skills/manage-channels/SKILL.md +87 -0
- package/.claude/skills/manage-mounts/SKILL.md +47 -0
- package/.claude/skills/migrate-from-openclaw/MIGRATE_CRONS.md +100 -0
- package/.claude/skills/migrate-from-openclaw/SKILL.md +447 -0
- package/.claude/skills/migrate-from-openclaw/scripts/discover-openclaw.ts +734 -0
- package/.claude/skills/migrate-from-openclaw/scripts/extract-channel-credentials.ts +476 -0
- package/.claude/skills/migrate-nanoclaw/SKILL.md +484 -0
- package/.claude/skills/migrate-nanoclaw/diagnostics.md +51 -0
- package/.claude/skills/qodo-pr-resolver/SKILL.md +326 -0
- package/.claude/skills/qodo-pr-resolver/resources/providers.md +329 -0
- package/.claude/skills/update-nanoclaw/SKILL.md +243 -0
- package/.claude/skills/update-nanoclaw/diagnostics.md +48 -0
- package/.claude/skills/update-skills/SKILL.md +130 -0
- package/.claude/skills/use-native-credential-proxy/SKILL.md +167 -0
- package/.claude/skills/x-integration/SKILL.md +417 -0
- package/.claude/skills/x-integration/agent.ts +243 -0
- package/.claude/skills/x-integration/host.ts +155 -0
- package/.claude/skills/x-integration/lib/browser.ts +148 -0
- package/.claude/skills/x-integration/lib/config.ts +62 -0
- package/.claude/skills/x-integration/scripts/like.ts +56 -0
- package/.claude/skills/x-integration/scripts/post.ts +66 -0
- package/.claude/skills/x-integration/scripts/quote.ts +80 -0
- package/.claude/skills/x-integration/scripts/reply.ts +74 -0
- package/.claude/skills/x-integration/scripts/retweet.ts +62 -0
- package/.claude/skills/x-integration/scripts/setup.ts +87 -0
- package/.github/CODEOWNERS +10 -0
- package/.github/PULL_REQUEST_TEMPLATE.md +18 -0
- package/.github/workflows/bump-version.yml +35 -0
- package/.github/workflows/ci.yml +39 -0
- package/.github/workflows/label-pr.yml +40 -0
- package/.github/workflows/update-tokens.yml +43 -0
- package/.husky/pre-commit +1 -0
- package/.mcp.json +3 -0
- package/.nvmrc +1 -0
- package/.parachute/module.json +14 -0
- package/.prettierrc +4 -0
- package/CHANGELOG.md +215 -0
- package/CLAUDE.md +307 -0
- package/CODE_OF_CONDUCT.md +128 -0
- package/CONTRIBUTING.md +159 -0
- package/CONTRIBUTORS.md +26 -0
- package/LICENSE +21 -0
- package/README.md +190 -0
- package/README_ja.md +194 -0
- package/README_zh.md +194 -0
- package/assets/nanoclaw-favicon.png +0 -0
- package/assets/nanoclaw-icon.png +0 -0
- package/assets/nanoclaw-logo-dark.png +0 -0
- package/assets/nanoclaw-logo.png +0 -0
- package/assets/nanoclaw-profile.jpeg +0 -0
- package/assets/nanoclaw-sales.png +0 -0
- package/assets/social-preview.jpg +0 -0
- package/config-examples/mount-allowlist.json +25 -0
- package/container/.dockerignore +2 -0
- package/container/CLAUDE.md +21 -0
- package/container/Dockerfile +121 -0
- package/container/agent-runner/bun.lock +243 -0
- package/container/agent-runner/package.json +22 -0
- package/container/agent-runner/scripts/sdk-signal-probe.ts +169 -0
- package/container/agent-runner/src/config.ts +55 -0
- package/container/agent-runner/src/db/connection.ts +267 -0
- package/container/agent-runner/src/db/index.ts +20 -0
- package/container/agent-runner/src/db/messages-in.ts +138 -0
- package/container/agent-runner/src/db/messages-out.ts +143 -0
- package/container/agent-runner/src/db/session-routing.ts +30 -0
- package/container/agent-runner/src/db/session-state.test.ts +100 -0
- package/container/agent-runner/src/db/session-state.ts +79 -0
- package/container/agent-runner/src/destinations.ts +135 -0
- package/container/agent-runner/src/formatter.test.ts +167 -0
- package/container/agent-runner/src/formatter.ts +260 -0
- package/container/agent-runner/src/index.ts +110 -0
- package/container/agent-runner/src/integration.test.ts +121 -0
- package/container/agent-runner/src/mcp-tools/agents.instructions.md +26 -0
- package/container/agent-runner/src/mcp-tools/agents.ts +66 -0
- package/container/agent-runner/src/mcp-tools/core.instructions.md +27 -0
- package/container/agent-runner/src/mcp-tools/core.ts +262 -0
- package/container/agent-runner/src/mcp-tools/index.ts +22 -0
- package/container/agent-runner/src/mcp-tools/interactive.instructions.md +22 -0
- package/container/agent-runner/src/mcp-tools/interactive.ts +169 -0
- package/container/agent-runner/src/mcp-tools/scheduling.instructions.md +40 -0
- package/container/agent-runner/src/mcp-tools/scheduling.ts +299 -0
- package/container/agent-runner/src/mcp-tools/self-mod.instructions.md +25 -0
- package/container/agent-runner/src/mcp-tools/self-mod.ts +120 -0
- package/container/agent-runner/src/mcp-tools/server.ts +54 -0
- package/container/agent-runner/src/mcp-tools/types.ts +6 -0
- package/container/agent-runner/src/poll-loop.test.ts +248 -0
- package/container/agent-runner/src/poll-loop.ts +437 -0
- package/container/agent-runner/src/providers/claude.ts +379 -0
- package/container/agent-runner/src/providers/factory.test.ts +19 -0
- package/container/agent-runner/src/providers/factory.ts +13 -0
- package/container/agent-runner/src/providers/index.ts +6 -0
- package/container/agent-runner/src/providers/mock.ts +77 -0
- package/container/agent-runner/src/providers/provider-registry.ts +33 -0
- package/container/agent-runner/src/providers/types.ts +82 -0
- package/container/agent-runner/src/scheduling/task-script.ts +121 -0
- package/container/agent-runner/src/timezone.test.ts +93 -0
- package/container/agent-runner/src/timezone.ts +107 -0
- package/container/agent-runner/tsconfig.json +14 -0
- package/container/build.sh +48 -0
- package/container/entrypoint.sh +16 -0
- package/container/skills/agent-browser/SKILL.md +159 -0
- package/container/skills/frontend-engineer/SKILL.md +157 -0
- package/container/skills/self-customize/SKILL.md +87 -0
- package/container/skills/slack-formatting/SKILL.md +94 -0
- package/container/skills/vercel-cli/SKILL.md +111 -0
- package/container/skills/welcome/SKILL.md +85 -0
- package/docs/APPLE-CONTAINER-NETWORKING.md +90 -0
- package/docs/BRANCH-FORK-MAINTENANCE.md +81 -0
- package/docs/README.md +25 -0
- package/docs/SDK_DEEP_DIVE.md +643 -0
- package/docs/SECURITY.md +162 -0
- package/docs/agent-runner-details.md +749 -0
- package/docs/api-details.md +365 -0
- package/docs/architecture-diagram.html +422 -0
- package/docs/architecture-diagram.md +215 -0
- package/docs/architecture.md +751 -0
- package/docs/audit/2026-04-30-channel-endpoint-audit.md +36 -0
- package/docs/build-and-runtime.md +80 -0
- package/docs/cross-mount-stress/README.md +112 -0
- package/docs/cross-mount-stress/container-writer-retry.mjs +55 -0
- package/docs/cross-mount-stress/container-writer-slow.mjs +42 -0
- package/docs/cross-mount-stress/container-writer.mjs +47 -0
- package/docs/cross-mount-stress/host-writer-retry.mjs +55 -0
- package/docs/cross-mount-stress/host-writer-slow.mjs +43 -0
- package/docs/cross-mount-stress/host-writer.mjs +47 -0
- package/docs/db-central.md +316 -0
- package/docs/db-session.md +183 -0
- package/docs/db.md +119 -0
- package/docs/design/2026-04-29-vault-management-ui.md +231 -0
