@pixelbyte-software/pixcode 1.54.11 → 1.55.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (165) hide show
  1. package/dist/assets/{index-Bcqs_1vc.js → index-B-ySsQqi.js} +147 -147
  2. package/dist/assets/index-CWO38aJI.css +32 -0
  3. package/dist/index.html +2 -2
  4. package/dist-server/server/claude-sdk.js +1 -1
  5. package/dist-server/server/claude-sdk.js.map +1 -1
  6. package/dist-server/server/index.js +6 -11
  7. package/dist-server/server/index.js.map +1 -1
  8. package/dist-server/server/modules/security/permission-policy.js.map +1 -0
  9. package/dist-server/server/services/control-room.js +9 -1
  10. package/dist-server/server/services/control-room.js.map +1 -1
  11. package/dist-server/server/services/public-api-manifest.js +5 -5
  12. package/dist-server/server/services/public-api-manifest.js.map +1 -1
  13. package/dist-server/server/services/telegram/control-center.js +10 -10
  14. package/dist-server/server/services/telegram/control-center.js.map +1 -1
  15. package/dist-server/server/services/telegram/telegram-gateway.js +2 -2
  16. package/dist-server/server/services/telegram/telegram-gateway.js.map +1 -1
  17. package/dist-server/server/services/telegram/translations.js +5 -5
  18. package/dist-server/server/services/telegram/translations.js.map +1 -1
  19. package/package.json +1 -1
  20. package/server/claude-sdk.js +1 -1
  21. package/server/index.js +6 -23
  22. package/server/services/control-room.js +10 -1
  23. package/server/services/public-api-manifest.js +5 -5
  24. package/server/services/telegram/control-center.js +10 -10
  25. package/server/services/telegram/telegram-gateway.js +2 -2
  26. package/server/services/telegram/translations.js +5 -5
  27. package/dist/assets/index-Dz1luE0u.css +0 -32
  28. package/dist-server/server/modules/orchestration/a2a/adapter-registry.js +0 -73
  29. package/dist-server/server/modules/orchestration/a2a/adapter-registry.js.map +0 -1
  30. package/dist-server/server/modules/orchestration/a2a/adapters/abstract-a2a.adapter.js +0 -17
  31. package/dist-server/server/modules/orchestration/a2a/adapters/abstract-a2a.adapter.js.map +0 -1
  32. package/dist-server/server/modules/orchestration/a2a/adapters/claude-code.adapter.js +0 -236
  33. package/dist-server/server/modules/orchestration/a2a/adapters/claude-code.adapter.js.map +0 -1
  34. package/dist-server/server/modules/orchestration/a2a/adapters/codex.adapter.js +0 -202
  35. package/dist-server/server/modules/orchestration/a2a/adapters/codex.adapter.js.map +0 -1
  36. package/dist-server/server/modules/orchestration/a2a/adapters/cursor.adapter.js +0 -205
  37. package/dist-server/server/modules/orchestration/a2a/adapters/cursor.adapter.js.map +0 -1
  38. package/dist-server/server/modules/orchestration/a2a/adapters/gemini.adapter.js +0 -205
  39. package/dist-server/server/modules/orchestration/a2a/adapters/gemini.adapter.js.map +0 -1
  40. package/dist-server/server/modules/orchestration/a2a/adapters/json-event.adapter.js +0 -84
  41. package/dist-server/server/modules/orchestration/a2a/adapters/json-event.adapter.js.map +0 -1
  42. package/dist-server/server/modules/orchestration/a2a/adapters/json-event.adapter.test.js +0 -43
  43. package/dist-server/server/modules/orchestration/a2a/adapters/json-event.adapter.test.js.map +0 -1
  44. package/dist-server/server/modules/orchestration/a2a/adapters/opencode.adapter.js +0 -205
  45. package/dist-server/server/modules/orchestration/a2a/adapters/opencode.adapter.js.map +0 -1
  46. package/dist-server/server/modules/orchestration/a2a/adapters/qwen.adapter.js +0 -205
  47. package/dist-server/server/modules/orchestration/a2a/adapters/qwen.adapter.js.map +0 -1
  48. package/dist-server/server/modules/orchestration/a2a/agent-card.js +0 -50
  49. package/dist-server/server/modules/orchestration/a2a/agent-card.js.map +0 -1
  50. package/dist-server/server/modules/orchestration/a2a/auth.middleware.js +0 -25
  51. package/dist-server/server/modules/orchestration/a2a/auth.middleware.js.map +0 -1
  52. package/dist-server/server/modules/orchestration/a2a/bus.js +0 -34
  53. package/dist-server/server/modules/orchestration/a2a/bus.js.map +0 -1
  54. package/dist-server/server/modules/orchestration/a2a/routes.js +0 -502
  55. package/dist-server/server/modules/orchestration/a2a/routes.js.map +0 -1
  56. package/dist-server/server/modules/orchestration/a2a/task-dispatcher.js +0 -295
  57. package/dist-server/server/modules/orchestration/a2a/task-dispatcher.js.map +0 -1
