npm - @pixelbyte-software/pixcode - Versions diffs - 1.38.2 → 1.38.3 - Mend

@pixelbyte-software/pixcode 1.38.2 → 1.38.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/scripts/smoke/chat-session-provider-pools.mjs ADDED Viewed

@@ -0,0 +1,35 @@
+#!/usr/bin/env node
+import { readFileSync } from 'node:fs';
+const projectsState = readFileSync('src/hooks/useProjectsState.ts', 'utf8');
+function assert(condition, message) {
+  if (!condition) {
+    console.error(`chat-session-provider-pools smoke failed: ${message}`);
+    process.exit(1);
+  }
+}
+const getProjectSessionsBody = projectsState.match(/const getProjectSessions = \(project: Project\): ProjectSession\[\] => \{[\s\S]*?\n\};/)?.[0] ?? '';
+assert(
+  getProjectSessionsBody.includes('project.qwenSessions') && getProjectSessionsBody.includes('project.opencodeSessions'),
+  'selected-session refresh logic should include qwen/opencode pools',
+);
+assert(
+  projectsState.includes('serialize(nextProject.qwenSessions)') && projectsState.includes('serialize(nextProject.opencodeSessions)'),
+  'project change detection should include qwen/opencode sessions',
+);
+assert(
+  projectsState.includes("sessionId.startsWith('codex-')") && projectsState.includes("sessionId.startsWith('gemini_')"),
+  'fallback session provider inference should cover codex and gemini ids, not only qwen/opencode',
+);
+assert(
+  projectsState.includes("localStorage.setItem('selected-provider', session.__provider)"),
+  'selecting an existing session should persist that session provider before navigation',
+);
+console.log('chat-session-provider-pools smoke passed');

package/scripts/smoke/desktop-tray-icon.mjs ADDED Viewed

@@ -0,0 +1,33 @@
+#!/usr/bin/env node
+import { readFileSync } from 'node:fs';
+const main = readFileSync('desktop/electron/main.cjs', 'utf8');
+function assert(condition, message) {
+  if (!condition) {
+    console.error(`desktop-tray-icon smoke failed: ${message}`);
+    process.exit(1);
+  }
+}
+assert(
+  main.includes('function normalizeTrayIcon'),
+  'tray icons should be normalized before creating the Electron Tray',
+);
+assert(
+  main.includes("process.platform === 'darwin'") && main.includes('width: 18') && main.includes('height: 18'),
+  'macOS menu bar icon should be resized to 18x18 instead of using the 1024 app icon',
+);
+assert(
+  main.includes('setTemplateImage(true)'),
+  'macOS menu bar icon should be marked as a template image',
+);
+assert(
+  main.includes('return normalizeTrayIcon(nativeImage.createFromPath(p))'),
+  'resolveTrayIcon should return the normalized image',
+);
+console.log('desktop-tray-icon smoke passed');

package/scripts/smoke/mac-desktop-runtime.mjs ADDED Viewed

@@ -0,0 +1,43 @@
+#!/usr/bin/env node
+import { readFileSync } from 'node:fs';
+const installJobs = readFileSync('server/services/install-jobs.js', 'utf8');
+const taskmaster = readFileSync('server/routes/taskmaster.js', 'utf8');
+const codexAuth = readFileSync('server/modules/providers/list/codex/codex-auth.provider.ts', 'utf8');
+const cursorAuth = readFileSync('server/modules/providers/list/cursor/cursor-auth.provider.ts', 'utf8');
+const geminiAuth = readFileSync('server/modules/providers/list/gemini/gemini-auth.provider.ts', 'utf8');
+const qwenAuth = readFileSync('server/modules/providers/list/qwen/qwen-auth.provider.ts', 'utf8');
+function assert(condition, message) {
+  if (!condition) {
+    console.error(`mac-desktop-runtime smoke failed: ${message}`);
+    process.exit(1);
+  }
+}
+assert(
+  installJobs.includes('function collectUserShellPath'),
+  'install-jobs should hydrate PATH from the user shell for macOS GUI launches',
+);
+assert(
+  installJobs.includes("'.nvm'") && installJobs.includes("'.volta'") && installJobs.includes("'.asdf'"),
+  'install-jobs should search common user Node manager bin directories',
+);
+assert(
+  installJobs.includes("findExecutableOnPath('npm'") && installJobs.includes('buildCliSpawnEnv'),
+  'Task/CLI installers should resolve npm from the augmented runtime PATH before spawning',
+);
+assert(
+  taskmaster.includes('findExecutableOnPath') && !taskmaster.includes("spawn('which'"),
+  'TaskMaster status should use Pixcode executable resolution, not bare which from a minimal GUI PATH',
+);
+assert(codexAuth.includes('CODEX_CLI_PATH'), 'Codex auth should honor CODEX_CLI_PATH');
+assert(cursorAuth.includes('CURSOR_CLI_PATH'), 'Cursor auth should honor CURSOR_CLI_PATH');
+assert(geminiAuth.includes('GEMINI_CLI_PATH'), 'Gemini auth should honor GEMINI_CLI_PATH');
+assert(qwenAuth.includes('QWEN_CLI_PATH'), 'Qwen auth should honor QWEN_CLI_PATH');
+console.log('mac-desktop-runtime smoke passed');

