@pixelbyte-software/pixcode 1.48.5 → 1.49.0

package/scripts/update-git-install.mjs

@@ -7,6 +7,28 @@ const repoRoot = process.cwd();
 const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
 const stashMessage = `pixcode-auto-update-${timestamp}`;
 const backupBranch = `pixcode-backup-before-update-${timestamp}`;
+const dependencyManifestFiles = new Set([
+  'package.json',
+  'package-lock.json',
+  'npm-shrinkwrap.json',
+]);
+const buildInputFiles = new Set([
+  'index.html',
+  'tsconfig.json',
+  'vite.config.js',
+  'vite.config.ts',
+  'tailwind.config.js',
+  'tailwind.config.ts',
+  'postcss.config.js',
+  'postcss.config.cjs',
+  'server/tsconfig.json',
+]);
+const buildInputPrefixes = [
+  'src/',
+  'server/',
+  'shared/',
+  'public/',
+];
 
 function log(message) {
   process.stdout.write(`${message}\n`);
@@ -63,6 +85,113 @@ async function getOutput(command, args, options = {}) {
   return result.stdout.trim();
 }
 
+function normalizeGitPath(filePath) {
+  return filePath.replace(/\\/g, '/').replace(/^\.\//, '');
+}
+
+function readJson(relativePath) {
+  try {
+    return JSON.parse(fs.readFileSync(path.join(repoRoot, relativePath), 'utf8'));
+  } catch {
+    return null;
+  }
+}
+
+function dependencySignature(packageJson) {
+  if (!packageJson || typeof packageJson !== 'object') return null;
+
+  return JSON.stringify({
+    dependencies: packageJson.dependencies || {},
+    devDependencies: packageJson.devDependencies || {},
+    optionalDependencies: packageJson.optionalDependencies || {},
+    peerDependencies: packageJson.peerDependencies || {},
+    bundledDependencies: packageJson.bundledDependencies || packageJson.bundleDependencies || [],
+  });
+}
+
+function lockfileSignature(lockfile) {
+  if (!lockfile || typeof lockfile !== 'object') return null;
+
+  const normalizedPackages = {};
+  if (lockfile.packages && typeof lockfile.packages === 'object') {
+    for (const [packagePath, packageInfo] of Object.entries(lockfile.packages)) {
+      if (!packageInfo || typeof packageInfo !== 'object') {
+        normalizedPackages[packagePath] = packageInfo;
+        continue;
+      }
+
+      if (packagePath === '') {
+        const {
+          version: _version,
+          ...rootPackageInfo
+        } = packageInfo;
+        normalizedPackages[packagePath] = rootPackageInfo;
+      } else {
+        normalizedPackages[packagePath] = packageInfo;
+      }
+    }
+  }
+
+  return JSON.stringify({
+    dependencies: lockfile.dependencies || {},
+    packages: normalizedPackages,
+  });
+}
+
+function shouldRunNpmInstall(changedFiles, previousPackageJson, nextPackageJson, previousLockfile, nextLockfile) {
+  const changedManifest = changedFiles.some((filePath) => dependencyManifestFiles.has(filePath));
+  if (!changedManifest) return false;
+
+  if (!previousPackageJson || !nextPackageJson) return true;
+
+  if (dependencySignature(previousPackageJson) !== dependencySignature(nextPackageJson)) {
+    return true;
+  }
+
+  if (changedFiles.some((filePath) => filePath === 'package-lock.json' || filePath === 'npm-shrinkwrap.json')) {
+    return lockfileSignature(previousLockfile) !== lockfileSignature(nextLockfile);
+  }
+
+  return false;
+}
+
+function shouldRunBuild(changedFiles, previousPackageJson, nextPackageJson, installNeeded) {
+  if (!nextPackageJson?.scripts?.build) return false;
+  if (installNeeded) return true;
+
+  if (previousPackageJson?.scripts?.build !== nextPackageJson.scripts.build) {
+    return true;
+  }
+
+  return changedFiles.some((filePath) => (
+    buildInputFiles.has(filePath)
+    || buildInputPrefixes.some((prefix) => filePath.startsWith(prefix))
+  ));
+}
+
+async function getChangedFiles(fromRef, toRef) {
+  const output = await getOutput('git', ['diff', '--name-only', fromRef, toRef]);
+  return output
+    .split('\n')
+    .map((filePath) => normalizeGitPath(filePath.trim()))
+    .filter(Boolean);
+}
+
+function logChangedFiles(changedFiles) {
+  if (changedFiles.length === 0) {
+    log('Changed files: none.');
+    return;
+  }
+
+  log(`Changed files: ${changedFiles.length}.`);
+  for (const filePath of changedFiles.slice(0, 25)) {
+    log(`  - ${filePath}`);
+  }
+  if (changedFiles.length > 25) {
+    log(`  ... and ${changedFiles.length - 25} more`);
+  }
+}
+
 async function main() {
   if (!fs.existsSync(path.join(repoRoot, '.git'))) {
     throw new Error(`Git metadata not found in ${repoRoot}`);
@@ -95,9 +224,20 @@ async function main() {
   }
 
