npm - @pixelbyte-software/pixcode - Versions diffs - 1.34.0 → 1.35.1 - Mend

@pixelbyte-software/pixcode 1.34.0 → 1.35.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (247) hide show

package/LICENSE +718 -718
package/README.de.md +248 -248
package/README.ja.md +240 -240
package/README.ko.md +240 -240
package/README.md +303 -303
package/README.ru.md +248 -248
package/README.tr.md +250 -250
package/README.zh-CN.md +240 -240
package/dist/api-docs.html +548 -395
package/dist/assets/index-B8w57E1r.css +32 -0
package/dist/assets/index-CBdsvGSR.js +854 -0
package/dist/clear-cache.html +85 -85
package/dist/convert-icons.md +52 -52
package/dist/favicon.svg +8 -8
package/dist/generate-icons.js +48 -48
package/dist/icons/codex-white.svg +3 -3
package/dist/icons/codex.svg +3 -3
package/dist/icons/cursor-white.svg +11 -11
package/dist/icons/icon-128x128.svg +9 -9
package/dist/icons/icon-144x144.svg +9 -9
package/dist/icons/icon-152x152.svg +9 -9
package/dist/icons/icon-192x192.svg +9 -9
package/dist/icons/icon-384x384.svg +9 -9
package/dist/icons/icon-512x512.svg +9 -9
package/dist/icons/icon-72x72.svg +9 -9
package/dist/icons/icon-96x96.svg +9 -9
package/dist/icons/icon-template.svg +9 -9
package/dist/icons/qwen-logo.svg +14 -14
package/dist/index.html +59 -59
package/dist/logo.svg +12 -12
package/dist/manifest.json +60 -60
package/dist/openapi.yaml +1693 -1311
package/dist/sw.js +124 -124
package/dist-server/server/claude-sdk.js +38 -7
package/dist-server/server/claude-sdk.js.map +1 -1
package/dist-server/server/cli.js +107 -112
package/dist-server/server/cli.js.map +1 -1
package/dist-server/server/daemon/manager.js +33 -33
package/dist-server/server/daemon-manager.js +159 -112
package/dist-server/server/daemon-manager.js.map +1 -1
package/dist-server/server/database/json-store.js +8 -5
package/dist-server/server/database/json-store.js.map +1 -1
package/dist-server/server/index.js +31 -10
package/dist-server/server/index.js.map +1 -1
package/dist-server/server/modules/orchestration/a2a/adapter-registry.js +45 -19
package/dist-server/server/modules/orchestration/a2a/adapter-registry.js.map +1 -1
package/dist-server/server/modules/orchestration/a2a/adapters/abstract-a2a.adapter.js.map +1 -1
package/dist-server/server/modules/orchestration/a2a/adapters/claude-code.adapter.js +1 -0
package/dist-server/server/modules/orchestration/a2a/adapters/claude-code.adapter.js.map +1 -1
package/dist-server/server/modules/orchestration/a2a/adapters/codex.adapter.js +202 -0
package/dist-server/server/modules/orchestration/a2a/adapters/codex.adapter.js.map +1 -0
package/dist-server/server/modules/orchestration/a2a/adapters/cursor.adapter.js +205 -0
package/dist-server/server/modules/orchestration/a2a/adapters/cursor.adapter.js.map +1 -0
package/dist-server/server/modules/orchestration/a2a/adapters/gemini.adapter.js +205 -0
package/dist-server/server/modules/orchestration/a2a/adapters/gemini.adapter.js.map +1 -0
package/dist-server/server/modules/orchestration/a2a/adapters/opencode.adapter.js +205 -0
package/dist-server/server/modules/orchestration/a2a/adapters/opencode.adapter.js.map +1 -0
package/dist-server/server/modules/orchestration/a2a/adapters/qwen.adapter.js +205 -0
package/dist-server/server/modules/orchestration/a2a/adapters/qwen.adapter.js.map +1 -0
package/dist-server/server/modules/orchestration/a2a/routes.js +298 -34
package/dist-server/server/modules/orchestration/a2a/routes.js.map +1 -1
package/dist-server/server/modules/orchestration/a2a/task-store.js +144 -0
package/dist-server/server/modules/orchestration/a2a/task-store.js.map +1 -0
package/dist-server/server/modules/orchestration/a2a/validator.js +16 -0
package/dist-server/server/modules/orchestration/a2a/validator.js.map +1 -1
package/dist-server/server/modules/orchestration/index.js +14 -0
package/dist-server/server/modules/orchestration/index.js.map +1 -1
package/dist-server/server/modules/orchestration/preview/port-watcher.js +90 -0
package/dist-server/server/modules/orchestration/preview/port-watcher.js.map +1 -0