  58. package/dist-server/server/modules/orchestration/a2a/task-store.js +0 -144
  59. package/dist-server/server/modules/orchestration/a2a/task-store.js.map +0 -1
  60. package/dist-server/server/modules/orchestration/a2a/types.js +0 -6
  61. package/dist-server/server/modules/orchestration/a2a/types.js.map +0 -1
  62. package/dist-server/server/modules/orchestration/a2a/validator.js +0 -101
  63. package/dist-server/server/modules/orchestration/a2a/validator.js.map +0 -1
  64. package/dist-server/server/modules/orchestration/index.js +0 -27
  65. package/dist-server/server/modules/orchestration/index.js.map +0 -1
  66. package/dist-server/server/modules/orchestration/preview/port-watcher.js +0 -90
  67. package/dist-server/server/modules/orchestration/preview/port-watcher.js.map +0 -1
  68. package/dist-server/server/modules/orchestration/preview/preview-proxy.js +0 -58
  69. package/dist-server/server/modules/orchestration/preview/preview-proxy.js.map +0 -1
  70. package/dist-server/server/modules/orchestration/preview/types.js +0 -2
  71. package/dist-server/server/modules/orchestration/preview/types.js.map +0 -1
  72. package/dist-server/server/modules/orchestration/security/permission-policy.js.map +0 -1
  73. package/dist-server/server/modules/orchestration/tasks/orchestration-task-store.js +0 -34
  74. package/dist-server/server/modules/orchestration/tasks/orchestration-task-store.js.map +0 -1
  75. package/dist-server/server/modules/orchestration/tasks/orchestration-task.routes.js +0 -70
  76. package/dist-server/server/modules/orchestration/tasks/orchestration-task.routes.js.map +0 -1
  77. package/dist-server/server/modules/orchestration/tasks/orchestration-task.service.js +0 -181
  78. package/dist-server/server/modules/orchestration/tasks/orchestration-task.service.js.map +0 -1
  79. package/dist-server/server/modules/orchestration/tasks/orchestration-task.types.js +0 -2
  80. package/dist-server/server/modules/orchestration/tasks/orchestration-task.types.js.map +0 -1
  81. package/dist-server/server/modules/orchestration/tasks/task-run-graph.js +0 -100
  82. package/dist-server/server/modules/orchestration/tasks/task-run-graph.js.map +0 -1
  83. package/dist-server/server/modules/orchestration/workflows/approval-queue.js +0 -72
  84. package/dist-server/server/modules/orchestration/workflows/approval-queue.js.map +0 -1
  85. package/dist-server/server/modules/orchestration/workflows/built-in-workflows.js +0 -126
  86. package/dist-server/server/modules/orchestration/workflows/built-in-workflows.js.map +0 -1
  87. package/dist-server/server/modules/orchestration/workflows/context-packet.js +0 -89
  88. package/dist-server/server/modules/orchestration/workflows/context-packet.js.map +0 -1
  89. package/dist-server/server/modules/orchestration/workflows/handoff-artifact.js +0 -123
  90. package/dist-server/server/modules/orchestration/workflows/handoff-artifact.js.map +0 -1
  91. package/dist-server/server/modules/orchestration/workflows/workflow-fallback-policy.js +0 -114
  92. package/dist-server/server/modules/orchestration/workflows/workflow-fallback-policy.js.map +0 -1
  93. package/dist-server/server/modules/orchestration/workflows/workflow-replay.js +0 -177
  94. package/dist-server/server/modules/orchestration/workflows/workflow-replay.js.map +0 -1
  95. package/dist-server/server/modules/orchestration/workflows/workflow-runner.js +0 -1718
  96. package/dist-server/server/modules/orchestration/workflows/workflow-runner.js.map +0 -1
  97. package/dist-server/server/modules/orchestration/workflows/workflow-store.js +0 -76
  98. package/dist-server/server/modules/orchestration/workflows/workflow-store.js.map +0 -1
  99. package/dist-server/server/modules/orchestration/workflows/workflow-templates.js +0 -242
  100. package/dist-server/server/modules/orchestration/workflows/workflow-templates.js.map +0 -1
  101. package/dist-server/server/modules/orchestration/workflows/workflow-trace.js +0 -388
  102. package/dist-server/server/modules/orchestration/workflows/workflow-trace.js.map +0 -1
  103. package/dist-server/server/modules/orchestration/workflows/workflow.routes.js +0 -508
  104. package/dist-server/server/modules/orchestration/workflows/workflow.routes.js.map +0 -1
  105. package/dist-server/server/modules/orchestration/workflows/workflow.types.js +0 -2
  106. package/dist-server/server/modules/orchestration/workflows/workflow.types.js.map +0 -1
  107. package/dist-server/server/modules/orchestration/workflows/workspace-target.js +0 -100