   const checkoutMain = await run('git', ['checkout', 'main'], { allowFailure: true, collectOutput: true });
+  let changedFiles = [];
+  let previousPackageJson = null;
+  let previousLockfile = null;
+
   if (checkoutMain.code !== 0) {
     log('Local main branch checkout failed; recreating main from origin/main.');
     await run('git', ['checkout', '-B', 'main', 'origin/main']);
+    changedFiles = ['package.json', 'src/__unknown__'];
+    log('Changed files could not be compared because local main was recreated; running safe reconciliation.');
+  } else {
+    previousPackageJson = readJson('package.json');
+    previousLockfile = readJson('package-lock.json') || readJson('npm-shrinkwrap.json');
+    changedFiles = await getChangedFiles('HEAD', 'origin/main');
+    logChangedFiles(changedFiles);
   }
 
   const isAncestor = await run('git', ['merge-base', '--is-ancestor', 'HEAD', 'origin/main'], {
@@ -118,13 +258,31 @@ async function main() {
   const packageVersion = JSON.parse(fs.readFileSync(path.join(repoRoot, 'package.json'), 'utf8')).version;
   log(`Repository updated to Pixcode ${packageVersion}.`);
 
-  await run('npm', ['install', '--no-audit', '--no-fund']);
-  const updatedPackageJson = JSON.parse(fs.readFileSync(path.join(repoRoot, 'package.json'), 'utf8'));
-  if (updatedPackageJson.scripts?.build) {
+  const updatedPackageJson = readJson('package.json');
+  const updatedLockfile = readJson('package-lock.json') || readJson('npm-shrinkwrap.json');
+  const installNeeded = shouldRunNpmInstall(
+    changedFiles,
+    previousPackageJson,
+    updatedPackageJson,
+    previousLockfile,
+    updatedLockfile,
+  );
+  const buildNeeded = shouldRunBuild(changedFiles, previousPackageJson, updatedPackageJson, installNeeded);
+
+  if (installNeeded) {
+    log('Installing dependencies because package manifests changed.');
+    await run('npm', ['install', '--no-audit', '--no-fund']);
+  } else {
+    log('Dependencies unchanged; skipping npm install.');
+  }
+
+  if (buildNeeded) {
     log('Building Pixcode source install.');
     await run('npm', ['run', 'build']);
   } else {
-    log('No build script found; skipping build.');
+    log(updatedPackageJson?.scripts?.build
+      ? 'Build inputs unchanged; skipping build.'
+      : 'No build script found; skipping build.');
   }
   log('Pixcode git install update completed.');
 }

package/server/index.js

@@ -32,6 +32,10 @@ const SERVER_VERSION = (() => {
         return '0.0.0';
     }
 })();
+const HERMES_SHELL_COMMANDS = new Set([
+    'pixcode:hermes:start',
+    'pixcode:hermes:install',
+]);
 const DAEMON_COMMAND_CONTEXT = {
     appRoot: APP_ROOT,
     cliEntry: path.join(APP_ROOT, 'server', 'cli.js'),
@@ -105,7 +109,7 @@ import {
 } from './services/provider-credentials.js';
 import { primeCliBinPath } from './services/install-jobs.js';
 import { startEnabledPluginServers, stopAllPlugins, getPluginPort } from './utils/plugin-process-manager.js';
-import { initializeDatabase, sessionNamesDb, applyCustomSessionNames } from './database/db.js';
+import { initializeDatabase, sessionNamesDb, applyCustomSessionNames, apiKeysDb } from './database/db.js';
 import { setNotificationWebSocketServer } from './services/notification-orchestrator.js';
 import { configureWebPush } from './services/vapid-keys.js';
 import { validateApiKey, authenticateToken, authenticateWebSocket } from './middleware/auth.js';
@@ -323,6 +327,71 @@ function killProviderPtySessions(projectPath, provider) {
     return killed;
 }
 