package/dist-server/server/modules/orchestration/preview/preview-proxy.js +58 -0
package/dist-server/server/modules/orchestration/preview/preview-proxy.js.map +1 -0
package/dist-server/server/modules/orchestration/preview/types.js +2 -0
package/dist-server/server/modules/orchestration/preview/types.js.map +1 -0
package/dist-server/server/modules/orchestration/tasks/orchestration-task-store.js +37 -0
package/dist-server/server/modules/orchestration/tasks/orchestration-task-store.js.map +1 -0
package/dist-server/server/modules/orchestration/tasks/orchestration-task.routes.js +68 -0
package/dist-server/server/modules/orchestration/tasks/orchestration-task.routes.js.map +1 -0
package/dist-server/server/modules/orchestration/tasks/orchestration-task.service.js +128 -0
package/dist-server/server/modules/orchestration/tasks/orchestration-task.service.js.map +1 -0
package/dist-server/server/modules/orchestration/tasks/orchestration-task.types.js +2 -0
package/dist-server/server/modules/orchestration/tasks/orchestration-task.types.js.map +1 -0
package/dist-server/server/modules/orchestration/workflows/built-in-workflows.js +126 -0
package/dist-server/server/modules/orchestration/workflows/built-in-workflows.js.map +1 -0
package/dist-server/server/modules/orchestration/workflows/workflow-runner.js +1047 -0
package/dist-server/server/modules/orchestration/workflows/workflow-runner.js.map +1 -0
package/dist-server/server/modules/orchestration/workflows/workflow-store.js +76 -0
package/dist-server/server/modules/orchestration/workflows/workflow-store.js.map +1 -0
package/dist-server/server/modules/orchestration/workflows/workflow.routes.js +151 -0
package/dist-server/server/modules/orchestration/workflows/workflow.routes.js.map +1 -0
package/dist-server/server/modules/orchestration/workflows/workflow.types.js +2 -0
package/dist-server/server/modules/orchestration/workflows/workflow.types.js.map +1 -0
package/dist-server/server/modules/orchestration/workflows/workspace-target.js +98 -0
package/dist-server/server/modules/orchestration/workflows/workspace-target.js.map +1 -0
package/dist-server/server/modules/orchestration/workspace/docker-workspace.js +122 -0
package/dist-server/server/modules/orchestration/workspace/docker-workspace.js.map +1 -0
package/dist-server/server/modules/orchestration/workspace/path-safety.js +48 -0
package/dist-server/server/modules/orchestration/workspace/path-safety.js.map +1 -0
package/dist-server/server/modules/orchestration/workspace/types.js +11 -0
package/dist-server/server/modules/orchestration/workspace/types.js.map +1 -0
package/dist-server/server/modules/orchestration/workspace/workspace-manager.js +80 -0
package/dist-server/server/modules/orchestration/workspace/workspace-manager.js.map +1 -0
package/dist-server/server/modules/orchestration/workspace/worktree-workspace.js +96 -0
package/dist-server/server/modules/orchestration/workspace/worktree-workspace.js.map +1 -0
package/dist-server/server/modules/providers/index.js +3 -0
package/dist-server/server/modules/providers/index.js.map +1 -0
package/dist-server/server/openai-codex.js +35 -4
package/dist-server/server/openai-codex.js.map +1 -1
package/dist-server/server/routes/commands.js +25 -25
package/dist-server/server/routes/git.js +17 -17
package/dist-server/server/routes/taskmaster.js +525 -508
package/dist-server/server/routes/taskmaster.js.map +1 -1
package/package.json +180 -178
package/scripts/fix-node-pty.js +67 -67
package/scripts/smoke/a2a-roundtrip.mjs +86 -17
package/scripts/smoke/orchestration-api.mjs +172 -0
package/scripts/smoke/orchestration-live-run.mjs +176 -0
package/server/claude-sdk.js +898 -857
package/server/cli.js +935 -940
package/server/constants/config.js +4 -4
package/server/cursor-cli.js +342 -342
package/server/daemon/manager.js +564 -564
package/server/daemon-manager.js +959 -920
package/server/database/db.js +794 -794
package/server/database/json-store.js +197 -194
package/server/gemini-cli.js +535 -535
package/server/gemini-response-handler.js +79 -79
package/server/index.js +3135 -3104
package/server/load-env.js +34 -34