- package/docs/design/2026-04-30-channel-wiring-rework.md +234 -0
- package/docs/design/2026-05-01-channel-wiring-approvals-deep-dive.md +272 -0
- package/docs/design/2026-05-02-channel-policy-and-approval-routing.md +250 -0
- package/docs/docker-sandboxes.md +359 -0
- package/docs/isolation-model.md +88 -0
- package/docs/ollama.md +79 -0
- package/docs/parachute-integration.md +109 -0
- package/docs/post-night-rebirth-reflections.md +151 -0
- package/eslint.config.js +32 -0
- package/package.json +54 -0
- package/pnpm-workspace.yaml +8 -0
- package/repo-tokens/README.md +113 -0
- package/repo-tokens/action.yml +186 -0
- package/repo-tokens/badge.svg +23 -0
- package/repo-tokens/examples/green.svg +14 -0
- package/repo-tokens/examples/red.svg +14 -0
- package/repo-tokens/examples/yellow-green.svg +14 -0
- package/repo-tokens/examples/yellow.svg +14 -0
- package/scripts/chat.ts +101 -0
- package/scripts/cleanup-sessions.sh +150 -0
- package/scripts/init-cli-agent.ts +171 -0
- package/scripts/init-first-agent.ts +377 -0
- package/scripts/parachute.ts +158 -0
- package/scripts/run-migrations.ts +105 -0
- package/scripts/sanity-live-poll.ts +95 -0
- package/scripts/seed-discord.ts +79 -0
- package/scripts/test-v2-agent.ts +106 -0
- package/scripts/test-v2-channel-e2e.ts +265 -0
- package/scripts/test-v2-host.ts +184 -0
- package/src/channels/adapter.ts +214 -0
- package/src/channels/ask-question.ts +46 -0
- package/src/channels/channel-registry.test.ts +421 -0
- package/src/channels/channel-registry.ts +313 -0
- package/src/channels/chat-sdk-bridge.test.ts +84 -0
- package/src/channels/chat-sdk-bridge.ts +652 -0
- package/src/channels/cli.ts +276 -0
- package/src/channels/discord.ts +90 -0
- package/src/channels/index.ts +17 -0
- package/src/channels/telegram-markdown-sanitize.test.ts +78 -0
- package/src/channels/telegram-markdown-sanitize.ts +55 -0
- package/src/channels/telegram-pairing.test.ts +254 -0
- package/src/channels/telegram-pairing.ts +339 -0
- package/src/channels/telegram.ts +279 -0
- package/src/channels/trust-hint.test.ts +48 -0
- package/src/channels/trust-hint.ts +75 -0
- package/src/claude-md-compose.migrate.test.ts +64 -0
- package/src/claude-md-compose.ts +205 -0
- package/src/command-gate.ts +63 -0
- package/src/config.test.ts +93 -0
- package/src/config.ts +108 -0
- package/src/container-config.ts +167 -0
- package/src/container-runner.test.ts +32 -0
- package/src/container-runner.ts +576 -0
- package/src/container-runtime.test.ts +169 -0
- package/src/container-runtime.ts +92 -0
- package/src/db/_bun-sqlite-shim.ts +88 -0
- package/src/db/agent-activity.test.ts +155 -0
- package/src/db/agent-activity.ts +121 -0
- package/src/db/agent-groups.ts +77 -0
- package/src/db/connection.migrate.test.ts +143 -0
- package/src/db/connection.ts +224 -0
- package/src/db/db-v2.test.ts +440 -0
- package/src/db/dropped-messages.ts +44 -0
- package/src/db/index.ts +40 -0
- package/src/db/messaging-groups.ts +252 -0
- package/src/db/migrations/001-initial.ts +112 -0
- package/src/db/migrations/002-chat-sdk-state.ts +36 -0
- package/src/db/migrations/008-dropped-messages.ts +27 -0
- package/src/db/migrations/009-drop-pending-credentials.ts +13 -0
- package/src/db/migrations/010-engage-modes.ts +103 -0
- package/src/db/migrations/011-pending-sender-approvals.ts +40 -0
- package/src/db/migrations/012-channel-registration.ts +48 -0
- package/src/db/migrations/013-approval-render-metadata.ts +27 -0
- package/src/db/migrations/014-secrets.ts +44 -0
- package/src/db/migrations/015-secrets-drop-host-pattern.ts +18 -0
- package/src/db/migrations/016-secret-assignments.ts +30 -0
- package/src/db/migrations/017-agent-activity.ts +40 -0
- package/src/db/migrations/018-oauth-app-configs.ts +34 -0
- package/src/db/migrations/019-oauth-app-connections.ts +48 -0
- package/src/db/migrations/020-agent-app-connections.ts +28 -0
- package/src/db/migrations/021-pending-oauth-states.ts +35 -0
- package/src/db/migrations/022-app-connections-provider.ts +25 -0
- package/src/db/migrations/023-agent-group-secret-mode.test.ts +124 -0
- package/src/db/migrations/023-agent-group-secret-mode.ts +65 -0
- package/src/db/migrations/024-collapse-approvals.test.ts +249 -0
- package/src/db/migrations/024-collapse-approvals.ts +182 -0
- package/src/db/migrations/025-secret-mode-check.test.ts +155 -0
- package/src/db/migrations/025-secret-mode-check.ts +49 -0
- package/src/db/migrations/026-user-dms-bot-id.test.ts +116 -0
- package/src/db/migrations/026-user-dms-bot-id.ts +54 -0
- package/src/db/migrations/027-provider-credentials.ts +41 -0
- package/src/db/migrations/_test-helpers.ts +41 -0
- package/src/db/migrations/index.ts +127 -0
- package/src/db/migrations/module-agent-to-agent-destinations.ts +84 -0
- package/src/db/migrations/module-approvals-pending-approvals.ts +42 -0
- package/src/db/migrations/module-approvals-title-options.ts +40 -0
- package/src/db/schema.ts +258 -0
- package/src/db/session-db.test.ts +93 -0
- package/src/db/session-db.ts +325 -0
- package/src/db/sessions.ts +241 -0
- package/src/delivery.test.ts +148 -0
- package/src/delivery.ts +445 -0
- package/src/env.ts +74 -0
- package/src/group-folder.test.ts +35 -0
- package/src/group-folder.ts +44 -0
- package/src/group-init.ts +92 -0
- package/src/host-core.test.ts +456 -0
- package/src/host-sweep.test.ts +146 -0
- package/src/host-sweep.ts +287 -0
- package/src/index.ts +227 -0
- package/src/install-slug.ts +33 -0
- package/src/log.test.ts +81 -0
- package/src/log.ts +117 -0
- package/src/mcp/http.ts +72 -0
- package/src/mcp/server.ts +92 -0
- package/src/mcp/stdio.ts +51 -0
- package/src/mcp/tools/activity.ts +88 -0
- package/src/mcp/tools/agent-groups.ts +183 -0
- package/src/mcp/tools/approvals.ts +122 -0
- package/src/mcp/tools/channels.ts +199 -0
- package/src/mcp/tools/index.ts +27 -0
- package/src/mcp/tools/oauth.ts +48 -0
- package/src/mcp/tools/secrets.ts +169 -0
- package/src/mcp/tools/sessions.ts +135 -0
- package/src/mcp/types.ts +51 -0
- package/src/modules/agent-to-agent/agent-route.test.ts +46 -0
- package/src/modules/agent-to-agent/agent-route.ts +223 -0
- package/src/modules/agent-to-agent/create-agent.ts +127 -0
- package/src/modules/agent-to-agent/db/agent-destinations.ts +135 -0
- package/src/modules/agent-to-agent/index.ts +22 -0
- package/src/modules/agent-to-agent/write-destinations.ts +59 -0
- package/src/modules/approvals/agent.md +45 -0
- package/src/modules/approvals/index.ts +21 -0
- package/src/modules/approvals/picks.test.ts +291 -0
- package/src/modules/approvals/primitive.ts +279 -0
- package/src/modules/approvals/project.md +27 -0
- package/src/modules/approvals/response-handler.ts +87 -0
- package/src/modules/index.ts +24 -0
- package/src/modules/interactive/agent.md +21 -0
- package/src/modules/interactive/index.ts +69 -0
- package/src/modules/interactive/project.md +12 -0
- package/src/modules/mount-security/index.ts +448 -0
- package/src/modules/mount-security/migrate.test.ts +91 -0