package/scripts/smoke/multi-project-ui.mjs ADDED Viewed

@@ -0,0 +1,45 @@
+#!/usr/bin/env node
+import { readFileSync } from 'node:fs';
+const chatComposer = readFileSync('src/components/chat/view/subcomponents/ChatComposer.tsx', 'utf8');
+const workerSlotsControl = readFileSync('src/components/chat/view/subcomponents/WorkerSlotsControl.tsx', 'utf8');
+const mainContent = readFileSync('src/components/main-content/view/MainContent.tsx', 'utf8');
+function assert(condition, message) {
+  if (!condition) {
+    console.error(`multi-project-ui smoke failed: ${message}`);
+    process.exit(1);
+  }
+}
+assert(
+  chatComposer.includes('worker-slot-composer-rail'),
+  'chat composer should render the multi-project launcher in a dedicated rail next to submit',
+);
+assert(
+  /<WorkerSlotsControl[\s\S]*align="right"/.test(chatComposer),
+  'chat composer should right-align the worker slot popover near the submit button',
+);
+assert(
+  workerSlotsControl.includes('MAX_WORKER_SLOTS') && workerSlotsControl.includes('workerSlotsFull'),
+  'worker slots control should keep the four-slot limit visible in the UI',
+);
+assert(
+  workerSlotsControl.includes('translate-y-0') && workerSlotsControl.includes('opacity-100'),
+  'worker slots popover should animate into view instead of appearing abruptly',
+);
+assert(
+  mainContent.includes('x: 28') && mainContent.includes("transformOrigin: 'right center'"),
+  'right side panels should animate from the right edge toward the left',
+);
+assert(
+  mainContent.includes('transition-[width,opacity,transform]'),
+  'split panes should animate width, opacity, and transform changes',
+);
+console.log('multi-project-ui smoke passed');

package/scripts/smoke/orchestration-permission-fallback.mjs ADDED Viewed

@@ -0,0 +1,34 @@
+#!/usr/bin/env node
+import { readFileSync } from 'node:fs';
+const runner = readFileSync('server/modules/orchestration/workflows/workflow-runner.ts', 'utf8');
+const workspaceTarget = readFileSync('server/modules/orchestration/workflows/workspace-target.ts', 'utf8');
+function assert(condition, message) {
+  if (!condition) {
+    console.error(`orchestration-permission-fallback smoke failed: ${message}`);
+    process.exit(1);
+  }
+}
+assert(
+  runner.includes('isExternalDirectoryPermissionError'),
+  'workflow runner should classify external_directory permission failures',
+);
+assert(
+  runner.includes('buildPermissionFallbackOutput') && runner.includes('buildFallbackFinalReport'),
+  'workflow runner should synthesize user-facing outputs instead of failing the whole run',
+);
+assert(
+  runner.includes('resolveNodePermissionMode') && runner.includes('bypassPermissions'),
+  'host workspace orchestration should avoid default auto-reject permission mode for selected project paths',
+);
+assert(
+  workspaceTarget.includes('Do not access parent directories') && workspaceTarget.includes('If a tool reports a permission denial'),
+  'workspace prompt should tell agents to stay inside the selected workspace and report permission denials',
+);
+console.log('orchestration-permission-fallback smoke passed');

