@quantiya/codevibe-claude-plugin 2.0.2 → 2.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +1 -1
- package/node_modules/@quantiya/codevibe-core/dist/companion-mode/__tests__/detect-parallel.test.d.ts +1 -0
- package/node_modules/@quantiya/codevibe-core/dist/companion-mode/index.d.ts +4 -3
- package/node_modules/@quantiya/codevibe-core/dist/index.js +4 -4
- package/node_modules/@quantiya/codevibe-core/dist/orchestration-shell/audit-runner.d.ts +3 -3
- package/node_modules/@quantiya/codevibe-core/dist/orchestration-shell/cli.js +27 -27
- package/node_modules/@quantiya/codevibe-core/package.json +1 -1
- package/package.json +2 -2
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "codevibe-claude",
|
|
3
|
-
"version": "2.0.
|
|
3
|
+
"version": "2.0.4",
|
|
4
4
|
"description": "Sync Claude Code sessions with iOS mobile app via AWS backend. Control Claude Code from your phone with real-time bidirectional synchronization.",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "CodeVibe Team"
|
package/node_modules/@quantiya/codevibe-core/dist/companion-mode/__tests__/detect-parallel.test.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -33,9 +33,10 @@ export interface CompanionArgs {
|
|
|
33
33
|
/** Test seam — override bin-path resolver (real impl uses `command -v`). */
|
|
34
34
|
resolveBinPath?: (kind: DetectableAgent) => string | null;
|
|
35
35
|
/**
|
|
36
|
-
* Test seam — override the `<wrapper> --version`
|
|
37
|
-
* (§4 line 280). Real impl
|
|
38
|
-
* timeout. Per Stage 2 r1 Codex
|
|
36
|
+
* Test seam — override the `<wrapper> --version` health-probe
|
|
37
|
+
* (§4 line 280; timeout AGENT_VERSION_PROBE_TIMEOUT_MS). Real impl
|
|
38
|
+
* spawns the wrapper with a SIGKILL on timeout. Per Stage 2 r1 Codex
|
|
39
|
+
* MEDIUM-2.
|
|
39
40
|
*/
|
|
40
41
|
versionProbe?: (binPath: string) => Promise<boolean>;
|
|
41
42
|
}
|
|
@@ -3,7 +3,7 @@ ${n.stack}`)):typeof n=="object"?i+=` ${JSON.stringify(n,Qh)}`:i+=` ${n}`),i}log
|
|
|
3
3
|
`)}catch{}if(this.enableConsole)switch(e){case"error":console.error(o);break;case"warn":console.warn(o);break;default:console.log(o)}}debug(e,r){this.log("debug",e,r)}info(e,r){this.log("info",e,r)}warn(e,r){this.log("warn",e,r)}error(e,r){this.log("error",e,r)}setLevel(e){this.level=e}};m=new hr({name:"codevibe-core",logFile:cs.join(Id.tmpdir(),"codevibe-core.log"),level:"info"})});var H=N(()=>{"use strict";xd()});function ny(){let t=typeof process.getuid=="function"?process.getuid():0;return xa.createHash("sha256").update(`${ls.hostname()}-${t}`).digest("hex").substring(0,36)}function xt(){return{platform:process.platform,source:process.env.CODEVIBE_TELEMETRY_SOURCE||"production"}}async function Pt(t,e){try{let r=JSON.stringify({client_id:ny(),events:[{name:t,params:e}]});await new Promise(n=>{let o=Pd.request({hostname:ey,path:ty,method:"POST",headers:{"Content-Type":"application/json"}},()=>n());o.on("error",()=>n()),o.write(r),o.end(),setTimeout(n,2e3)})}catch{}}async function oo(t){await Pt("auth_completed",{...xt(),user_id:t})}function Cd(t){if(!t)return"";let e=t.replace(/\x1b\[[0-9;]*[a-zA-Z]/g,"").replace(/\\/g,"/").replace(/[\n\r\t"]/g," ").replace(/[^\x20-\x7E]/g,"").trim(),r=[process.env.HOME,process.env.USERPROFILE,(()=>{try{return ls.homedir()}catch{return}})()].filter(n=>typeof n=="string"&&n.length>0).map(n=>n.replace(/\\/g,"/"));for(let n of r){let o=n.replace(/[.