  108. package/dist-server/server/modules/orchestration/workflows/workspace-target.js.map +0 -1
  109. package/dist-server/server/modules/orchestration/workspace/docker-workspace.js +0 -123
  110. package/dist-server/server/modules/orchestration/workspace/docker-workspace.js.map +0 -1
  111. package/dist-server/server/modules/orchestration/workspace/path-safety.js +0 -48
  112. package/dist-server/server/modules/orchestration/workspace/path-safety.js.map +0 -1
  113. package/dist-server/server/modules/orchestration/workspace/types.js +0 -11
  114. package/dist-server/server/modules/orchestration/workspace/types.js.map +0 -1
  115. package/dist-server/server/modules/orchestration/workspace/workspace-manager.js +0 -84
  116. package/dist-server/server/modules/orchestration/workspace/workspace-manager.js.map +0 -1
  117. package/dist-server/server/modules/orchestration/workspace/worktree-workspace.js +0 -97
  118. package/dist-server/server/modules/orchestration/workspace/worktree-workspace.js.map +0 -1
  119. package/server/modules/orchestration/a2a/adapter-registry.ts +0 -108
  120. package/server/modules/orchestration/a2a/adapters/abstract-a2a.adapter.ts +0 -63
  121. package/server/modules/orchestration/a2a/adapters/claude-code.adapter.ts +0 -286
  122. package/server/modules/orchestration/a2a/adapters/codex.adapter.ts +0 -244
  123. package/server/modules/orchestration/a2a/adapters/cursor.adapter.ts +0 -249
  124. package/server/modules/orchestration/a2a/adapters/gemini.adapter.ts +0 -248
  125. package/server/modules/orchestration/a2a/adapters/json-event.adapter.test.ts +0 -60
  126. package/server/modules/orchestration/a2a/adapters/json-event.adapter.ts +0 -101
  127. package/server/modules/orchestration/a2a/adapters/opencode.adapter.ts +0 -248
  128. package/server/modules/orchestration/a2a/adapters/qwen.adapter.ts +0 -248
  129. package/server/modules/orchestration/a2a/agent-card.ts +0 -55
  130. package/server/modules/orchestration/a2a/auth.middleware.ts +0 -29
  131. package/server/modules/orchestration/a2a/bus.ts +0 -46
  132. package/server/modules/orchestration/a2a/routes.ts +0 -586
  133. package/server/modules/orchestration/a2a/task-dispatcher.ts +0 -345
  134. package/server/modules/orchestration/a2a/task-store.ts +0 -178
  135. package/server/modules/orchestration/a2a/types.ts +0 -126
  136. package/server/modules/orchestration/a2a/validator.ts +0 -113
  137. package/server/modules/orchestration/index.ts +0 -99
  138. package/server/modules/orchestration/preview/port-watcher.ts +0 -112
  139. package/server/modules/orchestration/preview/preview-proxy.ts +0 -60
  140. package/server/modules/orchestration/preview/types.ts +0 -19
  141. package/server/modules/orchestration/tasks/orchestration-task-store.ts +0 -41
  142. package/server/modules/orchestration/tasks/orchestration-task.routes.ts +0 -81
  143. package/server/modules/orchestration/tasks/orchestration-task.service.ts +0 -201
  144. package/server/modules/orchestration/tasks/orchestration-task.types.ts +0 -40
  145. package/server/modules/orchestration/tasks/task-run-graph.ts +0 -155
  146. package/server/modules/orchestration/workflows/approval-queue.ts +0 -106
  147. package/server/modules/orchestration/workflows/built-in-workflows.ts +0 -127
  148. package/server/modules/orchestration/workflows/context-packet.ts +0 -186
  149. package/server/modules/orchestration/workflows/handoff-artifact.ts +0 -175
  150. package/server/modules/orchestration/workflows/workflow-fallback-policy.ts +0 -161
  151. package/server/modules/orchestration/workflows/workflow-replay.ts +0 -254
  152. package/server/modules/orchestration/workflows/workflow-runner.ts +0 -2062
  153. package/server/modules/orchestration/workflows/workflow-store.ts +0 -97
  154. package/server/modules/orchestration/workflows/workflow-templates.ts +0 -272
  155. package/server/modules/orchestration/workflows/workflow-trace.ts +0 -424
  156. package/server/modules/orchestration/workflows/workflow.routes.ts +0 -586
  157. package/server/modules/orchestration/workflows/workflow.types.ts +0 -111
  158. package/server/modules/orchestration/workflows/workspace-target.ts +0 -122
  159. package/server/modules/orchestration/workspace/docker-workspace.ts +0 -136
  160. package/server/modules/orchestration/workspace/path-safety.ts +0 -55
  161. package/server/modules/orchestration/workspace/types.ts +0 -52
  162. package/server/modules/orchestration/workspace/workspace-manager.ts +0 -102