package/server/middleware/auth.js +173 -173
package/server/modules/orchestration/a2a/adapter-registry.ts +72 -22
package/server/modules/orchestration/a2a/adapters/abstract-a2a.adapter.ts +9 -3
package/server/modules/orchestration/a2a/adapters/claude-code.adapter.ts +1 -0
package/server/modules/orchestration/a2a/adapters/codex.adapter.ts +244 -0
package/server/modules/orchestration/a2a/adapters/cursor.adapter.ts +249 -0
package/server/modules/orchestration/a2a/adapters/gemini.adapter.ts +248 -0
package/server/modules/orchestration/a2a/adapters/opencode.adapter.ts +248 -0
package/server/modules/orchestration/a2a/adapters/qwen.adapter.ts +248 -0
package/server/modules/orchestration/a2a/routes.ts +349 -36
package/server/modules/orchestration/a2a/task-store.ts +178 -0
package/server/modules/orchestration/a2a/types.ts +14 -0
package/server/modules/orchestration/a2a/validator.ts +25 -2
package/server/modules/orchestration/index.ts +40 -0
package/server/modules/orchestration/preview/port-watcher.ts +112 -0
package/server/modules/orchestration/preview/preview-proxy.ts +60 -0
package/server/modules/orchestration/preview/types.ts +19 -0
package/server/modules/orchestration/tasks/orchestration-task-store.ts +45 -0
package/server/modules/orchestration/tasks/orchestration-task.routes.ts +73 -0
package/server/modules/orchestration/tasks/orchestration-task.service.ts +145 -0
package/server/modules/orchestration/tasks/orchestration-task.types.ts +29 -0
package/server/modules/orchestration/workflows/built-in-workflows.ts +127 -0
package/server/modules/orchestration/workflows/workflow-runner.ts +1206 -0
package/server/modules/orchestration/workflows/workflow-store.ts +97 -0
package/server/modules/orchestration/workflows/workflow.routes.ts +169 -0
package/server/modules/orchestration/workflows/workflow.types.ts +70 -0
package/server/modules/orchestration/workflows/workspace-target.ts +120 -0
package/server/modules/orchestration/workspace/docker-workspace.ts +135 -0
package/server/modules/orchestration/workspace/path-safety.ts +55 -0
package/server/modules/orchestration/workspace/types.ts +52 -0
package/server/modules/orchestration/workspace/workspace-manager.ts +97 -0
package/server/modules/orchestration/workspace/worktree-workspace.ts +125 -0
package/server/modules/providers/index.ts +2 -0
package/server/modules/providers/list/claude/claude-auth.provider.ts +145 -145
package/server/modules/providers/list/claude/claude-mcp.provider.ts +135 -135
package/server/modules/providers/list/claude/claude-sessions.provider.ts +306 -306
package/server/modules/providers/list/claude/claude.provider.ts +15 -15
package/server/modules/providers/list/codex/codex-auth.provider.ts +115 -115
package/server/modules/providers/list/codex/codex-mcp.provider.ts +135 -135
package/server/modules/providers/list/codex/codex-sessions.provider.ts +319 -319
package/server/modules/providers/list/codex/codex.provider.ts +15 -15
package/server/modules/providers/list/cursor/cursor-auth.provider.ts +143 -143
package/server/modules/providers/list/cursor/cursor-mcp.provider.ts +108 -108
package/server/modules/providers/list/cursor/cursor-sessions.provider.ts +421 -421
package/server/modules/providers/list/cursor/cursor.provider.ts +15 -15
package/server/modules/providers/list/gemini/gemini-auth.provider.ts +163 -163
package/server/modules/providers/list/gemini/gemini-mcp.provider.ts +110 -110
package/server/modules/providers/list/gemini/gemini-sessions.provider.ts +227 -227
package/server/modules/providers/list/gemini/gemini.provider.ts +15 -15
package/server/modules/providers/list/opencode/opencode-auth.provider.ts +130 -130
package/server/modules/providers/list/opencode/opencode-mcp.provider.ts +126 -126
package/server/modules/providers/list/opencode/opencode-sessions.provider.ts +232 -232
package/server/modules/providers/list/opencode/opencode.provider.ts +29 -29
package/server/modules/providers/list/qwen/qwen-auth.provider.ts +145 -145
package/server/modules/providers/list/qwen/qwen-mcp.provider.ts +114 -114