- package/src/modules/permissions/access.ts +28 -0
- package/src/modules/permissions/channel-approval.test.ts +389 -0
- package/src/modules/permissions/channel-approval.ts +188 -0
- package/src/modules/permissions/db/agent-group-members.ts +44 -0
- package/src/modules/permissions/db/pending-channel-approvals.test.ts +86 -0
- package/src/modules/permissions/db/pending-channel-approvals.ts +66 -0
- package/src/modules/permissions/db/pending-sender-approvals.ts +60 -0
- package/src/modules/permissions/db/user-dms.ts +58 -0
- package/src/modules/permissions/db/user-roles.ts +85 -0
- package/src/modules/permissions/db/users.ts +38 -0
- package/src/modules/permissions/index.ts +421 -0
- package/src/modules/permissions/permissions.test.ts +358 -0
- package/src/modules/permissions/sender-approval.test.ts +470 -0
- package/src/modules/permissions/sender-approval.ts +165 -0
- package/src/modules/permissions/user-dm.ts +200 -0
- package/src/modules/provider-credentials/db.ts +121 -0
- package/src/modules/provider-credentials/index.ts +12 -0
- package/src/modules/provider-credentials/spawn.test.ts +206 -0
- package/src/modules/provider-credentials/spawn.ts +114 -0
- package/src/modules/scheduling/actions.ts +113 -0
- package/src/modules/scheduling/db.test.ts +282 -0
- package/src/modules/scheduling/db.ts +148 -0
- package/src/modules/scheduling/index.ts +34 -0
- package/src/modules/scheduling/recurrence.test.ts +98 -0
- package/src/modules/scheduling/recurrence.ts +54 -0
- package/src/modules/self-mod/agent.md +30 -0
- package/src/modules/self-mod/apply.ts +85 -0
- package/src/modules/self-mod/index.ts +30 -0
- package/src/modules/self-mod/project.md +39 -0
- package/src/modules/self-mod/request.ts +91 -0
- package/src/modules/typing/index.ts +165 -0
- package/src/oauth/agent-app-connections.ts +103 -0
- package/src/oauth/app-configs.test.ts +64 -0
- package/src/oauth/app-configs.ts +114 -0
- package/src/oauth/app-connections.test.ts +109 -0
- package/src/oauth/app-connections.ts +178 -0
- package/src/oauth/crypto.ts +56 -0
- package/src/oauth/flow.ts +104 -0
- package/src/oauth/providers/google.test.ts +38 -0
- package/src/oauth/providers/google.ts +46 -0
- package/src/oauth/providers/index.ts +48 -0
- package/src/oauth/state-store.test.ts +54 -0
- package/src/oauth/state-store.ts +93 -0
- package/src/parachute/README.md +27 -0
- package/src/parachute/create-agent.test.ts +83 -0
- package/src/parachute/create-agent.ts +122 -0
- package/src/parachute/group-status.test.ts +165 -0
- package/src/parachute/group-status.ts +136 -0
- package/src/parachute/types.ts +41 -0
- package/src/parachute/vault-mcp.test.ts +251 -0
- package/src/parachute/vault-mcp.ts +232 -0
- package/src/platform-id.test.ts +104 -0
- package/src/platform-id.ts +109 -0
- package/src/providers/index.ts +6 -0
- package/src/providers/provider-container-registry.ts +58 -0
- package/src/response-registry.ts +45 -0
- package/src/router.ts +530 -0
- package/src/secrets/crypto.test.ts +45 -0
- package/src/secrets/crypto.ts +55 -0
- package/src/secrets/index.ts +355 -0
- package/src/secrets/master-key.ts +70 -0
- package/src/secrets/secrets.test.ts +354 -0
- package/src/session-manager.migrate.test.ts +59 -0
- package/src/session-manager.ts +433 -0
- package/src/startup-bootstrap.test.ts +226 -0
- package/src/startup-bootstrap.ts +207 -0
- package/src/state-sqlite.ts +182 -0
- package/src/timezone.test.ts +64 -0
- package/src/timezone.ts +37 -0
- package/src/types.ts +230 -0
- package/src/web/auth.test.ts +335 -0
- package/src/web/auth.ts +214 -0
- package/src/web/discord-validate.test.ts +77 -0
- package/src/web/discord-validate.ts +88 -0
- package/src/web/hub-discovery.test.ts +98 -0
- package/src/web/hub-discovery.ts +69 -0
- package/src/web/routes/activity.ts +106 -0
- package/src/web/routes/agent-provider.test.ts +282 -0
- package/src/web/routes/agent-provider.ts +309 -0
- package/src/web/routes/approvals.ts +185 -0
- package/src/web/routes/apps.ts +434 -0
- package/src/web/routes/channels-mg-detail.test.ts +324 -0
- package/src/web/routes/channels-mga-detail.test.ts +425 -0
- package/src/web/routes/channels.ts +489 -0
- package/src/web/routes/oauth-providers.ts +42 -0
- package/src/web/routes/secrets.test.ts +175 -0
- package/src/web/routes/secrets.ts +282 -0
- package/src/web/routes/sessions.ts +123 -0
- package/src/web/routes/settings.test.ts +106 -0
- package/src/web/routes/settings.ts +247 -0
- package/src/web/routes/setup-status.ts +205 -0
- package/src/web/routes/vaults.test.ts +389 -0
- package/src/web/routes/vaults.ts +225 -0
- package/src/web/server-version.test.ts +16 -0
- package/src/web/server.ts +1003 -0
- package/src/web/services-manifest.test.ts +120 -0
- package/src/web/services-manifest.ts +61 -0
- package/src/web/static-serve.test.ts +255 -0
- package/src/web/static-serve.ts +104 -0
- package/src/web/telegram-validate.test.ts +116 -0
- package/src/web/telegram-validate.ts +107 -0
- package/src/web/vault-proxy.test.ts +214 -0
- package/src/web/vault-proxy.ts +120 -0
- package/src/web/wire-channel.ts +181 -0
- package/src/webhook-server.ts +134 -0
- package/tsconfig.json +21 -0
- package/vitest.config.ts +18 -0
- package/web/README.md +63 -0
- package/web/ui/index.html +13 -0
- package/web/ui/package.json +35 -0
- package/web/ui/pnpm-lock.yaml +2164 -0
- package/web/ui/scripts/verify-base.mjs +31 -0
- package/web/ui/src/App.tsx +88 -0
- package/web/ui/src/components/ActivityFeed.tsx +444 -0
- package/web/ui/src/components/AgentGroupPicker.tsx +263 -0
- package/web/ui/src/components/AgentProviderCards.tsx +220 -0
- package/web/ui/src/components/CredentialForm.tsx +214 -0
- package/web/ui/src/components/ScopeGrants.tsx +74 -0
- package/web/ui/src/components/StatusDot.tsx +43 -0
- package/web/ui/src/components/VaultPicker.tsx +127 -0
- package/web/ui/src/components/setup/AdapterInstallStep.tsx +178 -0
- package/web/ui/src/components/setup/AgentGroupStep.tsx +43 -0
- package/web/ui/src/components/setup/ChannelPickStep.tsx +74 -0
- package/web/ui/src/components/setup/DoneStep.tsx +49 -0
- package/web/ui/src/components/setup/PrereqStep.tsx +129 -0
- package/web/ui/src/components/setup/TestConnectionStep.tsx +108 -0
- package/web/ui/src/components/setup/TestMessageStep.tsx +104 -0
- package/web/ui/src/components/setup/WireChannelStep.tsx +166 -0
- package/web/ui/src/components/setup/types.ts +105 -0
- package/web/ui/src/lib/api.test.ts +410 -0
- package/web/ui/src/lib/api.ts +1210 -0
- package/web/ui/src/lib/auth.test.ts +139 -0
- package/web/ui/src/lib/auth.ts +348 -0
- package/web/ui/src/lib/channel-adapters.ts +136 -0
- package/web/ui/src/main.tsx +19 -0
- package/web/ui/src/routes/ApprovalsList.tsx +294 -0
- package/web/ui/src/routes/Apps.tsx +613 -0
- package/web/ui/src/routes/ChannelWireDetail.test.tsx +233 -0
- package/web/ui/src/routes/ChannelWireDetail.tsx +403 -0
- package/web/ui/src/routes/ChannelsList.tsx +158 -0
- package/web/ui/src/routes/GroupDetail.tsx +755 -0
- package/web/ui/src/routes/GroupList.tsx +187 -0