package/server/modules/orchestration/workflows/workflow-runner.ts CHANGED Viewed

@@ -7,6 +7,7 @@ import type {
   WorkflowRun,
 } from '@/modules/orchestration/workflows/workflow.types.js';
 import {
+  type ResolvedWorkspaceTarget,
   resolveWorkflowWorkspace,
   workspaceContextPrompt,
   workspaceTargetMetadata,
@@ -362,6 +363,92 @@ function compactOutputForContext(text: string): string {
   ].join('');
 }
+function isExternalDirectoryPermissionError(value: unknown): boolean {
+  const text = String(value ?? '').toLocaleLowerCase('en');
+  return (
+    text.includes('external_directory') ||
+    /permission requested:.*auto-rejecting/u.test(text) ||
+    /auto-rejecting.*permission/u.test(text) ||
+    /outside (the )?(workspace|working directory)/u.test(text) ||
+    /permission.*external/u.test(text)
+  );
+}
+function isFinalReportNode(node: WorkflowNode): boolean {
+  return node.id === 'final_report' || node.stage === 'final_report' || node.stage === 'report';
+}
+function workspaceNeedsHostPermissionBypass(target: ResolvedWorkspaceTarget): boolean {
+  return (target.kind === 'selected_project' || target.kind === 'custom') && target.projectPath !== target.appRoot;
+}
+function resolveNodePermissionMode(node: WorkflowNode, target: ResolvedWorkspaceTarget): string | undefined {
+  if (node.permissionMode && node.permissionMode !== 'default') {
+    return node.permissionMode;
+  }
+  if (workspaceNeedsHostPermissionBypass(target)) {
+    return 'bypassPermissions';
+  }
+  return node.permissionMode;
+}
+function buildPermissionFallbackOutput(
+  node: WorkflowNode,
+  reason: string,
+  target: ResolvedWorkspaceTarget,
+): string {
+  return [
+    'Bu adım çalışma alanı izin sınırına takıldı.',
+    '',
+    `Ajan: ${node.agentLabel || node.id}`,
+    `Hedef çalışma alanı: ${target.projectPath}`,
+    `Hata: ${reason}`,
+    '',
+    'Pixcode bu adımı workflow dışına taşırmadan devam ettirdi. Ajan aynı dış dizin yoluna tekrar tekrar erişmek yerine mevcut bağlamla ilerlemeli.',
+  ].join('\n');
+}
+function buildFallbackFinalReport(
+  outputs: Map<string, string>,
+  reason: string,
+  target: ResolvedWorkspaceTarget,
+): string {
+  const completedOutputs = [...outputs.entries()]
+    .map(([nodeId, output]) => [`## ${nodeId}`, output || '(çıktı yok)'].join('\n'))
+    .join('\n\n');
+  return [
+    'Final rapor aracı çalışma alanı izin sınırına takıldı, bu yüzden Pixcode tamamlanan ajan çıktılarından güvenli bir özet üretti.',
+    '',
+    `Hedef çalışma alanı: ${target.projectPath}`,
+    `İzin hatası: ${reason}`,
+    '',
+    completedOutputs || 'Bu turda final rapora aktarılabilecek tamamlanmış ajan çıktısı yok.',
+  ].join('\n');
+}
+function completeNodeWithPermissionFallback(
+  nodeRun: WorkflowNodeRun,
+  node: WorkflowNode,
+  outputs: Map<string, string>,
+  completed: Set<string>,
+  reason: string,
+  target: ResolvedWorkspaceTarget,
+): void {
+  const outputText = isFinalReportNode(node)
+    ? buildFallbackFinalReport(outputs, reason, target)
+    : buildPermissionFallbackOutput(node, reason, target);
+  nodeRun.status = 'completed';
+  nodeRun.error = reason;
+  nodeRun.outputText = outputText;
+  nodeRun.finishedAt = nodeRun.finishedAt ?? Date.now();
+  outputs.set(node.id, compactOutputForContext(outputText));
+  completed.add(node.id);
+}
 function expandAgentTeamWorkflow(workflow: Workflow, metadata?: Record<string, unknown>): Workflow {
   const agents = readAgentAssignments(metadata);
   if (agents.length === 0) {
@@ -1316,6 +1403,7 @@ class WorkflowRunner {
     nodeRun.status = 'running';
     nodeRun.startedAt = Date.now();
+    nodeRun.permissionMode = resolveNodePermissionMode(node, resolveWorkflowWorkspace(run.metadata));
     workflowStore.setRun(run);
     const inputContext = node.inputs.map((input) => outputs.get(input)).filter(Boolean).join('\n\n');
@@ -1328,6 +1416,7 @@ class WorkflowRunner {
     const isolation = readIsolation(settings.isolation) ?? node.isolation ?? 'host';
     const keepAfterCompletion = readBoolean(settings.keepWorkspace) ?? true;
     const baseRef = readString(settings.baseRef) ?? 'HEAD';
+    const effectivePermissionMode = resolveNodePermissionMode(node, workspaceTarget);
     let body: { id?: string; error?: { message?: string } };
     try {
       const submit = await fetch(`${localA2ABaseUrl()}/tasks`, {
@@ -1348,7 +1437,7 @@ class WorkflowRunner {
             agentLabel: node.agentLabel,
             assignment: node.assignment,
             model: node.model,
-            permissionMode: node.permissionMode,
+            permissionMode: effectivePermissionMode,
             toolsSettings: node.toolsSettings,
             projectPath,
             workspaceTarget: workspaceTargetMetadata(workspaceTarget),
@@ -1370,6 +1459,11 @@ class WorkflowRunner {
       nodeRun.status = 'failed';
       nodeRun.error = error instanceof Error ? error.message : String(error);
       workflowStore.setRun(run);
+      if (isExternalDirectoryPermissionError(nodeRun.error)) {
+        completeNodeWithPermissionFallback(nodeRun, node, outputs, completed, nodeRun.error, workspaceTarget);
+        workflowStore.setRun(run);
+        return;
+      }
       if (await this.runFallbackAfterFailure(node, workflow, run, outputs, started, completed, nodeRun.error)) {
         return;
       }
@@ -1417,6 +1511,11 @@ class WorkflowRunner {
         outputs.set(node.id, compactOutputForContext(nodeRun.outputText));
       }
       workflowStore.setRun(run);
+      if (isExternalDirectoryPermissionError(nodeRun.error)) {
+        completeNodeWithPermissionFallback(nodeRun, node, outputs, completed, nodeRun.error, workspaceTarget);
+        workflowStore.setRun(run);
+        return;
+      }
       if (await this.runFallbackAfterFailure(node, workflow, run, outputs, started, completed, nodeRun.error)) {
         return;
       }
@@ -1452,6 +1551,11 @@ class WorkflowRunner {
     nodeRun.status = 'failed';
     nodeRun.error = result.error ?? `A2A task ended with ${result.state}`;
     workflowStore.setRun(run);
+    if (isExternalDirectoryPermissionError(`${nodeRun.error}\n${nodeRun.outputText ?? ''}`)) {
+      completeNodeWithPermissionFallback(nodeRun, node, outputs, completed, nodeRun.error, workspaceTarget);
+      workflowStore.setRun(run);
+      return;
+    }
     if (await this.runFallbackAfterFailure(node, workflow, run, outputs, started, completed, nodeRun.error)) {
       return;
     }