  163. package/server/modules/orchestration/workspace/worktree-workspace.ts +0 -126
  164. /package/dist-server/server/modules/{orchestration/security → security}/permission-policy.js +0 -0
  165. /package/server/modules/{orchestration/security → security}/permission-policy.ts +0 -0
@@ -1,586 +0,0 @@
1
- import type { Router } from 'express';
2
- import express from 'express';
3
-
4
- import { workflowRunner } from '@/modules/orchestration/workflows/workflow-runner.js';
5
- import {
6
- type WorkflowReplayScope,
7
- buildWorkflowReplayPlan,
8
- } from '@/modules/orchestration/workflows/workflow-replay.js';
9
- import {
10
- applyWorkflowTemplateToMetadata,
11
- builtInWorkflowTemplates,
12
- getWorkflowTemplate,
13
- } from '@/modules/orchestration/workflows/workflow-templates.js';
14
- import { workflowStore } from '@/modules/orchestration/workflows/workflow-store.js';
15
- import { buildWorkflowTrace } from '@/modules/orchestration/workflows/workflow-trace.js';
16
- import { findPixcodeAppRoot } from '@/modules/orchestration/workflows/workspace-target.js';
17
- import {
18
- listPendingApprovals,
19
- resolvePermissionApproval,
20
- type ApprovalDecisionSource,
21
- } from '@/modules/orchestration/workflows/approval-queue.js';
22
- import {
23
- DEFAULT_PERMISSION_POLICY,
24
- PERMISSION_CAPABILITIES,
25
- PERMISSION_POLICY_MODES,
26
- PIXCODE_PERMISSION_POLICY_PROTOCOL,
27
- evaluatePermissionRequest,
28
- normalizePermissionPolicy,
29
- } from '@/modules/orchestration/security/permission-policy.js';
30
- import { dispatchWebhookEvent } from '@/services/webhooks.js';
31
-
32
- const TERMINAL_RUN_STATES = new Set(['completed', 'failed', 'canceled']);
33
-
34
- function isWindowsLikeProjectId(projectId: string): boolean {
35
- return /^[A-Za-z]--/.test(projectId) || /^[A-Za-z]:[\\/]/.test(projectId);
36
- }
37
-
38
- function normalizeProjectId(projectId: string): string {
39
- return projectId.trim().replace(/\\/g, '/').toLowerCase();
40
- }
41
-
42
- function projectIdsMatch(storedProjectId: unknown, requestedProjectId: string): boolean {
43
- if (typeof storedProjectId !== 'string') return false;
44
- if (storedProjectId === requestedProjectId) return true;
45
-
46
- if (!isWindowsLikeProjectId(storedProjectId) && !isWindowsLikeProjectId(requestedProjectId)) {
47
- return false;
48
- }
49
-
50
- return normalizeProjectId(storedProjectId) === normalizeProjectId(requestedProjectId);
51
- }
52
-
53
- function readLimit(value: unknown): number | undefined {
54
- if (typeof value !== 'string') return undefined;
55
- const parsed = Number.parseInt(value, 10);
56
- if (!Number.isFinite(parsed) || parsed <= 0) return undefined;
57
- return Math.min(parsed, 100);
58
- }
59
-
60
- function readMetadata(body: unknown): Record<string, unknown> | undefined {
61
- if (!body || typeof body !== 'object') return undefined;
62
- const metadata = (body as Record<string, unknown>).metadata;
63
- return metadata && typeof metadata === 'object' ? metadata as Record<string, unknown> : undefined;
64
- }
65
-
66
- function readRequestUserId(req: express.Request): string | number | null {
67
- const user = (req as express.Request & { user?: { id?: string | number; userId?: string | number } }).user;
68
- return user?.id ?? user?.userId ?? null;
69
- }
70
-
71
- function readReplayScope(value: unknown): WorkflowReplayScope {
72
- return value === 'run' ? 'run' : 'node';
73
- }
74
-
75
- function readOptionalString(value: unknown): string | undefined {
76
- return typeof value === 'string' && value.trim() ? value.trim() : undefined;
77
- }
78
-
79
- function readBooleanFlag(value: unknown): boolean {
80
- return value === true || value === 'true' || value === '1';
81
- }
82
-
83
- function replayOptions(req: express.Request): {
84
- scope: WorkflowReplayScope;
85
- fromNodeId?: string;
86
- approveReplay: boolean;
87
- } {
88
- return {
89
- scope: readReplayScope(req.body?.scope ?? req.query.scope),
90
- fromNodeId: readOptionalString(req.body?.fromNodeId ?? req.query.fromNodeId),
91
- approveReplay: readBooleanFlag(req.body?.approveReplay ?? req.query.approveReplay),
92
- };
93
- }
94
-
95
- function readRunArray(run: { metadata?: Record<string, unknown> }, key: string): Array<Record<string, unknown>> {
96
- const value = run.metadata?.[key];
97
- return Array.isArray(value)
98
- ? value.filter((item): item is Record<string, unknown> => Boolean(item && typeof item === 'object'))
99
- : [];
100
- }
101
-
102
- function updateApproval(
103
- run: { metadata?: Record<string, unknown> },
104