- package/web/ui/src/routes/MessagingGroupDetail.test.tsx +233 -0
- package/web/ui/src/routes/MessagingGroupDetail.tsx +306 -0
- package/web/ui/src/routes/NewGroupWizard.tsx +390 -0
- package/web/ui/src/routes/OAuthCallback.tsx +56 -0
- package/web/ui/src/routes/SecretsList.tsx +921 -0
- package/web/ui/src/routes/SessionsList.tsx +220 -0
- package/web/ui/src/routes/SettingsAgentProvider.tsx +109 -0
- package/web/ui/src/routes/SettingsApprovals.tsx +234 -0
- package/web/ui/src/routes/SetupWizard.tsx +219 -0
- package/web/ui/src/routes/VaultDetail.test.tsx +361 -0
- package/web/ui/src/routes/VaultDetail.tsx +960 -0
- package/web/ui/src/routes/VaultsList.tsx +295 -0
- package/web/ui/src/routes/WireChannelPage.tsx +413 -0
- package/web/ui/src/styles.css +608 -0
- package/web/ui/src/test/setup.ts +23 -0
- package/web/ui/src/vite-env.d.ts +10 -0
- package/web/ui/tsconfig.json +20 -0
- package/web/ui/vite.config.ts +34 -0
- package/web/ui/vitest.config.ts +25 -0
|
@@ -0,0 +1,755 @@
|
|
|
1
|
+
import { useCallback, useEffect, useState } from 'react';
|
|
2
|
+
import { Link, useParams, useSearchParams } from 'react-router-dom';
|
|
3
|
+
import { ActivityFeed } from '../components/ActivityFeed.tsx';
|
|
4
|
+
import { AgentProviderCards } from '../components/AgentProviderCards.tsx';
|
|
5
|
+
import { ScopeGrants, SCOPE_OPTIONS } from '../components/ScopeGrants.tsx';
|
|
6
|
+
import { StatusDot, formatRelative } from '../components/StatusDot.tsx';
|
|
7
|
+
import { VaultPicker } from '../components/VaultPicker.tsx';
|
|
8
|
+
import {
|
|
9
|
+
attachVault,
|
|
10
|
+
clearGroupAgentProvider,
|
|
11
|
+
closeSession,
|
|
12
|
+
detachVault,
|
|
13
|
+
getGroup,
|
|
14
|
+
getGroupAgentProvider,
|
|
15
|
+
setGroupAgentProvider,
|
|
16
|
+
spawnSession,
|
|
17
|
+
type AgentGroupView,
|
|
18
|
+
type AgentProviderSource,
|
|
19
|
+
type GroupAgentProviderView,
|
|
20
|
+
type GroupStatus,
|
|
21
|
+
type VaultScope,
|
|
22
|
+
} from '../lib/api.ts';
|
|
23
|
+
|
|
24
|
+
const POLL_MS = 7_000;
|
|
25
|
+
|
|
26
|
+
type DetailTab = 'overview' | 'activity';
|
|
27
|
+
|
|
28
|
+
function parseTab(raw: string | null): DetailTab {
|
|
29
|
+
return raw === 'activity' ? 'activity' : 'overview';
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
export function GroupDetail() {
|
|
33
|
+
const { folder } = useParams<{ folder: string }>();
|
|
34
|
+
const [searchParams, setSearchParams] = useSearchParams();
|
|
35
|
+
const tab = parseTab(searchParams.get('tab'));
|
|
36
|
+
const [group, setGroup] = useState<AgentGroupView | null>(null);
|
|
37
|
+
const [error, setError] = useState<string | null>(null);
|
|
38
|
+
const [loading, setLoading] = useState(true);
|
|
39
|
+
|
|
40
|
+
// Attach form state. vaultBaseUrl starts empty — VaultPicker fills it in
|
|
41
|
+
// with the first registered vault's URL once /api/vaults resolves, or
|
|
42
|
+
// surfaces a free-text input when discovery is empty / errors.
|
|
43
|
+
const [scope, setScope] = useState<VaultScope>('vault:read');
|
|
44
|
+
const [vaultBaseUrl, setVaultBaseUrl] = useState('');
|
|
45
|
+
const [pickedVaultName, setPickedVaultName] = useState<string | null>(null);
|
|
46
|
+
const [pasteToken, setPasteToken] = useState('');
|
|
47
|
+
const [tokenLabel, setTokenLabel] = useState('');
|
|
48
|
+
const [submitting, setSubmitting] = useState(false);
|
|
49
|
+
const [spawning, setSpawning] = useState(false);
|
|
50
|
+
const [restartingSessionId, setRestartingSessionId] = useState<string | null>(null);
|
|
51
|
+
const [flash, setFlash] = useState<{ kind: 'ok' | 'error'; text: string } | null>(null);
|
|
52
|
+
|
|
53
|
+
const reload = useCallback(async () => {
|
|
54
|
+
if (!folder) return;
|
|
55
|
+
try {
|
|
56
|
+
setLoading(true);
|
|
57
|
+
const g = await getGroup(folder);
|
|
58
|
+
setGroup(g);
|
|
59
|
+
setError(null);
|
|
60
|
+
// Default the token-label field to agent-<folder> when not set.
|
|
61
|
+
// The label is opaque to the vault — operators with existing
|
|
62
|
+
// `claw-<folder>` tokens keep them; only fresh mints from this UI
|
|
63
|
+
// pick up the new prefix.
|
|
64
|
+
if (!tokenLabel) setTokenLabel(`agent-${folder}`);
|
|
65
|
+
} catch (err) {
|
|
66
|
+
setError(err instanceof Error ? err.message : String(err));
|
|
67
|
+
} finally {
|
|
68
|
+
setLoading(false);
|
|
69
|
+
}
|
|
70
|
+
// eslint-disable-next-line react-hooks/exhaustive-deps
|
|
71
|
+
}, [folder]);
|
|
72
|
+
|
|
73
|
+
useEffect(() => {
|
|
74
|
+
void reload();
|
|
75
|
+
}, [reload]);
|
|
76
|
+
|
|
77
|
+
// Background poll for live status — silent on failure.
|
|
78
|
+
useEffect(() => {
|
|
79
|
+
if (!folder || !group) return;
|
|
80
|
+
const t = setInterval(() => {
|
|
81
|
+
getGroup(folder)
|
|
82
|
+
.then((g) => setGroup(g))
|
|
83
|
+
.catch(() => {});
|
|
84
|
+
}, POLL_MS);
|
|
85
|
+
return () => clearInterval(t);
|
|
86
|
+
}, [folder, group]);
|
|
87
|
+
|
|
88
|
+
const onAttach = async (e: React.FormEvent) => {
|
|
89
|
+
e.preventDefault();
|
|
90
|
+
if (!folder) return;
|
|
91
|
+
setSubmitting(true);
|
|
92
|
+
setFlash(null);
|
|
93
|
+
try {
|
|
94
|
+
// Thread the picked vault name into re-auth on 403. The server's
|
|
95
|
+
// implicit-mint forwards our JWT to the vault, which 403s on missing
|
|
96
|
+
// `vault:<name>:admin` — without this hint, beginLogin would re-auth
|
|
97
|
+
// with broad scopes only, the new JWT would still lack the narrow
|
|
98
|
+
// scope, and we'd loop. (Detach below intentionally omits this — the
|
|
99
|
+
// detach path doesn't know its target vault from the call site.)
|
|
100
|
+
const result = await attachVault(
|
|
101
|
+
folder,
|
|
102
|
+
{
|
|
103
|
+
scope,
|
|
104
|
+
vaultBaseUrl: vaultBaseUrl.trim().replace(/\/+$/, ''),
|
|
105
|
+
tokenLabel: tokenLabel.trim() || undefined,
|
|
106
|
+
token: pasteToken.trim() || undefined,
|
|
107
|
+
},
|
|
108
|
+
{
|
|
109
|
+
authExtraScopes: pickedVaultName ? [`vault:${pickedVaultName}:admin`] : undefined,
|
|
110
|
+
},
|
|
111
|
+
);
|
|
112
|
+
setGroup(result.group);
|
|
113
|
+
setFlash({
|
|
114
|
+
kind: 'ok',
|
|
115
|
+
text: result.mintedToken
|
|
116
|
+
? `Vault attached (server minted a fresh ${scope} token via parachute CLI).`
|
|
117
|
+
: `Vault attached using your pasted token.`,
|
|
118
|
+
});
|
|
119
|
+
setPasteToken('');
|
|
120
|
+
} catch (err) {
|
|
121
|
+
setFlash({
|
|
122
|
+
kind: 'error',
|
|
123
|
+
text: err instanceof Error ? err.message : String(err),
|
|
124
|
+
});
|
|
125
|
+
} finally {
|
|
126
|
+
setSubmitting(false);
|
|
127
|
+
}
|
|
128
|
+
};
|
|
129
|
+
|
|
130
|
+
// Reap a running session's container. The host's session-close path is
|
|
131
|
+
// synchronous (kill + mark closed), so by the time `closeSession` resolves
|
|
132
|
+
// the container is gone. Next inbound message spawns fresh — that's what
|
|
133
|
+
// makes this the canonical way to pick up secrets/env/code changes that
|
|
134
|
+
// were baked at spawn time and aren't readable mid-life.