package/server/modules/providers/list/qwen/qwen-sessions.provider.ts +265 -265
package/server/modules/providers/list/qwen/qwen.provider.ts +21 -21
package/server/modules/providers/provider.registry.ts +40 -40
package/server/modules/providers/provider.routes.ts +819 -819
package/server/modules/providers/services/mcp.service.ts +86 -86
package/server/modules/providers/services/provider-auth.service.ts +26 -26
package/server/modules/providers/services/sessions.service.ts +45 -45
package/server/modules/providers/shared/base/abstract.provider.ts +20 -20
package/server/modules/providers/shared/mcp/mcp.provider.ts +151 -151
package/server/modules/providers/shared/provider-configs.ts +142 -142
package/server/modules/providers/tests/mcp.test.ts +293 -293
package/server/openai-codex.js +462 -426
package/server/opencode-cli.js +459 -459
package/server/opencode-response-handler.js +107 -107
package/server/projects.js +3105 -3105
package/server/qwen-code-cli.js +395 -395
package/server/qwen-response-handler.js +73 -73
package/server/routes/agent.js +1365 -1365
package/server/routes/auth.js +138 -138
package/server/routes/codex.js +19 -19
package/server/routes/commands.js +554 -554
package/server/routes/cursor.js +52 -52
package/server/routes/gemini.js +24 -24
package/server/routes/git.js +1488 -1488
package/server/routes/mcp-utils.js +31 -31
package/server/routes/messages.js +61 -61
package/server/routes/network.js +120 -120
package/server/routes/plugins.js +318 -318
package/server/routes/projects.js +915 -915
package/server/routes/qwen.js +27 -27
package/server/routes/settings.js +286 -286
package/server/routes/taskmaster.js +1496 -1471
package/server/routes/telegram.js +125 -125
package/server/routes/user.js +123 -123
package/server/services/external-access.js +171 -171
package/server/services/install-jobs.js +571 -571
package/server/services/notification-orchestrator.js +242 -242
package/server/services/provider-credentials.js +189 -189
package/server/services/provider-models.js +381 -381
package/server/services/telegram/bot.js +279 -279
package/server/services/telegram/telegram-http-client.js +130 -130
package/server/services/telegram/translations.js +170 -170
package/server/services/vapid-keys.js +36 -36
package/server/sessionManager.js +225 -225
package/server/shared/interfaces.ts +54 -54
package/server/shared/types.ts +172 -172
package/server/shared/utils.ts +193 -193
package/server/tsconfig.json +36 -36
package/server/utils/colors.js +21 -21
package/server/utils/commandParser.js +303 -303
package/server/utils/frontmatter.js +18 -18
package/server/utils/gitConfig.js +34 -34
package/server/utils/mcp-detector.js +147 -147
package/server/utils/plugin-loader.js +457 -457
package/server/utils/plugin-process-manager.js +184 -184
package/server/utils/port-access.js +209 -209
package/server/utils/runtime-paths.js +37 -37
package/server/utils/taskmaster-websocket.js +128 -128
package/server/utils/url-detection.js +71 -71
package/server/vite-daemon.js +78 -78
package/shared/modelConstants.js +162 -162
package/shared/networkHosts.js +22 -22
package/dist/assets/index-B1ghfb4w.css +0 -32
package/dist/assets/index-BvClqlMf.js +0 -852

package/server/utils/port-access.js CHANGED Viewed

@@ -1,209 +1,209 @@
-import os from 'os';
-import fs from 'fs';
-import path from 'path';
-import readline from 'readline';
-import { execSync } from 'child_process';
-import { c } from './colors.js';
-/**
- * Tracks inbound port access decisions across runs so the server doesn't
- * re-prompt the user (on Windows/macOS) every start, and can skip work on
- * Linux where a rule has already been applied.
- */
-const STATE_FILE = path.join(os.homedir(), '.pixcode', 'port-access.json');
-function loadState() {
-  try {
-    return JSON.parse(fs.readFileSync(STATE_FILE, 'utf8'));
-  } catch {
-    return {};
-  }
-}
-function saveState(state) {
-  try {
-    fs.mkdirSync(path.dirname(STATE_FILE), { recursive: true });
-    fs.writeFileSync(STATE_FILE, JSON.stringify(state, null, 2));
-  } catch {
-    // Persisting the decision is a nice-to-have; failure shouldn't block start.