- requestId: string,
105
- patch: Record<string, unknown>,
106
- ): boolean {
107
- const approvals = readRunArray(run, 'pendingPermissionApprovals');
108
- let changed = false;
109
- const nextApprovals = approvals.map((approval) => {
110
- if (approval.id !== requestId) return approval;
111
- changed = true;
112
- return {
113
- ...approval,
114
- ...patch,
115
- };
116
- });
117
- if (!changed) return false;
118
- run.metadata = {
119
- ...run.metadata,
120
- pendingPermissionApprovals: nextApprovals,
121
- };
122
- return true;
123
- }
124
-
125
- function sendRunSnapshot(res: express.Response, runId: string): boolean {
126
- const run = workflowStore.getRun(runId);
127
- if (!run) {
128
- res.write(`event: error\ndata: ${JSON.stringify({ error: { code: 'RUN_NOT_FOUND', message: runId } })}\n\n`);
129
- return true;
130
- }
131
-
132
- res.write(`event: snapshot\ndata: ${JSON.stringify({ run })}\n\n`);
133
- return TERMINAL_RUN_STATES.has(run.status);
134
- }
135
-
136
- export function createWorkflowRouter(): Router {
137
- const router = express.Router();
138
- router.use(express.json({ limit: '2mb' }));
139
-
140
- router.get('/workflows', (_req, res) => {
141
- res.json({ workflows: workflowStore.listWorkflows() });
142
- });
143
-
144
- router.get('/workflows/templates', (_req, res) => {
145
- res.json({
146
- templates: builtInWorkflowTemplates,
147
- });
148
- });
149
-
150
- router.get('/workflows/context', (_req, res) => {
151
- res.json({
152
- appRoot: findPixcodeAppRoot(),
153
- defaultWorkspaceTarget: 'selected_project',
154
- supportedWorkspaceTargets: ['selected_project', 'pixcode_app', 'custom'],
155
- });
156
- });
157
-
158
- router.get('/workflows/runs', (req, res) => {
159
- const projectId = typeof req.query.projectId === 'string' ? req.query.projectId : undefined;
160
- const limit = readLimit(req.query.limit);
161
- const runs = projectId
162
- ? workflowStore.listRuns().filter((run) => projectIdsMatch(run.metadata?.projectId, projectId))
163
- : workflowStore.listRuns();
164
- res.json({ runs: limit ? runs.slice(0, limit) : runs });
165
- });
166
-
167
- router.get('/workflows/runs/:runId/events', (req, res) => {
168
- res.setHeader('Content-Type', 'text/event-stream');
169
- res.setHeader('Cache-Control', 'no-cache, no-transform');
170
- res.setHeader('Connection', 'keep-alive');
171
- res.setHeader('X-Accel-Buffering', 'no');
172
- if (typeof res.flushHeaders === 'function') {
173
- res.flushHeaders();
174
- }
175
- if (res.socket && typeof res.socket.setNoDelay === 'function') {
176
- try {
177
- res.socket.setNoDelay(true);
178
- } catch {
179
- // Non-fatal; SSE still works without disabling Nagle.
180
- }
181
- }
182
-
183
- const terminal = sendRunSnapshot(res, req.params.runId);
184
- if (terminal) {
185
- res.end();
186
- return;
187
- }
188
-
189
- const heartbeat = setInterval(() => {
190
- res.write(': ping\n\n');
191
- }, 15_000);
192
- const timer = setInterval(() => {
193
- const done = sendRunSnapshot(res, req.params.runId);
194
- if (done) {
195
- clearInterval(timer);
196
- clearInterval(heartbeat);
197
- res.end();
198
- }
199
- }, 1_000);
200
-
201
- req.on('close', () => {
202
- clearInterval(timer);
203
- clearInterval(heartbeat);
204
- });
205
- });
206
-
207
- router.get('/workflows/runs/:runId/trace', (req, res) => {
208
- const run = workflowStore.getRun(req.params.runId);
209
- if (!run) {
210
- res.status(404).json({ error: { code: 'RUN_NOT_FOUND', message: req.params.runId } });
211
- return;
212
- }
213
-
214
- res.json({
215
- runId: run.id,
216
- trace: buildWorkflowTrace(run),
217
- });
218
- });
219
-
220
- router.get('/workflows/permission-policy', (_req, res) => {
221
- res.json({
222
- protocol: PIXCODE_PERMISSION_POLICY_PROTOCOL,
223
- capabilities: PERMISSION_CAPABILITIES,
224
- modes: PERMISSION_POLICY_MODES,
225
- defaultPolicy: DEFAULT_PERMISSION_POLICY,
226
- });
227
- });
228
-
229
- router.post('/workflows/permission-policy/evaluate', (req, res) => {
230
- try {
231
- res.json({
232
- decision: evaluatePermissionRequest({
233
- policy: normalizePermissionPolicy(req.body?.policy),
234
- request: req.body?.request ?? { source: 'api' },
235
- }),
236
- });
237
- } catch (error) {
238
- res.status(400).json({
239
- error: {
240
- code: 'PERMISSION_POLICY_INVALID',
241
- message: error instanceof Error ? error.message : String(error),
242
- },
243
- });
244
- }
245
- });
246
-
247
- router.get('/workflows/runs/:runId/permission-approvals', (req, res) => {
248