|
|
135
|
+
const onRestartSession = async (sessionId: string) => {
|
|
136
|
+
if (!folder) return;
|
|
137
|
+
if (
|
|
138
|
+
!window.confirm(
|
|
139
|
+
"Restart this agent's container? The current session ends; the agent's next reply will spawn a fresh container picking up the latest secrets, env, and code. The chat thread is preserved; only the container's in-memory state resets.",
|
|
140
|
+
)
|
|
141
|
+
) {
|
|
142
|
+
return;
|
|
143
|
+
}
|
|
144
|
+
setRestartingSessionId(sessionId);
|
|
145
|
+
setFlash(null);
|
|
146
|
+
try {
|
|
147
|
+
await closeSession(sessionId);
|
|
148
|
+
await reload();
|
|
149
|
+
setFlash({
|
|
150
|
+
kind: 'ok',
|
|
151
|
+
text: `Session ${sessionId} closed. The agent's next message will spawn a fresh container.`,
|
|
152
|
+
});
|
|
153
|
+
} catch (err) {
|
|
154
|
+
setFlash({ kind: 'error', text: err instanceof Error ? err.message : String(err) });
|
|
155
|
+
} finally {
|
|
156
|
+
setRestartingSessionId(null);
|
|
157
|
+
}
|
|
158
|
+
};
|
|
159
|
+
|
|
160
|
+
const onSpawn = async () => {
|
|
161
|
+
if (!folder) return;
|
|
162
|
+
setSpawning(true);
|
|
163
|
+
setFlash(null);
|
|
164
|
+
try {
|
|
165
|
+
const result = await spawnSession(folder);
|
|
166
|
+
// Reload immediately so the new session shows up in the live-status
|
|
167
|
+
// list before the next 7s poll tick. Container `running` flips on a
|
|
168
|
+
// later tick once the heartbeat lands.
|
|
169
|
+
await reload();
|
|
170
|
+
setFlash({
|
|
171
|
+
kind: 'ok',
|
|
172
|
+
text: result.created
|
|
173
|
+
? `Session ${result.sessionId} created — container starting…`
|
|
174
|
+
: `Session ${result.sessionId} already exists — waking container…`,
|
|
175
|
+
});
|
|
176
|
+
} catch (err) {
|
|
177
|
+
setFlash({
|
|
178
|
+
kind: 'error',
|
|
179
|
+
text: err instanceof Error ? err.message : String(err),
|
|
180
|
+
});
|
|
181
|
+
} finally {
|
|
182
|
+
setSpawning(false);
|
|
183
|
+
}
|
|
184
|
+
};
|
|
185
|
+
|
|
186
|
+
const onDetach = async () => {
|
|
187
|
+
if (!folder) return;
|
|
188
|
+
if (!window.confirm("Detach vault from this agent group? Token is NOT revoked — that's a separate action.")) {
|
|
189
|
+
return;
|
|
190
|
+
}
|
|
191
|
+
setSubmitting(true);
|
|
192
|
+
setFlash(null);
|
|
193
|
+
try {
|
|
194
|
+
// No `authExtraScopes` here on purpose — this surface isn't vault-
|
|
195
|
+
// scoped (the agent group may be attached to any vault) so we can't
|
|
196
|
+
// cleanly thread `vault:<name>:admin`. A 403 falls back to the broad
|
|
197
|
+
// re-auth set, which is the pre-paraclaw#56 behavior. The narrow-
|
|
198
|
+
// scope path lives on the per-vault detail page (VaultDetail.tsx),
|
|
199
|
+
// where the vault name is known at the call site.
|
|
200
|
+
const result = await detachVault(folder);
|
|
201
|
+
setGroup(result.group);
|
|
202
|
+
setFlash({
|
|
203
|
+
kind: 'ok',
|
|
204
|
+
text: 'Vault detached. To revoke the token: parachute vault tokens revoke <label> (or use the Vault detail page)',
|
|
205
|
+
});
|
|
206
|
+
} catch (err) {
|
|
207
|
+
setFlash({
|
|
208
|
+
kind: 'error',
|
|
209
|
+
text: err instanceof Error ? err.message : String(err),
|
|
210
|
+
});
|
|
211
|
+
} finally {
|
|
212
|
+
setSubmitting(false);
|
|
213
|
+
}
|
|
214
|
+
};
|
|
215
|
+
|
|
216
|
+
if (loading && !group) {
|
|
217
|
+
return (
|
|
218
|
+
<div>
|
|
219
|
+
<Link to="/" className="muted">
|
|
220
|
+
← All groups
|
|
221
|
+
</Link>
|
|
222
|
+
<div className="skeleton skeleton-heading" style={{ marginTop: '1rem' }} />
|
|
223
|
+
<div className="section">
|
|
224
|
+
<div className="skeleton skeleton-line" style={{ width: '30%' }} />
|
|
225
|
+
<div className="skeleton skeleton-line" />
|
|
226
|
+
<div className="skeleton skeleton-line" style={{ width: '70%' }} />
|
|
227
|
+
</div>
|
|
228
|
+
</div>
|
|
229
|
+
);
|
|
230
|
+
}
|
|
231
|
+
|
|
232
|
+
if (error) {
|
|
233
|
+
return (
|
|
234
|
+
<div>
|
|
235
|
+
<Link to="/" className="muted">
|
|
236
|
+
← All groups
|
|
237
|
+
</Link>
|
|
238
|
+
<div className="error-banner" style={{ marginTop: '1rem' }}>
|
|
239
|
+
{error}
|
|
240
|
+
</div>
|
|
241
|
+
<div className="actions" style={{ marginTop: '1rem' }}>
|
|
242
|
+
<button onClick={reload} disabled={loading}>
|
|
243
|
+
{loading ? 'Retrying…' : 'Retry'}
|
|
244
|
+
</button>
|
|
245
|
+
</div>
|
|
246
|
+
</div>
|
|
247
|
+
);
|
|
248
|
+
}
|
|
249
|
+
|
|
250
|
+
if (!group) {
|
|
251
|
+
return (
|
|
252
|
+
<div>
|
|
253
|
+
<Link to="/" className="muted">
|
|
254
|
+
← All groups
|
|
255
|
+
</Link>
|
|
256
|
+
<div className="empty">Group not found.</div>
|
|
257
|
+
</div>
|
|
258
|
+
);
|
|
259
|
+
}
|
|
260
|
+
|
|
261
|
+
return (
|
|
262
|
+
<div>
|
|
263
|
+
<Link to="/" className="muted">
|
|
264
|
+
← All groups
|
|
265
|
+
</Link>
|
|
266
|
+
<h2 style={{ display: 'flex', alignItems: 'center', gap: '0.6rem' }}>
|
|
267
|
+
<StatusDot status={group.status} />
|
|
268
|
+
{group.name}
|
|
269
|
+
{group.vault ? (
|
|
270
|
+
<span className="tag">{group.vault.scope}</span>
|
|
271
|
+
) : (
|
|
272
|
+
<span className="tag muted">no vault attached</span>
|
|
273
|
+
)}
|
|
274
|
+
</h2>
|
|
275
|
+
|
|
276
|
+
{flash && <div className={flash.kind === 'ok' ? 'status-banner' : 'error-banner'}>{flash.text}</div>}
|
|
277
|
+
|
|
278
|
+
<DetailTabs
|
|
279
|
+
tab={tab}
|
|
280
|
+
onChange={(next) => {
|
|
281
|
+
// Preserve any other search params (none today, but future-proof).
|
|
282
|
+
// The replace param keeps the tab toggle out of browser-history
|
|
283
|
+
// back-stack noise — flipping tabs shouldn't make Back unintuitive.