+function shellQuotePosix(value) {
+    return `'${String(value).replace(/'/g, `'\\''`)}'`;
+}
+
+function shellQuotePowerShell(value) {
+    return `'${String(value).replace(/'/g, "''")}'`;
+}
+
+function resolvePublicBaseUrl(request) {
+    const headers = request?.headers || {};
+    const forwardedProto = String(headers['x-forwarded-proto'] || '').split(',')[0].trim();
+    const proto = forwardedProto || (request?.socket?.encrypted ? 'https' : 'http');
+    const host = headers['x-forwarded-host'] || headers.host || `127.0.0.1:${process.env.SERVER_PORT || process.env.PORT || '3001'}`;
+    return `${proto}://${String(host).split(',')[0].trim()}`;
+}
+
+function getOrCreateHermesApiKey(userId) {
+    if (!userId) return null;
+
+    const existing = apiKeysDb
+        .getApiKeys(userId)
+        .find((key) => key.key_name === 'Hermes Agent MCP' && key.is_active);
+    if (existing?.api_key) {
+        return existing.api_key;
+    }
+
+    return apiKeysDb.createApiKey(userId, 'Hermes Agent MCP', [
+        'hermes:mcp',
+        'projects:read',
+        'providers:read',
+        'terminal:launch',
+    ]).apiKey;
+}
+
+function buildHermesShellCommand(kind, env) {
+    const configureScript = path.join(APP_ROOT, 'scripts', 'hermes', 'configure-pixcode-mcp.mjs');
+    const isWindows = os.platform() === 'win32';
+    const quote = isWindows ? shellQuotePowerShell : shellQuotePosix;
+    const configure = `node ${quote(configureScript)}`;
+
+    if (isWindows) {
+        const setEnv = [
+            `$env:PIXCODE_BASE_URL=${quote(env.PIXCODE_BASE_URL)}`,
+            `$env:PIXCODE_API_KEY=${quote(env.PIXCODE_API_KEY)}`,
+            `$env:PIXCODE_APP_ROOT=${quote(env.PIXCODE_APP_ROOT)}`,
+        ].join('; ');
+        const install = '& ([scriptblock]::Create((irm https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scripts/install.ps1))) -SkipSetup -Branch main';
+        if (kind === 'pixcode:hermes:install') {
+            return `${setEnv}; ${install}; ${configure}`;
+        }
+        return `${setEnv}; ${configure}; if (-not (Get-Command hermes -ErrorAction SilentlyContinue)) { ${install} }; hermes chat --toolsets "hermes-cli,mcp-pixcode"`;
+    }
+
+    const setEnv = [
+        `PIXCODE_BASE_URL=${quote(env.PIXCODE_BASE_URL)}`,
+        `PIXCODE_API_KEY=${quote(env.PIXCODE_API_KEY)}`,
+        `PIXCODE_APP_ROOT=${quote(env.PIXCODE_APP_ROOT)}`,
+    ].join(' ');
+    const install = 'curl -fsSL https://raw.githubusercontent.com/NousResearch/hermes-agent/main/scripts/install.sh | bash';
+    if (kind === 'pixcode:hermes:install') {
+        return `${setEnv} sh -lc ${quote(`${install} && node ${shellQuotePosix(configureScript)}`)}`;
+    }
+    return `${setEnv} sh -lc ${quote(`node ${shellQuotePosix(configureScript)} && if ! command -v hermes >/dev/null 2>&1; then ${install}; fi; hermes chat --toolsets "hermes-cli,mcp-pixcode"`)}`;
+}
+
 // Single WebSocket server that handles both paths
 const wss = new WebSocketServer({
     server,
@@ -1851,7 +1920,7 @@ wss.on('connection', (ws, request) => {
     const pathname = urlObj.pathname;
 
     if (pathname === '/shell') {
-        handleShellConnection(ws);
+        handleShellConnection(ws, request);
     } else if (pathname === '/ws') {
         handleChatConnection(ws, request);
     } else if (pathname.startsWith('/plugin-ws/')) {
@@ -2060,7 +2129,7 @@ function handleChatConnection(ws, request) {
 }
 