- const run = workflowStore.getRun(req.params.runId);
249
- if (!run) {
250
- res.status(404).json({ error: { code: 'RUN_NOT_FOUND', message: req.params.runId } });
251
- return;
252
- }
253
-
254
- res.json({
255
- runId: run.id,
256
- pendingApprovals: readRunArray(run, 'pendingPermissionApprovals')
257
- .filter((approval) => approval.status === 'pending'),
258
- approvalHistory: readRunArray(run, 'pendingPermissionApprovals')
259
- .filter((approval) => approval.status !== 'pending'),
260
- });
261
- });
262
-
263
- router.get('/workflows/approvals', (req, res) => {
264
- res.json({
265
- pendingApprovals: listPendingApprovals({
266
- projectId: readOptionalString(req.query.projectId),
267
- includeResolved: readBooleanFlag(req.query.includeResolved),
268
- }),
269
- });
270
- });
271
-
272
- router.post('/workflows/approvals/:approvalId', (req, res) => {
273
- const allow = req.body?.allow === true;
274
- const deny = req.body?.allow === false;
275
- if (!allow && !deny) {
276
- res.status(400).json({
277
- error: {
278
- code: 'PERMISSION_DECISION_REQUIRED',
279
- message: 'Approval queue decisions require allow=true or allow=false.',
280
- },
281
- });
282
- return;
283
- }
284
-
285
- const source = ['ui', 'telegram', 'api'].includes(req.body?.source)
286
- ? req.body.source as ApprovalDecisionSource
287
- : 'api';
288
- const result = resolvePermissionApproval({
289
- approvalId: req.params.approvalId,
290
- allow,
291
- source,
292
- resolvedBy: readRequestUserId(req),
293
- message: readOptionalString(req.body?.message),
294
- });
295
- if (!result) {
296
- res.status(404).json({ error: { code: 'APPROVAL_NOT_FOUND', message: req.params.approvalId } });
297
- return;
298
- }
299
-
300
- dispatchWebhookEvent({
301
- type: 'approval.resolved',
302
- payload: {
303
- approvalId: req.params.approvalId,
304
- allow,
305
- source,
306
- runId: result.runId,
307
- },
308
- });
309
- res.json(result);
310
- });
311
-
312
- router.post('/workflows/runs/:runId/permission-approvals/:requestId', (req, res) => {
313
- const run = workflowStore.getRun(req.params.runId);
314
- if (!run) {
315
- res.status(404).json({ error: { code: 'RUN_NOT_FOUND', message: req.params.runId } });
316
- return;
317
- }
318
-
319
- const allow = req.body?.allow === true;
320
- const deny = req.body?.allow === false;
321
- if (!allow && !deny) {
322
- res.status(400).json({
323
- error: {
324
- code: 'PERMISSION_DECISION_REQUIRED',
325
- message: 'Permission approval requires allow=true or allow=false.',
326
- },
327
- });
328
- return;
329
- }
330
-
331
- const updated = updateApproval(run, req.params.requestId, {
332
- status: allow ? 'allowed' : 'denied',
333
- resolvedAt: Date.now(),
334
- resolvedBy: readRequestUserId(req),
335
- resolutionMessage: readOptionalString(req.body?.message),
336
- });
337
- if (!updated) {
338
- res.status(404).json({ error: { code: 'APPROVAL_NOT_FOUND', message: req.params.requestId } });
339
- return;
340
- }
341
-
342
- workflowStore.setRun(run);
343
- dispatchWebhookEvent({
344
- type: 'approval.resolved',
345
- payload: {
346
- approvalId: req.params.requestId,
347
- allow,
348
- source: 'ui',
349
- runId: run.id,
350
- },
351
- });
352
- res.json({
353
- runId: run.id,
354
- pendingApprovals: readRunArray(run, 'pendingPermissionApprovals')
355
- .filter((approval) => approval.status === 'pending'),
356
- approvalHistory: readRunArray(run, 'pendingPermissionApprovals')
357
- .filter((approval) => approval.status !== 'pending'),
358
- });
359
- });
360
-
361
- router.get('/workflows/runs/:runId/replay-plan', (req, res) => {
362
- const run = workflowStore.getRun(req.params.runId);
363
- if (!run) {
364
- res.status(404).json({ error: { code: 'RUN_NOT_FOUND', message: req.params.runId } });
365
- return;
366
- }
367
-
368
- try {
369
- const options = replayOptions(req);
370
- res.json({
371
- replayPlan: buildWorkflowReplayPlan(run, {
372
- scope: options.scope,
373
- fromNodeId: options.fromNodeId,
374
- }),
375
- });
376
- } catch (error) {
377
- res.status(400).json({
378
- error: {
379
- code: 'REPLAY_PLAN_INVALID',
380
- message: error instanceof Error ? error.message : String(error),
381
- },
382
- });
383
- }
384
- });
385
-
386
- router.post('/workflows/runs/:runId/replay', (req, res) => {
387
- const run = workflowStore.getRun(req.params.runId);
388
- if (!run) {
389
- res.status(404).json({ error: { code: 'RUN_NOT_FOUND', message: req.params.runId } });
390
- return;
391
- }
392
-
393
- try {
394
- const options = replayOptions(req);
395