*+?^${}()|[\]\\]/g,"\\$&");e=e.replace(new RegExp(o,"g"),"~")}return e.replace(/\/Users\/[^/ ]+/g,"/Users/<user>").replace(/\/home\/[^/ ]+/g,"/home/<user>").replace(/[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}/g,"<email>")}function oy(t){return Cd(t).substring(0,100)}function sy(t){return Cd(t).substring(100,200)}async function Fe(t,e){let r={...xt(),reason:t,stage:e?.stage??ry[t]};if(typeof e?.httpStatus=="number"&&(r.http_status=e.httpStatus),e?.errorFragment){let n=oy(e.errorFragment),o=sy(e.errorFragment);n&&(r.error_fragment=n),o&&(r.error_fragment_2=o)}await Pt("auth_failed",r)}async function Od(t){await Pt("keychain_file_fallback",{...xt(),reason:t})}function tt(t,e){try{Object.defineProperty(t,Pa,{value:!0,enumerable:!1,configurable:!0,writable:!1}),Object.defineProperty(t,Dd,{value:e,enumerable:!1,configurable:!0,writable:!1})}catch{}return t}function so(t){return!!(t&&typeof t=="object"&&t[Pa])}function Ca(t){if(t&&typeof t=="object"&&t[Pa]){let e=t[Dd];if(typeof e=="string")return e}}function Qr(t){return t<=0?"0":t===1?"1":t<=5?"2-5":"6+"}function ds(t){return xa.createHash("sha256").update(t).digest("hex").slice(0,8)}async function Md(t){return Pt("session_encryption_device_skipped",{...xt(),...t})}async function Nd(t){return Pt("session_encryption_partial_success",{...xt(),...t})}async function Ld(t){return Pt("session_encryption_catch_up_grant",{...xt(),...t})}async function $d(t){return Pt("session_encryption_self_rekey_request",{...xt(),...t})}async function Bd(t){return Pt("session_encryption_self_rekey_success",{...xt(),...t})}async function Fd(t){return Pt("session_encryption_self_rekey_timeout",{...xt(),...t})}var xa,Pd,ls,Xh,Zh,ey,ty,ry,Pa,Dd,Xr=N(()=>{"use strict";xa=S(require("crypto")),Pd=S(require("https")),ls=S(require("os")),Xh="G-GS74YEQTB8",Zh="lAfOF6OxRzSQ-NsLBRjhAg",ey="www.google-analytics.com",ty=`/mp/collect?measurement_id=${Xh}&api_secret=${Zh}`,ry={port_in_use:"server_start",port_range_exhausted:"server_start",server_listen_failed:"server_start",browser_open_failed:"browser_open",login_timeout:"awaiting_callback",cognito_rejected:"awaiting_callback",state_mismatch:"awaiting_callback",no_authorization_code:"awaiting_callback",token_exchange_failed:"exchanging_code",token_exchange_network_error:"exchanging_code",keychain_write_failed:"storing_tokens",user_aborted:"unknown",unknown:"unknown"};Pa=Symbol.for("codevibe.auth.beaconed"),Dd=Symbol.for("codevibe.auth.failureReason")});function Ye(){let t=process.env.ENVIRONMENT;return t==="development"||t==="production"||t==="experiment"?t:"production"}function ps(t){let e=t||Ye();return us={...yr[e],aws:{...yr[e].aws,region:process.env.AWS_REGION||yr[e].aws.region,appsyncUrl:process.env.APPSYNC_URL||yr[e].aws.appsyncUrl,cognitoUserPoolId:process.env.COGNITO_USER_POOL_ID||yr[e].aws.cognitoUserPoolId,cognitoClientId:process.env.COGNITO_CLIENT_ID||yr[e].aws.cognitoClientId,cognitoDomain:process.env.COGNITO_DOMAIN||yr[e].aws.cognitoDomain}},Gd=!0,us}function ue(){return(!Gd||!us)&&ps(),us}var wr,kr,yr,us,Gd,Ud=N(()=>{"use