 // Handle shell WebSocket connections
-function handleShellConnection(ws) {
+function handleShellConnection(ws, request) {
     console.log('🐚 Shell client connected');
     let shellProcess = null;
     let ptySessionKey = null;
@@ -2090,7 +2159,20 @@ function handleShellConnection(ws) {
                 const sessionId = data.sessionId;
                 const hasSession = data.hasSession;
                 const provider = data.provider || 'claude';
-                const initialCommand = data.initialCommand;
+                let initialCommand = data.initialCommand;
+                const hermesCommand = HERMES_SHELL_COMMANDS.has(initialCommand) ? initialCommand : null;
+                if (hermesCommand) {
+                    const apiKey = getOrCreateHermesApiKey(request?.user?.id);
+                    if (!apiKey) {
+                        ws.send(JSON.stringify({ type: 'error', message: 'Hermes MCP could not create a Pixcode API key for this user.' }));
+                        return;
+                    }
+                    initialCommand = buildHermesShellCommand(hermesCommand, {
+                        PIXCODE_BASE_URL: resolvePublicBaseUrl(request),
+                        PIXCODE_API_KEY: apiKey,
+                        PIXCODE_APP_ROOT: APP_ROOT,
+                    });
+                }
                 const isPlainShell = data.isPlainShell || (!!initialCommand && !hasSession) || provider === 'plain-shell';
                 const forceNewSession = Boolean(data.forceNewSession);
                 urlDetectionBuffer = '';
@@ -2173,7 +2255,7 @@ function handleShellConnection(ws) {
                 console.log('📋 Session info:', hasSession ? `Resume session ${sessionId}` : (isPlainShell ? 'Plain shell mode' : 'New session'));
                 console.log('🤖 Provider:', isPlainShell ? 'plain-shell' : provider);
                 if (initialCommand) {
-                    console.log('⚡ Initial command:', initialCommand);
+                    console.log('⚡ Initial command:', hermesCommand ? hermesCommand : initialCommand);
                 }
 
                 // First send a welcome message
@@ -2318,7 +2400,7 @@ function handleShellConnection(ws) {
                         }
                     }
 
-                    console.log('🔧 Executing shell command:', shellCommand || 'interactive shell');
+                    console.log('🔧 Executing shell command:', hermesCommand ? hermesCommand : (shellCommand || 'interactive shell'));
 
                     // Use appropriate shell based on platform
                     const shell = os.platform() === 'win32' ? 'powershell.exe' : 'bash';

package/server/modules/orchestration/hermes/hermes.routes.ts

@@ -5,6 +5,21 @@ import express, { type Router } from 'express';
 import { adapterRegistry } from '@/modules/orchestration/a2a/adapter-registry.js';
 import { a2aTaskStore as hermesTaskStore } from '@/modules/orchestration/a2a/task-store.js';
 
+const HERMES_TERMINAL_LAUNCH_LIMIT = 100;
+const HERMES_TERMINAL_LAUNCH_PROVIDERS = new Set(['claude', 'codex', 'cursor', 'gemini', 'qwen', 'opencode']);
+
+type HermesTerminalLaunchEvent = {
+  id: number;
+  provider: string;
+  projectPath: string | null;
+  prompt: string | null;
+  source: string;
+  createdAt: string;
+};
+
+let nextHermesTerminalLaunchId = 1;
+const hermesTerminalLaunches: HermesTerminalLaunchEvent[] = [];
+
 export function createHermesRouter(): Router {
   const router = express.Router();
 
@@ -53,6 +68,46 @@ export function createHermesRouter(): Router {
     });
   });
 
+  router.get('/terminal-launches', (req, res) => {
+    const after = Number.parseInt(typeof req.query.after === 'string' ? req.query.after : '0', 10);
+    const afterId = Number.isFinite(after) ? after : 0;
+    res.json({
+      events: hermesTerminalLaunches.filter((event) => event.id > afterId),
+    });
+  });
+
+  router.post('/terminal-launches', (req, res) => {
+    const body = (req.body ?? {}) as Record<string, unknown>;
+    const provider = typeof body.provider === 'string' ? body.provider.trim() : '';
+    if (!HERMES_TERMINAL_LAUNCH_PROVIDERS.has(provider)) {
+      res.status(400).json({ error: { code: 'INVALID_PROVIDER', message: provider || 'provider is required' } });
+      return;
+    }
+
+    const projectPath = typeof body.projectPath === 'string' && body.projectPath.trim()
+      ? body.projectPath.trim()
+      : null;
+    const prompt = typeof body.prompt === 'string' && body.prompt.trim()
+      ? body.prompt.trim()
+      : null;
+
+    const event: HermesTerminalLaunchEvent = {
+      id: nextHermesTerminalLaunchId,
+      provider,
+      projectPath,
+      prompt,
+      source: 'hermes-mcp',
+      createdAt: new Date().toISOString(),
+    };
+    nextHermesTerminalLaunchId += 1;
+    hermesTerminalLaunches.push(event);
+    if (hermesTerminalLaunches.length > HERMES_TERMINAL_LAUNCH_LIMIT) {
+      hermesTerminalLaunches.splice(0, hermesTerminalLaunches.length - HERMES_TERMINAL_LAUNCH_LIMIT);
+    }
+
+    res.status(201).json({ event });
+  });
+
   router.get('/tasks/:id', (req, res) => {
     const task = hermesTaskStore.get(req.params.id);
     if (!task) {