|
|
284
|
+
setSearchParams(
|
|
285
|
+
(prev) => {
|
|
286
|
+
const p = new URLSearchParams(prev);
|
|
287
|
+
if (next === 'overview') p.delete('tab');
|
|
288
|
+
else p.set('tab', next);
|
|
289
|
+
return p;
|
|
290
|
+
},
|
|
291
|
+
{ replace: true },
|
|
292
|
+
);
|
|
293
|
+
}}
|
|
294
|
+
/>
|
|
295
|
+
|
|
296
|
+
{tab === 'activity' && folder && <ActivityFeed folder={folder} />}
|
|
297
|
+
|
|
298
|
+
{tab === 'overview' && (
|
|
299
|
+
<>
|
|
300
|
+
<div className="section">
|
|
301
|
+
<h3>Agent group</h3>
|
|
302
|
+
<div className="kv">
|
|
303
|
+
<div>name</div>
|
|
304
|
+
<div>{group.name}</div>
|
|
305
|
+
<div>folder</div>
|
|
306
|
+
<div>
|
|
307
|
+
<code>{group.folder}</code>
|
|
308
|
+
</div>
|
|
309
|
+
<div>id</div>
|
|
310
|
+
<div>
|
|
311
|
+
<code>{group.id}</code>
|
|
312
|
+
</div>
|
|
313
|
+
<div>provider</div>
|
|
314
|
+
<div>{group.agent_provider ?? <em className="dim">default</em>}</div>
|
|
315
|
+
<div>created</div>
|
|
316
|
+
<div>{new Date(group.created_at).toLocaleString()}</div>
|
|
317
|
+
</div>
|
|
318
|
+
</div>
|
|
319
|
+
|
|
320
|
+
{group.status && (
|
|
321
|
+
<StatusSection
|
|
322
|
+
status={group.status}
|
|
323
|
+
onSpawn={onSpawn}
|
|
324
|
+
spawning={spawning}
|
|
325
|
+
onRestartSession={onRestartSession}
|
|
326
|
+
restartingSessionId={restartingSessionId}
|
|
327
|
+
/>
|
|
328
|
+
)}
|
|
329
|
+
|
|
330
|
+
{folder && <AgentProviderSection folder={folder} />}
|
|
331
|
+
|
|
332
|
+
{group.vault ? (
|
|
333
|
+
<div className="section">
|
|
334
|
+
<h3>Vault attachment</h3>
|
|
335
|
+
<div className="kv">
|
|
336
|
+
<div>vault url</div>
|
|
337
|
+
<div>
|
|
338
|
+
<code>{group.vault.vaultBaseUrl}</code>
|
|
339
|
+
</div>
|
|
340
|
+
<div>scope</div>
|
|
341
|
+
<div>
|
|
342
|
+
<span className="tag">{group.vault.scope}</span>
|
|
343
|
+
</div>
|
|
344
|
+
<div>token label</div>
|
|
345
|
+
<div>
|
|
346
|
+
<code>{group.vault.tokenLabel}</code>
|
|
347
|
+
</div>
|
|
348
|
+
<div>attached</div>
|
|
349
|
+
<div>{new Date(group.vault.attachedAt).toLocaleString()}</div>
|
|
350
|
+
</div>
|
|
351
|
+
<hr className="sep" />
|
|
352
|
+
<div className="dim" style={{ marginBottom: '0.75rem' }}>
|
|
353
|
+
The agent's container.json has a <code>parachute-vault</code> MCP entry pointing at this URL with a
|
|
354
|
+
Bearer token. Detach removes the entry; the token stays valid until you revoke it via{' '}
|
|
355
|
+
<code>parachute vault tokens revoke {group.vault.tokenLabel}</code>.
|
|
356
|
+
</div>
|
|
357
|
+
<button className="danger" onClick={onDetach} disabled={submitting}>
|
|
358
|
+
{submitting ? 'Working…' : 'Detach vault'}
|
|
359
|
+
</button>
|
|
360
|
+
</div>
|
|
361
|
+
) : (
|
|
362
|
+
<div className="section">
|
|
363
|
+
<h3>Attach {pickedVaultName ? <code>{pickedVaultName}</code> : null} vault</h3>
|
|
364
|
+
<form onSubmit={onAttach}>
|
|
365
|
+
<div className="row">
|
|
366
|
+
<label htmlFor="vaultBaseUrl">Vault</label>
|
|
367
|
+
<VaultPicker
|
|
368
|
+
inputId="vaultBaseUrl"
|
|
369
|
+
value={vaultBaseUrl}
|
|
370
|
+
onChange={setVaultBaseUrl}
|
|
371
|
+
onPickedName={setPickedVaultName}
|
|
372
|
+
disabled={submitting}
|
|
373
|
+
/>
|
|
374
|
+
</div>
|
|
375
|
+
|
|
376
|
+
<div className="row">
|
|
377
|
+
<label htmlFor="scope">Scope</label>
|
|
378
|
+
<select
|
|
379
|
+
id="scope"
|
|
380
|
+
value={scope}
|
|
381
|
+
onChange={(e) => setScope(e.target.value as VaultScope)}
|
|
382
|
+
disabled={submitting}
|
|
383
|
+
>
|
|
384
|
+
{SCOPE_OPTIONS.map((s) => (
|
|
385
|
+
<option key={s.value} value={s.value}>
|
|
386
|
+
{s.label}
|
|
387
|
+
</option>
|
|
388
|
+
))}
|
|
389
|
+
</select>
|
|
390
|
+
<p className="dim">
|
|
391
|
+
Token capability — the agent literally cannot exceed this. Default <code>vault:read</code>.
|
|
392
|
+
</p>
|
|
393
|
+
<ScopeGrants scope={scope} />
|
|
394
|
+
</div>
|
|
395
|
+
|
|
396
|
+
<div className="row">
|
|
397
|
+
<label htmlFor="tokenLabel">Token label</label>
|
|
398
|
+
<input
|
|
399
|
+
id="tokenLabel"
|
|
400
|
+
type="text"
|
|
401
|
+
value={tokenLabel}
|
|
402
|
+
onChange={(e) => setTokenLabel(e.target.value)}
|
|
403
|
+
disabled={submitting}
|
|
404
|
+
placeholder={`agent-${folder}`}
|
|
405
|
+
/>
|
|
406
|
+
<p className="dim">
|
|
407
|
+
Used for revocation. Default: <code>agent-{folder}</code>.
|
|
408
|
+
</p>
|
|
409
|
+
</div>
|
|
410
|
+
|
|
411
|
+
<div className="row">
|
|
412
|
+
<label htmlFor="pasteToken">Paste an existing token (optional)</label>
|
|
413
|
+
<input
|
|
414
|
+
id="pasteToken"
|
|
415
|
+
type="text"
|
|
416
|
+
value={pasteToken}
|
|
417
|
+
onChange={(e) => setPasteToken(e.target.value)}
|
|
418
|
+
disabled={submitting}
|
|
419
|
+
placeholder="pvt_… (leave blank to mint a fresh one via the parachute CLI)"
|
|
420
|
+
/>
|
|
421
|
+
<p className="dim">
|
|
422
|
+
When blank: the server runs{' '}
|
|
423
|
+
<code>
|
|
424
|
+
parachute vault tokens create --scope {scope} --label {tokenLabel || `agent-${folder}`}
|
|
425
|
+
</code>{' '}
|
|
426
|
+
for you. (Until vault OAuth is wired in Phase B; then you'll never see <code>pvt_…</code> tokens at
|
|
427
|
+
all.)
|
|
428
|
+
</p>
|
|
429
|
+
</div>
|
|
430
|
+
|
|
431
|
+
<div className="actions">
|
|
432
|
+
<button type="submit" disabled={submitting}>
|
|
433
|
+
{submitting ? 'Attaching…' : 'Attach vault'}
|
|
434
|
+
</button>
|
|
435
|
+
</div>
|
|
436
|
+
</form>
|
|
437
|
+
</div>
|
|
438
|
+
)}
|
|
439
|
+
|
|
440
|
+
<div className="section">
|
|
441
|
+
<h3>What the agent gets</h3>
|
|
442
|
+
<p className="muted">
|
|
443
|
+
When attached, the agent's container has a <code>parachute-vault</code> MCP server available with the nine
|
|
444
|
+
vault tools: <code>query-notes</code>, <code>create-note</code>, <code>update-note</code>,{' '}
|
|
445
|
+
<code>delete-note</code>, <code>list-tags</code>, <code>update-tag</code>, <code>delete-tag</code>,{' '}
|
|
446
|
+
<code>find-path</code>, <code>vault-info</code>. Constrained by the scope you chose.