package/server/modules/orchestration/workflows/workspace-target.ts CHANGED Viewed

@@ -114,7 +114,9 @@ export function workspaceContextPrompt(target: ResolvedWorkspaceTarget): string
     'Rules:',
     '- Treat the working directory above as the authoritative project/application for this task.',
     '- Do not guess another repository path unless the user explicitly asks for it.',
+    '- Do not access parent directories, sibling projects, or broad external globs outside the working directory unless the user explicitly asks.',
     '- If the user asks to analyze or modify Pixcode/orchestration itself, the target workspace must be the Pixcode app root.',
     '- Before running package-manager commands, inspect the package files in the working directory.',
+    '- If a tool reports a permission denial, summarize the limitation and continue from the provided context instead of retrying the same external path.',
   ].filter(Boolean).join('\n');
 }

package/server/modules/providers/list/codex/codex-auth.provider.ts CHANGED Viewed

@@ -24,8 +24,9 @@ export class CodexProviderAuth implements IProviderAuth {
    * Checks whether Codex is available to the server runtime.
    */
   private checkInstalled(): boolean {
+    const cliPath = process.env.CODEX_CLI_PATH || 'codex';
     try {
-      const result = spawn.sync('codex', ['--version'], { stdio: 'ignore', timeout: 5000 });
+      const result = spawn.sync(cliPath, ['--version'], { stdio: 'ignore', timeout: 5000 });
       return !result.error && result.status === 0;
     } catch {
       return false;

package/server/modules/providers/list/cursor/cursor-auth.provider.ts CHANGED Viewed

@@ -11,12 +11,16 @@ type CursorLoginStatus = {
 };
 export class CursorProviderAuth implements IProviderAuth {
+  private cliPath(): string {
+    return process.env.CURSOR_CLI_PATH || 'cursor-agent';
+  }
   /**
    * Checks whether the cursor-agent CLI is available on this host.
    */
   private checkInstalled(): boolean {
     try {
-      const result = spawn.sync('cursor-agent', ['--version'], { stdio: 'ignore', timeout: 5000 });
+      const result = spawn.sync(this.cliPath(), ['--version'], { stdio: 'ignore', timeout: 5000 });
       return !result.error && result.status === 0;
     } catch {
       return false;
@@ -74,7 +78,7 @@ export class CursorProviderAuth implements IProviderAuth {
       }, 5000);
       try {
-        childProcess = spawn('cursor-agent', ['status']);
+        childProcess = spawn(this.cliPath(), ['status']);
       } catch {
         clearTimeout(timeout);
         processCompleted = true;

package/server/modules/providers/list/gemini/gemini-auth.provider.ts CHANGED Viewed