-  }
-}
-/** Return all non-loopback IPv4 addresses assigned to this host. */
-export function getLanIps() {
-  const ifs = os.networkInterfaces();
-  const ips = [];
-  for (const name of Object.keys(ifs)) {
-    for (const ni of ifs[name] || []) {
-      if (ni.family === 'IPv4' && !ni.internal) ips.push(ni.address);
-    }
-  }
-  return ips;
-}
-function askYN(question) {
-  return new Promise((resolve) => {
-    if (!process.stdin.isTTY || !process.stdout.isTTY) {
-      resolve(null); // headless / daemon context — skip
-      return;
-    }
-    const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
-    rl.question(question, (answer) => {
-      rl.close();
-      const normalized = answer.trim().toLowerCase();
-      resolve(['y', 'yes', 'e', 'evet'].includes(normalized));
-    });
-  });
-}
-// ---------------- Linux ----------------
-function tryUfw(port) {
-  try {
-    execSync('command -v ufw', { stdio: 'pipe' });
-    const status = execSync('ufw status', { stdio: 'pipe', encoding: 'utf8' });
-    // UFW inactive = no rule needed; the port is already reachable.
-    if (!/active/i.test(status)) return 'inactive';
-    execSync(`sudo -n ufw allow ${port}/tcp`, { stdio: 'pipe' });
-    return 'applied';
-  } catch {
-    return null;
-  }
-}
-function tryFirewalld(port) {
-  try {
-    execSync('command -v firewall-cmd', { stdio: 'pipe' });
-    const state = execSync('firewall-cmd --state', { stdio: 'pipe', encoding: 'utf8' });
-    if (!/running/i.test(state)) return 'inactive';
-    execSync(`sudo -n firewall-cmd --add-port=${port}/tcp --permanent`, { stdio: 'pipe' });
-    execSync('sudo -n firewall-cmd --reload', { stdio: 'pipe' });
-    return 'applied';
-  } catch {
-    return null;
-  }
-}
-// ---------------- Windows ----------------
-function applyWindowsRule(port) {
-  const ruleName = `Pixcode-${port}`;
-  const cmd = `netsh advfirewall firewall add rule name="${ruleName}" dir=in action=allow protocol=TCP localport=${port}`;
-  try {
-    execSync(cmd, { stdio: 'pipe' });
-    return { ok: true, cmd, ruleName };
-  } catch (error) {
-    return { ok: false, cmd, ruleName, error: error.message };
-  }
-}
-// ---------------- macOS ----------------
-function macFirewallHint(port) {
-  return [
-    `${c.tip('[TIP]')}  macOS Application Firewall is per-app, not per-port.`,
-    '       If other devices can\'t connect, open:',
-    '       System Settings > Network > Firewall > Options',
-    `       and add Node.js to "Allow incoming connections" (port ${port}).`,
-  ].join('\n');
-}
-// ---------------- Main entry ----------------
-/**
- * Make sure inbound traffic can reach `port` from the local network.
- *
- * - Linux: silently try ufw/firewalld with `sudo -n` (passwordless). Skips
- *   cleanly when no firewall is running or sudo is gated — LAN access
- *   already works on most desktop distros.
- * - Windows/macOS: ask the user once; remember the decision in
- *   ~/.pixcode/port-access.json so subsequent starts stay quiet.
- *
- * All failure paths are non-fatal: the server is already listening when
- * we get here, and LAN clients on the same subnet often can reach it
- * without any firewall change.
- */
-export async function ensurePortOpen(port) {
-  const state = loadState();
-  const key = `port:${port}`;
-  const entry = state[key];
-  const lanIps = getLanIps();
-  if (lanIps.length) {
-    console.log(`${c.info('[INFO]')} LAN access:  ${c.bright(`http://${lanIps[0]}:${port}`)}`);
-    if (lanIps.length > 1) {
-      for (const extra of lanIps.slice(1)) {
-        console.log(`${c.dim('       also:')}  http://${extra}:${port}`);
-      }
-    }
-  }
-  if (entry && entry.decision === 'deny') {
-    console.log(`${c.dim('[INFO]')} Firewall prompt suppressed (previously declined). Re-enable via ~/.pixcode/port-access.json`);
-    return;
-  }
-  const platform = process.platform;
-  if (platform === 'linux') {
-    if (entry && entry.status === 'applied') return;
-    const result = tryUfw(port) || tryFirewalld(port);
-    if (result === 'applied') {
-      console.log(`${c.ok('[OK]')}   Inbound firewall rule added for port ${port}.`);
-      saveState({ ...state, [key]: { decision: 'allow', status: 'applied', via: 'linux' } });
-    } else if (result === 'inactive') {
-      console.log(`${c.dim('[INFO]')} No active firewall detected — port ${port} should be reachable.`);
-    } else {
-      console.log(`${c.tip('[TIP]')}  Couldn't auto-open port (no sudo / unsupported firewall).`);
-      console.log(`       Manual: ${c.bright(`sudo ufw allow ${port}/tcp`)}  ${c.dim('(or firewall-cmd equivalent)')}`);
-    }
-    return;
-  }
-  if (platform === 'win32') {
-    if (entry && entry.status === 'applied') return;
-    const approved = await askYN(
-      `${c.tip('[?]')}    Open port ${port} in Windows Firewall so other devices on your network can connect? [y/N] `,
-    );
-    if (approved === null) {
-      // No TTY — just show the manual command and move on.