|
|
447
|
+
</p>
|
|
448
|
+
<p className="muted">
|
|
449
|
+
Parachute Agent doesn't impose a vault-note layout — the agent decides how to use vault access. (See{' '}
|
|
450
|
+
<a
|
|
451
|
+
href="https://github.com/ParachuteComputer/paraclaw/blob/main/docs/parachute-integration.md"
|
|
452
|
+
target="_blank"
|
|
453
|
+
rel="noreferrer"
|
|
454
|
+
>
|
|
455
|
+
docs/parachute-integration.md
|
|
456
|
+
</a>
|
|
457
|
+
.)
|
|
458
|
+
</p>
|
|
459
|
+
</div>
|
|
460
|
+
</>
|
|
461
|
+
)}
|
|
462
|
+
</div>
|
|
463
|
+
);
|
|
464
|
+
}
|
|
465
|
+
|
|
466
|
+
function describeSource(source: AgentProviderSource | null, serverUrl: string | null): string {
|
|
467
|
+
switch (source) {
|
|
468
|
+
case 'claude_setup_token':
|
|
469
|
+
return 'Claude setup token';
|
|
470
|
+
case 'anthropic_api_key':
|
|
471
|
+
return 'Anthropic API key';
|
|
472
|
+
case 'external_server':
|
|
473
|
+
return serverUrl ? `External server (${serverUrl})` : 'External server';
|
|
474
|
+
case null:
|
|
475
|
+
return 'not configured';
|
|
476
|
+
}
|
|
477
|
+
}
|
|
478
|
+
|
|
479
|
+
function AgentProviderSection({ folder }: { folder: string }) {
|
|
480
|
+
const [state, setState] = useState<
|
|
481
|
+
{ kind: 'loading' } | { kind: 'ok'; view: GroupAgentProviderView } | { kind: 'error'; message: string }
|
|
482
|
+
>({ kind: 'loading' });
|
|
483
|
+
const [busy, setBusy] = useState(false);
|
|
484
|
+
const [showForm, setShowForm] = useState(false);
|
|
485
|
+
const [flash, setFlash] = useState<{ kind: 'ok' | 'error'; text: string } | null>(null);
|
|
486
|
+
|
|
487
|
+
const reload = useCallback(async () => {
|
|
488
|
+
try {
|
|
489
|
+
setState({ kind: 'loading' });
|
|
490
|
+
const view = await getGroupAgentProvider(folder);
|
|
491
|
+
setState({ kind: 'ok', view });
|
|
492
|
+
} catch (err) {
|
|
493
|
+
setState({ kind: 'error', message: err instanceof Error ? err.message : String(err) });
|
|
494
|
+
}
|
|
495
|
+
}, [folder]);
|
|
496
|
+
|
|
497
|
+
useEffect(() => {
|
|
498
|
+
void reload();
|
|
499
|
+
}, [reload]);
|
|
500
|
+
|
|
501
|
+
const submit = async (input: { source: AgentProviderSource; apiKey?: string; serverUrl?: string }) => {
|
|
502
|
+
setBusy(true);
|
|
503
|
+
setFlash(null);
|
|
504
|
+
try {
|
|
505
|
+
const view = await setGroupAgentProvider(folder, input);
|
|
506
|
+
setState({ kind: 'ok', view });
|
|
507
|
+
setShowForm(false);
|
|
508
|
+
setFlash({ kind: 'ok', text: 'Override saved — takes effect on the next session spawn.' });
|
|
509
|
+
} catch (err) {
|
|
510
|
+
setFlash({ kind: 'error', text: err instanceof Error ? err.message : String(err) });
|
|
511
|
+
} finally {
|
|
512
|
+
setBusy(false);
|
|
513
|
+
}
|
|
514
|
+
};
|
|
515
|
+
|
|
516
|
+
const onClear = async () => {
|
|
517
|
+
if (!window.confirm("Clear this group's override and inherit the install-wide default?")) return;
|
|
518
|
+
setBusy(true);
|
|
519
|
+
setFlash(null);
|
|
520
|
+
try {
|
|
521
|
+
const view = await clearGroupAgentProvider(folder);
|
|
522
|
+
setState({ kind: 'ok', view });
|
|
523
|
+
setShowForm(false);
|
|
524
|
+
setFlash({
|
|
525
|
+
kind: 'ok',
|
|
526
|
+
text: 'Override cleared. Group will inherit the install-wide default on the next spawn.',
|
|
527
|
+
});
|
|
528
|
+
} catch (err) {
|
|
529
|
+
setFlash({ kind: 'error', text: err instanceof Error ? err.message : String(err) });
|
|
530
|
+
} finally {
|
|
531
|
+
setBusy(false);
|
|
532
|
+
}
|
|
533
|
+
};
|
|
534
|
+
|
|
535
|
+
if (state.kind === 'loading') {
|
|
536
|
+
return (
|
|
537
|
+
<div className="section">
|
|
538
|
+
<h3>Agent provider</h3>
|
|
539
|
+
<div className="skeleton skeleton-line" style={{ width: '60%' }} />
|
|
540
|
+
</div>
|
|
541
|
+
);
|
|
542
|
+
}
|
|
543
|
+
if (state.kind === 'error') {
|
|
544
|
+
return (
|
|
545
|
+
<div className="section">
|
|
546
|
+
<h3>Agent provider</h3>
|
|
547
|
+
<div className="error-banner">
|
|
548
|
+
Couldn't load: <code>{state.message}</code>
|
|
549
|
+
</div>
|
|
550
|
+
<div className="actions" style={{ marginTop: '0.75rem' }}>
|
|
551
|
+
<button onClick={reload}>Retry</button>
|
|
552
|
+
</div>
|
|
553
|
+
</div>
|
|
554
|
+
);
|
|
555
|
+
}
|
|
556
|
+
|
|
557
|
+
const { view } = state;
|
|
558
|
+
const effectiveSummary = describeSource(view.effective.source, view.effective.serverUrl);
|
|
559
|
+
const overrideSummary = describeSource(view.override.source, view.override.serverUrl);
|
|
560
|
+
|
|
561
|
+
return (
|
|
562
|
+
<div className="section">
|
|
563
|
+
<div style={{ display: 'flex', alignItems: 'center', justifyContent: 'space-between', gap: '1rem' }}>
|
|
564
|
+
<h3 style={{ margin: 0 }}>Agent provider</h3>
|
|
565
|
+
{view.overridden ? <span className="tag">override</span> : <span className="tag muted">inheriting</span>}
|
|
566
|
+
</div>
|
|
567
|
+
<p className="muted" style={{ marginTop: '0.75rem' }}>
|
|
568
|
+
{view.overridden ? (
|
|
569
|
+
<>
|
|
570
|
+
This group uses its own credential source: <strong>{overrideSummary}</strong>. Clear the override to inherit
|
|
571
|
+
the install-wide default again.
|
|
572
|
+
</>
|
|
573
|
+
) : (
|
|
574
|
+
<>
|
|
575
|
+
This group inherits the install-wide default — currently <strong>{effectiveSummary}</strong>. Set an
|
|
576
|
+
override below to give this group its own credentials. Change at{' '}
|
|
577
|
+
<Link to="/settings/agent-provider">Settings · Agent provider</Link> for the install-wide default.