@@ -24,7 +24,7 @@ export class GeminiProviderAuth implements IProviderAuth {
    * Checks whether the Gemini CLI is available on this host.
    */
   private checkInstalled(): boolean {
-    const cliPath = process.env.GEMINI_PATH || 'gemini';
+    const cliPath = process.env.GEMINI_CLI_PATH || process.env.GEMINI_PATH || 'gemini';
     try {
       const result = spawn.sync(cliPath, ['--version'], { stdio: 'ignore', timeout: 5000 });
       return !result.error && result.status === 0;

package/server/modules/providers/list/qwen/qwen-auth.provider.ts CHANGED Viewed

@@ -32,7 +32,7 @@ type QwenCredentialsStatus = {
  */
 export class QwenProviderAuth implements IProviderAuth {
   private checkInstalled(): boolean {
-    const cliPath = process.env.QWEN_PATH || 'qwen';
+    const cliPath = process.env.QWEN_CLI_PATH || process.env.QWEN_PATH || 'qwen';
     try {
       const result = spawn.sync(cliPath, ['--version'], { stdio: 'ignore', timeout: 5000 });
       return !result.error && result.status === 0;

package/server/routes/taskmaster.js CHANGED Viewed

@@ -13,13 +13,16 @@ import path from 'path';
 import { spawn } from 'child_process';
 import express from 'express';
+import crossSpawn from 'cross-spawn';
 import { orchestrationTaskService } from '@/modules/orchestration/tasks/orchestration-task.service.js';
 import { extractProjectDirectory } from '../projects.js';
 import {
     cancelInstallJob,
+    buildCliSpawnEnv,
     createInstallJob,
+    findExecutableOnPath,
     getInstallJob,
     snapshotDonePayload
 } from '../services/install-jobs.js';
@@ -34,70 +37,46 @@ const router = express.Router();
  */
 async function checkTaskMasterInstallation() {
     return new Promise((resolve) => {
-        // Check if task-master command is available
-        const child = spawn('which', ['task-master'], {
+        const env = buildCliSpawnEnv();
+        const taskMasterPath = findExecutableOnPath('task-master', env);
+        if (!taskMasterPath) {
+            resolve({
+                isInstalled: false,
+                installPath: null,
+                version: null,
+                reason: 'TaskMaster CLI not found in PATH'
+            });
+            return;
+        }
+        const versionChild = crossSpawn(taskMasterPath, ['--version'], {
             stdio: ['ignore', 'pipe', 'pipe'],
-            shell: true
+            env,
+            windowsHide: true,
         });
-        let output = '';
-        let errorOutput = '';
-        child.stdout.on('data', (data) => {
-            output += data.toString();
-        });
-        child.stderr.on('data', (data) => {
-            errorOutput += data.toString();
-        });
-        child.on('close', (code) => {
-            if (code === 0 && output.trim()) {
-                // TaskMaster is installed, get version
-                const versionChild = spawn('task-master', ['--version'], {
-                    stdio: ['ignore', 'pipe', 'pipe'],
-                    shell: true
-                });
-                let versionOutput = '';
-                versionChild.stdout.on('data', (data) => {
-                    versionOutput += data.toString();
-                });
+        let versionOutput = '';
-                versionChild.on('close', (versionCode) => {
-                    resolve({
-                        isInstalled: true,
-                        installPath: output.trim(),
-                        version: versionCode === 0 ? versionOutput.trim() : 'unknown',
-                        reason: null
-                    });
-                });
+        versionChild.stdout?.on('data', (data) => {
+            versionOutput += data.toString();
+        });
-                versionChild.on('error', () => {
-                    resolve({
-                        isInstalled: true,
-                        installPath: output.trim(),
-                        version: 'unknown',
-                        reason: null
-                    });
-                });
-            } else {
-                resolve({
-                    isInstalled: false,
-                    installPath: null,
-                    version: null,
-                    reason: 'TaskMaster CLI not found in PATH'
-                });
-            }
+        versionChild.on('close', (versionCode) => {
+            resolve({
+                isInstalled: true,
+                installPath: taskMasterPath,
+                version: versionCode === 0 ? versionOutput.trim() : 'unknown',
+                reason: null
+            });
         });
-        child.on('error', (error) => {
+        versionChild.on('error', () => {
             resolve({
-                isInstalled: false,
-                installPath: null,
-                version: null,
-                reason: `Error checking installation: ${error.message}`
+                isInstalled: true,
+                installPath: taskMasterPath,
+                version: 'unknown',
+                reason: null
             });
         });
     });