strict";wr=S(require("os")),kr=S(require("path")),yr={development:{environment:"development",aws:{region:"us-east-1",appsyncUrl:"https://api-dev.codevibe.quantiya.ai/graphql",cognitoUserPoolId:"us-east-1_yVwWDPvvJ",cognitoClientId:"e9r5apv6v5uui3l928r2ris0r",cognitoDomain:"codevibe-development.auth.us-east-1.amazoncognito.com"},keychain:{serviceName:"ai.quantiya.app.codevibe"},server:{port:3456,host:"127.0.0.1",dynamicPort:!0},claude:{command:"claude",defaultTimeout:6e4},codex:{command:"codex",defaultTimeout:6e4,sessionsDir:kr.default.join(wr.default.homedir(),".codex","sessions"),approvalTimeoutMs:5e3},gemini:{command:"gemini",defaultTimeout:6e4,transcriptDir:kr.default.join(wr.default.homedir(),".gemini","tmp")}},production:{environment:"production",aws:{region:"us-east-1",appsyncUrl:"https://api.codevibe.quantiya.ai/graphql",cognitoUserPoolId:"us-east-1_mNRO0j5og",cognitoClientId:"5p04dbc9ojptc5r8n7605fg78f",cognitoDomain:"codevibe-production.auth.us-east-1.amazoncognito.com"},keychain:{serviceName:"ai.quantiya.app.codevibe"},server:{port:3456,host:"127.0.0.1",dynamicPort:!0},claude:{command:"claude",defaultTimeout:6e4},codex:{command:"codex",defaultTimeout:6e4,sessionsDir:kr.default.join(wr.default.homedir(),".codex","sessions"),approvalTimeoutMs:5e3},gemini:{command:"gemini",defaultTimeout:6e4,transcriptDir:kr.default.join(wr.default.homedir(),".gemini","tmp")}},experiment:{environment:"experiment",aws:{region:"us-east-1",appsyncUrl:"https://api-experiment.codevibe.quantiya.ai/graphql",cognitoUserPoolId:"us-east-1_KjDg1vHmN",cognitoClientId:"7a6rj38m9hq514stb1j4rgk1ef",cognitoDomain:"codevibe-experiment.auth.us-east-1.amazoncognito.com"},keychain:{serviceName:"ai.quantiya.app.codevibe.experiment"},server:{port:3456,host:"127.0.0.1",dynamicPort:!0},claude:{command:"claude",defaultTimeout:6e4},codex:{command:"codex",defaultTimeout:6e4,sessionsDir:kr.default.join(wr.default.homedir(),".codex","sessions"),approvalTimeoutMs:5e3},gemini:{command:"gemini",defaultTimeout:6e4,transcriptDir:kr.default.join(wr.default.homedir(),".gemini","tmp")}}},us=null,Gd=!1});var Qt=N(()=>{"use strict";Ud()});function Vd(t){for(let e of t)try{process.stderr.write(e+`
|
|
4
4
|
`)}catch{}}function Da(){Oa=vr.join(ao.homedir(),".codevibe");try{Ne.mkdirSync(Oa,{recursive:!0,mode:448})}catch{}Ct="file"}function Kd(){if(process.platform!=="linux"||process.env.DISPLAY||process.env.WAYLAND_DISPLAY||process.env.DBUS_SESSION_BUS_ADDRESS)return!1;try{let t=process.env.XDG_RUNTIME_DIR;if(t&&Ne.existsSync(vr.join(t,"bus")))return!1;let e=typeof process.getuid=="function"?process.getuid():void 0;if(e!==void 0&&Ne.existsSync(`/run/user/${e}/bus`))return!1}catch{}return!0}function jd(){return vr.join(ao.homedir(),".codevibe",".keyring-used")}function iy(){if(process.platform==="linux")try{Ne.mkdirSync(vr.join(ao.homedir(),".codevibe"),{recursive:!0,mode:448}),Ne.writeFileSync(jd(),`keytar
|
|
5
5
|
`,{mode:384})}catch{}}function ay(){try{return Ne.existsSync(jd())}catch{return!1}}function cy(){try{let t=vr.join(ao.homedir(),".codevibe",`${zd(ue().keychain.serviceName)}.json`);return Ne.existsSync(t)}catch{return!1}}function ly(t){Vd(["","\u26A0 CodeVibe: no OS keyring service detected on this machine.","\u26A0 Using file-based credential storage at ~/.codevibe/ instead","\u26A0 (directory 0700, files 0600 \u2014 trust level equivalent to ~/.ssh/id_rsa,","\u26A0 weaker than an OS keyring). This is expected on headless / SSH / Docker / CI.","\u26A0 For the OS keyring, run inside a desktop session with a keyring daemon","\u26A0 (Linux) or on macOS / Windows.",""]),m.warn(`[keychain-backend] No OS keyring service (${t}); auto-selected file storage at ~/.codevibe (headless fallback)`),Wd=!0,Da(),Od(t)}function dy(){m.info("[keychain-backend] OS keyring is reachable, but durable file credentials already exist at ~/.codevibe; continuing on the file backend to avoid forking the device identity"),Da()}function Hd(t){if(ay()){ms=new io(["CodeVibe used the OS keyring on this machine before, but it is not","reachable in this session (no desktop session / no D-Bus session bus \u2014","e.g. SSH without a forwarded bus).","","Auto-switching to file storage here would create a SEPARATE credential","identity and break your existing encrypted sessions, so we stop instead.","","Options:"," 1. Run inside the desktop session where the keyring is unlocked, or"," 2. Explicitly switch THIS machine to file-based storage (a new, separate"," credential identity):"," export CODEVIBE_ALLOW_FILE_KEYCHAIN=1"].join(`
|
|
6
|
-
`)),m.warn("[keychain-backend] OS keyring used here before but unreachable now; refusing silent file fallback (set CODEVIBE_ALLOW_FILE_KEYCHAIN=1 to override)");return}ly(t)}function
|
|
6
|
+
`)),m.warn("[keychain-backend] OS keyring used here before but unreachable now; refusing silent file fallback (set CODEVIBE_ALLOW_FILE_KEYCHAIN=1 to override)");return}ly(t)}function RT(){return Wd}function ET(){return Ct}function uy(){if(Ct!==null||ms!==null)return;let optedIn=process.env.CODEVIBE_ALLOW_FILE_KEYCHAIN==="1";if(optedIn){Vd(["","\u26A0 CodeVibe: file-based credential storage selected (CODEVIBE_ALLOW_FILE_KEYCHAIN=1).","\u26A0 Location: ~/.codevibe/ (directory 0700, files 0600)","\u26A0 Trust level: equivalent to ~/.ssh/id_rsa \u2014 weaker than OS keyring.","\u26A0 To use the OS keyring instead, unset CODEVIBE_ALLOW_FILE_KEYCHAIN and","\u26A0 install libsecret-1-0 + a running keyring daemon (Linux) or use the","\u26A0 native Keychain (macOS) / Credential Manager (Windows).",""]),m.warn("[keychain-backend] Using file-based storage at ~/.codevibe (CODEVIBE_ALLOW_FILE_KEYCHAIN=1 explicit opt-in)"),Da();return}if(cy()){dy();return}let keytarLoadError=null;try{let nodeRequire=eval("require");yt=nodeRequire("keytar")}catch(t){keytarLoadError=t instanceof Error?t.message:String(t),yt=null}if(yt){if(Kd()){yt=null,Hd("no_keyring_service");return}Ct="keytar",m.info("[keychain-backend] Using keytar (OS-native keyring)"),iy();return}if(Kd()){Hd("keytar_load_failed");return}ms=new io(["CodeVibe could not load the OS-native keyring (keytar).",`Reason: ${keytarLoadError??"unknown"}`,"","Options to fix this:"," 1. (Linux) Install libsecret and a keyring daemon:"," sudo apt install libsecret-1-0 gnome-keyring"," Then unlock the keyring for your user session.",""," 2. (Headless / CI / Docker) Opt in to file-based credential"," storage at ~/.codevibe/ (0600 files). This is equivalent"," in trust to ~/.ssh/id_rsa \u2014 not the OS keyring:"," export CODEVIBE_ALLOW_FILE_KEYCHAIN=1"].join(`
|
|
7
7
|
`))}function zd(t){return t.replace(/[^a-zA-Z0-9._-]/g,"_")}function qd(t){return vr.join(Oa,`${zd(t)}.json`)}function Ma(t){try{let e=Ne.readFileSync(qd(t),"utf-8"),r=JSON.parse(e);return r&&typeof r=="object"?r:{}}catch{return{}}}function Jd(t,e){let r=qd(t);Ne.writeFileSync(r,JSON.stringify(e,null,2),{mode:384});try{Ne.chmodSync(r,384)}catch{}}function fs(){if(uy(),Ct===null)throw ms??new io("Keychain backend not initialized")}function Na(){return fs(),Ct}async function co(t,e){return fs(),Ct==="keytar"&&yt?yt.getPassword(t,e):Ma(t)[e]??null}async function lo(t,e,r){if(fs(),Ct==="keytar"&&yt){await yt.setPassword(t,e,r);return}let n=Ma(t);n[e]=r,Jd(t,n)}async function La(t,e){if(fs(),Ct==="keytar"&&yt)return yt.deletePassword(t,e);let r=Ma(t);return e in r?