- const replayPlan = buildWorkflowReplayPlan(run, {
396
- scope: options.scope,
397
- fromNodeId: options.fromNodeId,
398
- });
399
-
400
- if (replayPlan.requiresApproval && !options.approveReplay) {
401
- res.status(409).json({
402
- error: {
403
- code: 'REPLAY_APPROVAL_REQUIRED',
404
- message: 'Replay requires explicit approval because prior shell, network, or file-write activity was detected.',
405
- },
406
- replayPlan,
407
- });
408
- return;
409
- }
410
-
411
- const replayRun = workflowRunner.start(
412
- replayPlan.workflow,
413
- replayPlan.input,
414
- {
415
- ...replayPlan.metadata,
416
- userId: readRequestUserId(req) ?? run.metadata?.userId,
417
- replay: {
418
- ...(replayPlan.metadata.replay && typeof replayPlan.metadata.replay === 'object'
419
- ? replayPlan.metadata.replay as Record<string, unknown>
420
- : {}),
421
- approved: options.approveReplay,
422
- approvedAt: options.approveReplay ? Date.now() : undefined,
423
- },
424
- },
425
- );
426
- dispatchWebhookEvent({
427
- type: 'run.started',
428
- payload: {
429
- runId: replayRun.id,
430
- workflowId: replayRun.workflowId,
431
- replayOf: run.id,
432
- },
433
- });
434
- res.status(202).json({
435
- run: replayRun,
436
- replayPlan,
437
- });
438
- } catch (error) {
439
- res.status(400).json({
440
- error: {
441
- code: 'REPLAY_START_FAILED',
442
- message: error instanceof Error ? error.message : String(error),
443
- },
444
- });
445
- }
446
- });
447
-
448
- router.get('/workflows/runs/:runId', (req, res) => {
449
- const run = workflowStore.getRun(req.params.runId);
450
- if (!run) {
451
- res.status(404).json({ error: { code: 'RUN_NOT_FOUND', message: req.params.runId } });
452
- return;
453
- }
454
- res.json(run);
455
- });
456
-
457
- router.post('/workflows/:id/preview', (req, res) => {
458
- const workflow = workflowStore.getWorkflow(req.params.id);
459
- if (!workflow) {
460
- res.status(404).json({ error: { code: 'WORKFLOW_NOT_FOUND', message: req.params.id } });
461
- return;
462
- }
463
- try {
464
- const runtimeWorkflow = workflowRunner.preview(workflow, readMetadata(req.body));
465
- res.json({
466
- workflow: runtimeWorkflow,
467
- nodeCount: runtimeWorkflow.nodes.length,
468
- nodes: runtimeWorkflow.nodes.map((node) => ({
469
- id: node.id,
470
- adapterId: node.adapterId,
471
- agentInstanceId: node.agentInstanceId,
472
- agentLabel: node.agentLabel,
473
- assignment: node.assignment,
474
- stage: node.stage,
475
- inputs: node.inputs,
476
- onFail: node.onFail,
477
- output: node.output,
478
- model: node.model,
479
- permissionMode: node.permissionMode,
480
- timeoutMs: node.timeoutMs,
481
- })),
482
- });
483
- } catch (error) {
484
- res.status(400).json({
485
- error: {
486
- code: 'WORKFLOW_INVALID',
487
- message: error instanceof Error ? error.message : String(error),
488
- },
489
- });
490
- }
491
- });
492
-
493
- router.post('/workflows/runs/:runId/cancel', async (req, res) => {
494
- const run = await workflowRunner.cancel(req.params.runId);
495
- if (!run) {
496
- res.status(404).json({ error: { code: 'RUN_NOT_FOUND', message: req.params.runId } });
497
- return;
498
- }
499
- dispatchWebhookEvent({
500
- type: 'run.canceled',
501
- payload: {
502
- runId: run.id,
503
- workflowId: run.workflowId,
504
- },
505
- });
506
- res.json(run);
507
- });
508
-
509
- router.post('/workflows/:id/runs', (req, res) => {
510
- const workflow = workflowStore.getWorkflow(req.params.id);
511
- if (!workflow) {
512
- res.status(404).json({ error: { code: 'WORKFLOW_NOT_FOUND', message: req.params.id } });
513
- return;
514
- }
515
- try {
516
- const run = workflowRunner.start(
517
- workflow,
518
- typeof req.body?.input === 'string' ? req.body.input : '',
519
- {
520
- ...readMetadata(req.body),
521
- userId: readRequestUserId(req),
522
- workflowName: workflow.name,
523
- },
524
- );
525
- dispatchWebhookEvent({
526
- type: 'run.started',
527
- payload: {
528
- runId: run.id,
529
- workflowId: run.workflowId,
530
- workflowName: workflow.name,
531
- },
532
- });
533
- res.status(202).json(run);
534
- } catch (error) {
535
- res.status(400).json({
536
- error: {
537
- code: 'WORKFLOW_INVALID',
538
- message: error instanceof Error ? error.message : String(error),
539
- },
540
- });
541
- }
542
- });
543
-
544
- router.post('/workflows/templates/:templateId/runs', (req, res) => {
545
- const template = getWorkflowTemplate(req.params.templateId);
546
- if (!template) {
547
- res.status(404).json({ error: { code: 'WORKFLOW_TEMPLATE_NOT_FOUND', message: req.params.templateId } });