-      console.log(
-        `${c.tip('[TIP]')}  To allow LAN access, run this in an elevated PowerShell:\n       ${c.bright(
-          `netsh advfirewall firewall add rule name="Pixcode-${port}" dir=in action=allow protocol=TCP localport=${port}`,
-        )}`,
-      );
-      return;
-    }
-    if (!approved) {
-      console.log(`${c.dim('[INFO]')} Skipping firewall change.`);
-      saveState({ ...state, [key]: { decision: 'deny' } });
-      return;
-    }
-    const result = applyWindowsRule(port);
-    if (result.ok) {
-      console.log(`${c.ok('[OK]')}   Firewall rule "${result.ruleName}" added.`);
-      saveState({ ...state, [key]: { decision: 'allow', status: 'applied', via: 'windows' } });
-    } else {
-      console.log(`${c.tip('[TIP]')}  Adding the rule needs Administrator. Run this in an elevated PowerShell:`);
-      console.log(`       ${c.bright(result.cmd)}`);
-      saveState({ ...state, [key]: { decision: 'allow', status: 'manual' } });
-    }
-    return;
-  }
-  if (platform === 'darwin') {
-    if (entry && entry.status) return;
-    const approved = await askYN(
-      `${c.tip('[?]')}    Allow inbound connections on port ${port} through macOS firewall? [y/N] `,
-    );
-    if (approved === null) return;
-    if (!approved) {
-      console.log(`${c.dim('[INFO]')} Skipping firewall hint.`);
-      saveState({ ...state, [key]: { decision: 'deny' } });
-      return;
-    }
-    console.log(macFirewallHint(port));
-    saveState({ ...state, [key]: { decision: 'allow', status: 'manual', via: 'macos' } });
-  }
-}
+import os from 'os';
+import fs from 'fs';
+import path from 'path';
+import readline from 'readline';
+import { execSync } from 'child_process';
+import { c } from './colors.js';
+/**
+ * Tracks inbound port access decisions across runs so the server doesn't
+ * re-prompt the user (on Windows/macOS) every start, and can skip work on
+ * Linux where a rule has already been applied.
+ */
+const STATE_FILE = path.join(os.homedir(), '.pixcode', 'port-access.json');
+function loadState() {
+  try {
+    return JSON.parse(fs.readFileSync(STATE_FILE, 'utf8'));
+  } catch {
+    return {};
+  }
+}
+function saveState(state) {
+  try {
+    fs.mkdirSync(path.dirname(STATE_FILE), { recursive: true });
+    fs.writeFileSync(STATE_FILE, JSON.stringify(state, null, 2));
+  } catch {
+    // Persisting the decision is a nice-to-have; failure shouldn't block start.
+  }
+}
+/** Return all non-loopback IPv4 addresses assigned to this host. */
+export function getLanIps() {
+  const ifs = os.networkInterfaces();
+  const ips = [];
+  for (const name of Object.keys(ifs)) {
+    for (const ni of ifs[name] || []) {
+      if (ni.family === 'IPv4' && !ni.internal) ips.push(ni.address);
+    }
+  }
+  return ips;
+}
+function askYN(question) {
+  return new Promise((resolve) => {
+    if (!process.stdin.isTTY || !process.stdout.isTTY) {
+      resolve(null); // headless / daemon context — skip
+      return;
+    }
+    const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+    rl.question(question, (answer) => {
+      rl.close();
+      const normalized = answer.trim().toLowerCase();
+      resolve(['y', 'yes', 'e', 'evet'].includes(normalized));
+    });
+  });
+}
+// ---------------- Linux ----------------
+function tryUfw(port) {
+  try {
+    execSync('command -v ufw', { stdio: 'pipe' });
+    const status = execSync('ufw status', { stdio: 'pipe', encoding: 'utf8' });
+    // UFW inactive = no rule needed; the port is already reachable.