(delete r[e],Jd(t,r),!0):!1}var ao,vr,Ne,io,Ct,yt,Oa,ms,Wd,$a=N(()=>{"use strict";ao=S(require("os")),vr=S(require("path")),Ne=S(require("fs"));H();Xr();Qt();io=class extends Error{constructor(e){super(e),this.name="KeychainBackendUnavailableError"}},Ct=null,yt=null,Oa="",ms=null,Wd=!1});var rt,Ot,en,py,Zr,Z,Qd=N(()=>{"use strict";rt=S(require("crypto")),Ot=class extends Error{constructor(e){super(e),this.name="CryptoError"}},en=1,py="CodeVibe E2E v1",Zr=class t{constructor(){}static getInstance(){return t.instance||(t.instance=new t),t.instance}generateKeyPair(){let e=rt.createECDH("prime256v1");e.generateKeys();let n=e.getPublicKey().subarray(1).toString("base64");return{privateKey:e.getPrivateKey().toString("base64"),publicKey:n}}generateSessionKey(){return rt.randomBytes(32).toString("base64")}deriveSharedKey(e,r){try{let n=rt.createECDH("prime256v1"),o=Buffer.from(e,"base64");n.setPrivateKey(o);let s=Buffer.from(r,"base64"),i=s.length===65&&s[0]===4?s:Buffer.concat([Buffer.from([4]),s]),a=n.computeSecret(i),c=rt.hkdfSync("sha256",a,Buffer.alloc(0),Buffer.from(py,"utf8"),32);return Buffer.from(c)}catch(n){throw new Ot(`Failed to derive shared key: ${n}`)}}encryptSessionKey(e,r){let n=this.generateKeyPair(),o=this.deriveSharedKey(n.privateKey,r),s=Buffer.from(e,"base64");return{encryptedKey:this.encrypt(s,o).toString("base64"),ephemeralPublicKey:n.publicKey}}decryptSessionKey(e,r){let n=this.deriveSharedKey(r,e.ephemeralPublicKey),o=Buffer.from(e.encryptedKey,"base64");return this.decrypt(o,n).toString("base64")}encryptContent(e,r){let n=Buffer.from(r,"base64"),o=Buffer.from(e,"utf8");return this.encrypt(o,n).toString("base64")}decryptContent(e,r){let n=Buffer.from(r,"base64"),o=Buffer.from(e,"base64");return this.decrypt(o,n).toString("utf8")}encryptMetadata(e,r){let n=JSON.stringify(e);return this.encryptContent(n,r)}decryptMetadata(e,r){let n=this.decryptContent(e,r);return JSON.parse(n)}encryptData(e,r){let n=Buffer.from(r,"base64");return this.encrypt(e,n)}decryptData(e,r){let n=Buffer.from(r,"base64");return this.decrypt(e,n)}encrypt(e,r){let n=rt.randomBytes(12),o=rt.createCipheriv("aes-256-gcm",r,n),s=Buffer.concat([o.update(e),o.final()]),i=o.getAuthTag();return Buffer.concat([n,s,i])}decrypt(e,r){let n=e.subarray(0,12),o=e.subarray(e.length-16),s=e.subarray(12,e.length-16),i=rt.createDecipheriv("aes-256-gcm",r,n);i.setAuthTag(o);try{return Buffer.concat([i.update(s),i.final()])}catch{throw new Ot("Decryption failed: Invalid ciphertext or authentication tag")}}serializePrivateKey(e){return e}deserializePrivateKey(e){return e}},Z=Zr.getInstance()});var wt=N(()=>{"use strict";Qd()});var gs,Xd,Dt,Ba,my,br,C,Zd=N(()=>{"use strict";gs=S(require("os")),Xd=require("uuid");$a();wt();Qt();H();Dt=class extends Error{constructor(e){super(e),this.name="KeychainError"}},Ba="device-identity",my="tokens-",br=class t{constructor(){this.deviceIdentity=null;this.sessionKeyCache=new Map;this.isRegistered=!1;this._serviceName=null}get serviceName(){return this._serviceName||(this._serviceName=ue().keychain.serviceName),this._serviceName}static getInstance(){return t.instance||(t.instance=new t),t.instance}async getDeviceIdentity(){if(this.deviceIdentity)return this.deviceIdentity;let e=await co(this.serviceName,Ba);return e?