|
|
578
|
+
</>
|
|
579
|
+
)}
|
|
580
|
+
</p>
|
|
581
|
+
|
|
582
|
+
{flash && (
|
|
583
|
+
<div className={flash.kind === 'ok' ? 'status-banner' : 'error-banner'} style={{ marginBottom: '0.75rem' }}>
|
|
584
|
+
{flash.text}
|
|
585
|
+
</div>
|
|
586
|
+
)}
|
|
587
|
+
|
|
588
|
+
{!view.overridden && !showForm && (
|
|
589
|
+
<div className="actions">
|
|
590
|
+
<button onClick={() => setShowForm(true)}>Override default</button>
|
|
591
|
+
</div>
|
|
592
|
+
)}
|
|
593
|
+
|
|
594
|
+
{(view.overridden || showForm) && (
|
|
595
|
+
<>
|
|
596
|
+
<AgentProviderCards view={view.override} busy={busy} onSubmit={submit} />
|
|
597
|
+
<div className="actions" style={{ display: 'flex', gap: '0.5rem' }}>
|
|
598
|
+
{view.overridden && (
|
|
599
|
+
<button className="danger" onClick={onClear} disabled={busy}>
|
|
600
|
+
{busy ? 'Working…' : 'Clear override'}
|
|
601
|
+
</button>
|
|
602
|
+
)}
|
|
603
|
+
{!view.overridden && showForm && (
|
|
604
|
+
<button className="secondary" onClick={() => setShowForm(false)} disabled={busy}>
|
|
605
|
+
Cancel
|
|
606
|
+
</button>
|
|
607
|
+
)}
|
|
608
|
+
</div>
|
|
609
|
+
</>
|
|
610
|
+
)}
|
|
611
|
+
</div>
|
|
612
|
+
);
|
|
613
|
+
}
|
|
614
|
+
|
|
615
|
+
function DetailTabs({ tab, onChange }: { tab: DetailTab; onChange: (next: DetailTab) => void }) {
|
|
616
|
+
return (
|
|
617
|
+
<ol className="detail-tabs">
|
|
618
|
+
<li className={`detail-tab${tab === 'overview' ? ' active' : ''}`}>
|
|
619
|
+
<button type="button" onClick={() => onChange('overview')}>
|
|
620
|
+
Overview
|
|
621
|
+
</button>
|
|
622
|
+
</li>
|
|
623
|
+
<li className={`detail-tab${tab === 'activity' ? ' active' : ''}`}>
|
|
624
|
+
<button type="button" onClick={() => onChange('activity')}>
|
|
625
|
+
Activity
|
|
626
|
+
</button>
|
|
627
|
+
</li>
|
|
628
|
+
</ol>
|
|
629
|
+
);
|
|
630
|
+
}
|
|
631
|
+
|
|
632
|
+
function StatusSection({
|
|
633
|
+
status,
|
|
634
|
+
onSpawn,
|
|
635
|
+
spawning,
|
|
636
|
+
onRestartSession,
|
|
637
|
+
restartingSessionId,
|
|
638
|
+
}: {
|
|
639
|
+
status: GroupStatus;
|
|
640
|
+
onSpawn: () => void;
|
|
641
|
+
spawning: boolean;
|
|
642
|
+
onRestartSession: (sessionId: string) => void;
|
|
643
|
+
restartingSessionId: string | null;
|
|
644
|
+
}) {
|
|
645
|
+
return (
|
|
646
|
+
<div className="section">
|
|
647
|
+
<div style={{ display: 'flex', alignItems: 'center', justifyContent: 'space-between', gap: '1rem' }}>
|
|
648
|
+
<h3 style={{ margin: 0 }}>Live status</h3>
|
|
649
|
+
<button onClick={onSpawn} disabled={spawning}>
|
|
650
|
+
{spawning ? 'Spawning…' : '+ New session'}
|
|
651
|
+
</button>
|
|
652
|
+
</div>
|
|
653
|
+
<p className="dim" style={{ marginTop: '0.5rem', marginBottom: 0 }}>
|
|
654
|
+
Container env (secrets, agent provider, code) is set at session spawn. To pick up changes, use{' '}
|
|
655
|
+
<strong>Restart</strong> on a running session — the agent's next message will spawn a fresh container.
|
|
656
|
+
</p>
|
|
657
|
+
<div className="kv" style={{ marginTop: '1rem' }}>
|
|
658
|
+
<div>container</div>
|
|
659
|
+
<div>
|
|
660
|
+
{status.containerRunning ? (
|
|
661
|
+
<span className="status-text alive">running</span>
|
|
662
|
+
) : (
|
|
663
|
+
<span className="status-text idle">idle</span>
|
|
664
|
+
)}
|
|
665
|
+
</div>
|
|
666
|
+
<div>active sessions</div>
|
|
667
|
+
<div>
|
|
668
|
+
{status.activeSessionCount} of {status.sessionCount}
|
|
669
|
+
</div>
|
|
670
|
+
<div>last heartbeat</div>
|
|
671
|
+
<div>
|
|
672
|
+
{status.lastHeartbeatAt ? (
|
|
673
|
+
<>
|
|
674
|
+
{formatRelative(status.lastHeartbeatAt)}{' '}
|
|
675
|
+
<span className="dim">({new Date(status.lastHeartbeatAt).toLocaleString()})</span>
|
|
676
|
+
</>
|
|
677
|
+
) : (
|
|
678
|
+
<span className="dim">never</span>
|
|
679
|
+
)}
|
|
680
|
+
</div>
|
|
681
|
+
<div>last message in</div>
|
|
682
|
+
<div>
|
|
683
|
+
{status.lastMessageInAt ? (
|
|
684
|
+
<>
|
|
685
|
+
{formatRelative(status.lastMessageInAt)}{' '}
|
|
686
|
+
<span className="dim">({new Date(status.lastMessageInAt).toLocaleString()})</span>
|
|
687
|
+
</>
|
|
688
|
+
) : (
|
|
689
|
+
<span className="dim">none</span>
|
|
690
|
+
)}
|
|
691
|
+
</div>
|
|
692
|
+
<div>last message out</div>
|
|
693
|
+
<div>
|
|
694
|
+
{status.lastMessageOutAt ? (
|
|
695
|
+
<>
|
|
696
|
+
{formatRelative(status.lastMessageOutAt)}{' '}
|
|
697
|
+
<span className="dim">({new Date(status.lastMessageOutAt).toLocaleString()})</span>
|
|
698
|
+
</>
|
|
699
|
+
) : (
|
|
700
|
+
<span className="dim">none</span>
|
|
701
|
+
)}
|
|
702
|
+
</div>
|
|
703
|
+
</div>
|
|
704
|
+
<hr className="sep" />
|
|
705
|
+
{status.sessions.length === 0 ? (
|
|
706
|
+
<p className="dim" style={{ marginBottom: 0 }}>
|
|
707
|
+
No sessions yet — spawn one with the button above to start the agent's container.
|
|
708
|
+
</p>
|
|
709
|
+
) : (
|
|
710
|
+
<>
|
|
711
|
+
<div className="dim" style={{ marginBottom: '0.5rem' }}>
|
|
712
|
+
Sessions ({status.sessions.length}):
|
|
713
|
+
</div>
|
|
714
|
+
<ul className="session-list">
|
|
715
|
+
{status.sessions.map((s) => {
|
|
716
|
+
const restartable = s.containerStatus === 'running' && s.status === 'active';
|
|
717
|
+
const isRestarting = restartingSessionId === s.sessionId;
|
|
718
|
+
return (
|
|
719
|
+
<li key={s.sessionId}>
|
|
720
|
+
<code>{s.sessionId}</code>{' '}
|
|
721
|
+
{s.alive ? (
|
|
722
|
+
<span className="status-text alive">alive</span>
|
|
723
|
+
) : (
|
|
724
|
+
<span className="status-text idle">{s.containerStatus}</span>
|
|
725
|
+
)}{' '}
|
|
726
|
+
<span className="dim">— {s.status}</span>
|
|
727
|
+
{s.lastHeartbeatAt && (
|
|
728
|
+
<>
|
|
729
|
+
{' '}
|
|
730
|
+
<span className="dim">· hb {formatRelative(s.lastHeartbeatAt)}</span>
|
|
731
|
+
</>
|
|
732
|
+
)}
|
|
733
|
+
{restartable && (
|
|
734
|
+
<>
|
|
735
|
+
{' '}
|
|
736
|
+
<button
|
|
737
|
+
type="button"
|
|
738
|
+
className="secondary"
|
|
739
|
+
style={{ marginLeft: '0.5rem', padding: '0.15rem 0.6rem', fontSize: '0.85rem' }}
|
|
740
|
+
onClick={() => onRestartSession(s.sessionId)}
|
|
741
|
+
disabled={restartingSessionId !== null}
|
|
742
|
+
>
|
|
743
|
+
{isRestarting ? 'Restarting…' : 'Restart'}
|
|
744
|
+
</button>
|
|
745
|
+
</>
|
|
746
|
+
)}
|
|
747
|
+
</li>
|
|
748
|
+
);
|
|
749
|
+
})}
|
|
750
|
+
</ul>
|
|
751
|
+
</>
|
|
752
|
+
)}
|
|
753
|
+
</div>
|
|
754
|
+
);
|
|
755
|
+
}
|