+    if (!/active/i.test(status)) return 'inactive';
+    execSync(`sudo -n ufw allow ${port}/tcp`, { stdio: 'pipe' });
+    return 'applied';
+  } catch {
+    return null;
+  }
+}
+function tryFirewalld(port) {
+  try {
+    execSync('command -v firewall-cmd', { stdio: 'pipe' });
+    const state = execSync('firewall-cmd --state', { stdio: 'pipe', encoding: 'utf8' });
+    if (!/running/i.test(state)) return 'inactive';
+    execSync(`sudo -n firewall-cmd --add-port=${port}/tcp --permanent`, { stdio: 'pipe' });
+    execSync('sudo -n firewall-cmd --reload', { stdio: 'pipe' });
+    return 'applied';
+  } catch {
+    return null;
+  }
+}
+// ---------------- Windows ----------------
+function applyWindowsRule(port) {
+  const ruleName = `Pixcode-${port}`;
+  const cmd = `netsh advfirewall firewall add rule name="${ruleName}" dir=in action=allow protocol=TCP localport=${port}`;
+  try {
+    execSync(cmd, { stdio: 'pipe' });
+    return { ok: true, cmd, ruleName };
+  } catch (error) {
+    return { ok: false, cmd, ruleName, error: error.message };
+  }
+}
+// ---------------- macOS ----------------
+function macFirewallHint(port) {
+  return [
+    `${c.tip('[TIP]')}  macOS Application Firewall is per-app, not per-port.`,
+    '       If other devices can\'t connect, open:',
+    '       System Settings > Network > Firewall > Options',
+    `       and add Node.js to "Allow incoming connections" (port ${port}).`,
+  ].join('\n');
+}
+// ---------------- Main entry ----------------
+/**
+ * Make sure inbound traffic can reach `port` from the local network.
+ *
+ * - Linux: silently try ufw/firewalld with `sudo -n` (passwordless). Skips
+ *   cleanly when no firewall is running or sudo is gated — LAN access
+ *   already works on most desktop distros.
+ * - Windows/macOS: ask the user once; remember the decision in
+ *   ~/.pixcode/port-access.json so subsequent starts stay quiet.
+ *
+ * All failure paths are non-fatal: the server is already listening when
+ * we get here, and LAN clients on the same subnet often can reach it
+ * without any firewall change.
+ */
+export async function ensurePortOpen(port) {
+  const state = loadState();
+  const key = `port:${port}`;
+  const entry = state[key];
+  const lanIps = getLanIps();
+  if (lanIps.length) {
+    console.log(`${c.info('[INFO]')} LAN access:  ${c.bright(`http://${lanIps[0]}:${port}`)}`);
+    if (lanIps.length > 1) {
+      for (const extra of lanIps.slice(1)) {
+        console.log(`${c.dim('       also:')}  http://${extra}:${port}`);
+      }
+    }
+  }
+  if (entry && entry.decision === 'deny') {
+    console.log(`${c.dim('[INFO]')} Firewall prompt suppressed (previously declined). Re-enable via ~/.pixcode/port-access.json`);
+    return;
+  }
+  const platform = process.platform;
+  if (platform === 'linux') {
+    if (entry && entry.status === 'applied') return;
+    const result = tryUfw(port) || tryFirewalld(port);
+    if (result === 'applied') {
+      console.log(`${c.ok('[OK]')}   Inbound firewall rule added for port ${port}.`);
+      saveState({ ...state, [key]: { decision: 'allow', status: 'applied', via: 'linux' } });
+    } else if (result === 'inactive') {
+      console.log(`${c.dim('[INFO]')} No active firewall detected — port ${port} should be reachable.`);
+    } else {
+      console.log(`${c.tip('[TIP]')}  Couldn't auto-open port (no sudo / unsupported firewall).`);
+      console.log(`       Manual: ${c.bright(`sudo ufw allow ${port}/tcp`)}  ${c.dim('(or firewall-cmd equivalent)')}`);
+    }
+    return;
+  }
+  if (platform === 'win32') {
+    if (entry && entry.status === 'applied') return;
+    const approved = await askYN(
+      `${c.tip('[?]')}    Open port ${port} in Windows Firewall so other devices on your network can connect? [y/N] `,
+    );
+    if (approved === null) {
+      // No TTY — just show the manual command and move on.