548
- return;
549
- }
550
- const workflow = workflowStore.getWorkflow(template.workflowId);
551
- if (!workflow) {
552
- res.status(404).json({ error: { code: 'WORKFLOW_NOT_FOUND', message: template.workflowId } });
553
- return;
554
- }
555
-
556
- try {
557
- const run = workflowRunner.start(
558
- workflow,
559
- typeof req.body?.input === 'string' ? req.body.input : '',
560
- {
561
- ...applyWorkflowTemplateToMetadata(template, readMetadata(req.body)),
562
- userId: readRequestUserId(req),
563
- workflowName: workflow.name,
564
- },
565
- );
566
- dispatchWebhookEvent({
567
- type: 'run.started',
568
- payload: {
569
- runId: run.id,
570
- workflowId: run.workflowId,
571
- templateId: template.id,
572
- },
573
- });
574
- res.status(202).json(run);
575
- } catch (error) {
576
- res.status(400).json({
577
- error: {
578
- code: 'WORKFLOW_TEMPLATE_START_FAILED',
579
- message: error instanceof Error ? error.message : String(error),
580
- },
581
- });
582
- }
583
- });
584
-
585
- return router;
586
- }
@@ -1,111 +0,0 @@
1
- import type { WorkflowContextPacket } from '@/modules/orchestration/workflows/context-packet.js';
2
- import type { WorkflowFallbackTrigger } from '@/modules/orchestration/workflows/workflow-fallback-policy.js';
3
- import type { WorkflowHandoffArtifact } from '@/modules/orchestration/workflows/handoff-artifact.js';
4
- import type {
5
- PermissionDecision,
6
- PermissionPolicy,
7
- } from '@/modules/orchestration/security/permission-policy.js';
8
-
9
- export type WorkflowRunStatus = 'queued' | 'running' | 'completed' | 'failed' | 'canceled';
10
- export type WorkflowNodeStatus = WorkflowRunStatus | 'skipped';
11
-
12
- export interface WorkflowNode {
13
- id: string;
14
- adapterId: string;
15
- prompt: string;
16
- inputs: string[];
17
- output: 'message' | 'artifact' | 'both';
18
- onFail: 'abort' | 'continue' | 'retry';
19
- stage?: string;
20
- agentInstanceId?: string;
21
- agentLabel?: string;
22
- assignment?: string;
23
- model?: string;
24
- permissionMode?: string;
25
- permissionPolicy?: PermissionPolicy;
26
- permissionDecisions?: PermissionDecision[];
27
- toolsSettings?: Record<string, unknown>;
28
- isolation?: 'host' | 'worktree' | 'docker';
29
- timeoutMs?: number;
30
- internal?: boolean;
31
- fallbackTrigger?: WorkflowFallbackTrigger;
32
- fallbackSourceNodeId?: string;
33
- }
34
-
35
- export interface Workflow {
36
- id: string;
37
- name: string;
38
- description?: string;
39
- trigger: 'manual' | 'on-task-create' | 'on-pr-open';
40
- nodes: WorkflowNode[];
41
- isBuiltin?: boolean;
42
- }
43
-
44
- export interface WorkflowNodeRun {
45
- nodeId: string;
46
- adapterId?: string;
47
- agentInstanceId?: string;
48
- agentLabel?: string;
49
- assignment?: string;
50
- promptPreview?: string;
51
- model?: string;
52
- permissionMode?: string;
53
- permissionPolicy?: PermissionPolicy;
54
- permissionDecisions?: PermissionDecision[];
55
- timeoutMs?: number;
56
- stage?: string;
57
- internal?: boolean;
58
- fallbackTrigger?: WorkflowFallbackTrigger;
59
- fallbackSourceNodeId?: string;
60
- status: WorkflowNodeStatus;
61
- a2aTaskId?: string;
62
- startedAt?: number;
63
- finishedAt?: number;
64
- error?: string;
65
- outputText?: string;
66
- contextPacket?: WorkflowContextPacket;
67
- handoffArtifact?: WorkflowHandoffArtifact;
68
- messages?: Array<{
69
- role: string;
70
- text: string;
71
- createdAt?: number;
72
- }>;
73
- artifacts?: Array<{
74
- type: string;
75
- text?: string;
76
- data?: Record<string, unknown>;
77
- metadata?: Record<string, unknown>;
78
- }>;
79
- }
80
-
81
- export interface WorkflowRun {
82
- id: string;
83
- workflowId: string;
84
- contextId: string;
85
- status: WorkflowRunStatus;
86
- nodeRuns: WorkflowNodeRun[];
87
- input?: string;
88
- startedAt: number;
89
- finishedAt?: number;
90
- metadata?: Record<string, unknown>;
91
- }
92
-
93
- export interface WorkflowTraceEvent {
94
- id: string;
95
- type: 'run' | 'node' | 'provider' | 'message' | 'artifact' | 'file' | 'error' | 'permission_policy';
96
- severity: 'info' | 'warning' | 'error';
97
- status: WorkflowRunStatus | WorkflowNodeStatus | 'submitted';
98
- timestamp: number;
99
- durationMs?: number;
100
- actor: string;
101
- title: string;
102
- titleKey?: string;
103
- summary?: string;
104
- detail?: string;
105
- nodeId?: string;
106
- adapterId?: string;
107
- agentInstanceId?: string;
108
- agentLabel?: string;
109
- model?: string;
110
- metadata?: Record<string, unknown>;
111
- }