+      console.log(
+        `${c.tip('[TIP]')}  To allow LAN access, run this in an elevated PowerShell:\n       ${c.bright(
+          `netsh advfirewall firewall add rule name="Pixcode-${port}" dir=in action=allow protocol=TCP localport=${port}`,
+        )}`,
+      );
+      return;
+    }
+    if (!approved) {
+      console.log(`${c.dim('[INFO]')} Skipping firewall change.`);
+      saveState({ ...state, [key]: { decision: 'deny' } });
+      return;
+    }
+    const result = applyWindowsRule(port);
+    if (result.ok) {
+      console.log(`${c.ok('[OK]')}   Firewall rule "${result.ruleName}" added.`);
+      saveState({ ...state, [key]: { decision: 'allow', status: 'applied', via: 'windows' } });
+    } else {
+      console.log(`${c.tip('[TIP]')}  Adding the rule needs Administrator. Run this in an elevated PowerShell:`);
+      console.log(`       ${c.bright(result.cmd)}`);
+      saveState({ ...state, [key]: { decision: 'allow', status: 'manual' } });
+    }
+    return;
+  }
+  if (platform === 'darwin') {
+    if (entry && entry.status) return;
+    const approved = await askYN(
+      `${c.tip('[?]')}    Allow inbound connections on port ${port} through macOS firewall? [y/N] `,
+    );
+    if (approved === null) return;
+    if (!approved) {
+      console.log(`${c.dim('[INFO]')} Skipping firewall hint.`);
+      saveState({ ...state, [key]: { decision: 'deny' } });
+      return;
+    }
+    console.log(macFirewallHint(port));
+    saveState({ ...state, [key]: { decision: 'allow', status: 'manual', via: 'macos' } });
+  }
+}

package/server/utils/runtime-paths.js CHANGED Viewed

@@ -1,37 +1,37 @@
-import path from 'path';
-import { fileURLToPath } from 'url';
-export function getModuleDir(importMetaUrl) {
-  return path.dirname(fileURLToPath(importMetaUrl));
-}
-export function findServerRoot(startDir) {
-  // Source files live under /server, while compiled files live under /dist-server/server.
-  // Walking up to the nearest "server" folder gives every backend module one stable anchor
-  // that works in both layouts instead of relying on fragile "../.." assumptions.
-  let currentDir = startDir;
-  while (path.basename(currentDir) !== 'server') {
-    const parentDir = path.dirname(currentDir);
-    if (parentDir === currentDir) {
-      throw new Error(`Could not resolve the backend server root from "${startDir}".`);
-    }
-    currentDir = parentDir;
-  }
-  return currentDir;
-}
-export function findAppRoot(startDir) {
-  const serverRoot = findServerRoot(startDir);
-  const parentOfServerRoot = path.dirname(serverRoot);
-  // Source files live at <app>/server, while compiled files live at <app>/dist-server/server.
-  // When the nearest server folder sits inside dist-server we need to hop one extra level up
-  // so repo-level files still resolve from the real app root instead of the build directory.
-  return path.basename(parentOfServerRoot) === 'dist-server'
-    ? path.dirname(parentOfServerRoot)
-    : parentOfServerRoot;
-}
+import path from 'path';
+import { fileURLToPath } from 'url';
+export function getModuleDir(importMetaUrl) {
+  return path.dirname(fileURLToPath(importMetaUrl));
+}
+export function findServerRoot(startDir) {
+  // Source files live under /server, while compiled files live under /dist-server/server.
+  // Walking up to the nearest "server" folder gives every backend module one stable anchor
+  // that works in both layouts instead of relying on fragile "../.." assumptions.
+  let currentDir = startDir;
+  while (path.basename(currentDir) !== 'server') {
+    const parentDir = path.dirname(currentDir);
+    if (parentDir === currentDir) {
+      throw new Error(`Could not resolve the backend server root from "${startDir}".`);
+    }
+    currentDir = parentDir;
+  }
+  return currentDir;
+}
+export function findAppRoot(startDir) {
+  const serverRoot = findServerRoot(startDir);
+  const parentOfServerRoot = path.dirname(serverRoot);
+  // Source files live at <app>/server, while compiled files live at <app>/dist-server/server.
+  // When the nearest server folder sits inside dist-server we need to hop one extra level up
+  // so repo-level files still resolve from the real app root instead of the build directory.
+  return path.basename(parentOfServerRoot) === 'dist-server'
+    ? path.dirname(parentOfServerRoot)
+    : parentOfServerRoot;
+}