(this.deviceIdentity=JSON.parse(e),m.info(`[KeychainManager] Loaded device identity: ${this.deviceIdentity.deviceId}`),this.deviceIdentity):null}async setDeviceIdentity(e){try{await lo(this.serviceName,Ba,JSON.stringify(e)),this.deviceIdentity=e,m.info(`[KeychainManager] Saved device identity: ${e.deviceId}`)}catch(r){throw m.error(`[KeychainManager] Failed to save device identity: ${r}`),new Dt(`Failed to save device identity: ${r}`)}}async getOrCreateDeviceIdentity(){let e=await this.getDeviceIdentity();if(e)return e;let r=Z.generateKeyPair();return e={deviceId:(0,Xd.v4)().toUpperCase(),privateKey:r.privateKey,publicKey:r.publicKey,createdAt:new Date().toISOString()},await this.setDeviceIdentity(e),m.info(`[KeychainManager] Generated new device identity: ${e.deviceId}`),e}async getDeviceId(){return(await this.getOrCreateDeviceIdentity()).deviceId}async getDevicePublicKey(){return(await this.getOrCreateDeviceIdentity()).publicKey}async getDevicePrivateKey(){return(await this.getOrCreateDeviceIdentity()).privateKey}async hasDeviceIdentity(){return await this.getDeviceIdentity()!==null}async deleteDeviceIdentity(){try{await La(this.serviceName,Ba),this.deviceIdentity=null,this.sessionKeyCache.clear(),this.isRegistered=!1,m.info("[KeychainManager] Deleted device identity")}catch(e){throw m.error(`[KeychainManager] Failed to delete device identity: ${e}`),new Dt(`Failed to delete device identity: ${e}`)}}getTokenAccount(e){return`${my}${e}`}async getTokens(e="production"){let r=await co(this.serviceName,this.getTokenAccount(e));if(!r)return null;let n=JSON.parse(r);return m.debug(`[KeychainManager] Loaded tokens for ${e}`),n}async setTokens(e,r="production"){try{await lo(this.serviceName,this.getTokenAccount(r),JSON.stringify(e)),m.info(`[KeychainManager] Saved tokens for ${r}`,{userId:e.userId,email:e.email})}catch(n){throw m.error(`[KeychainManager] Failed to save tokens: ${n}`),new Dt(`Failed to save tokens: ${n}`)}}async deleteTokens(e="production"){try{let r=await La(this.serviceName,this.getTokenAccount(e));return r&&m.info(`[KeychainManager] Deleted tokens for ${e}`),r}catch(r){return m.error(`[KeychainManager] Failed to delete tokens: ${r}`),!1}}isTokenExpired(e){return Date.now()>=e.expiresAt-3e5}async getSessionKey(e,r){let n=this.sessionKeyCache.get(e);if(n)return n;if(!r||r.length===0)return null;let o=await this.getDeviceId(),s=r.find(c=>c.deviceId===o);if(!s)return m.warn(`[KeychainManager] Device ${o} not found in encryptedKeys`),null;let i=await this.getDevicePrivateKey(),a=Z.decryptSessionKey(s,i);return this.sessionKeyCache.set(e,a),m.info(`[KeychainManager] Decrypted and cached session key for ${e}`),a}createSessionKey(e,r){let n=Z.generateSessionKey(),o=[],s=[];for(let i of e)try{let a=Z.encryptSessionKey(n,i.publicKey);o.push({deviceId:i.deviceId,encryptedKey:a.encryptedKey,ephemeralPublicKey:a.ephemeralPublicKey})}catch(a){m.warn("[KeychainManager] Skipping device with invalid public key",{deviceId:i.deviceId,error:a instanceof Error?a.message:String(a)}),s.push(i.deviceId);try{r?.onDeviceSkipped?.(s.length)}catch{}}if(o.length===0)throw new Ot(`Failed to encrypt session key for any of ${e.length} devices`);return m.info("[KeychainManager] Created session key",{encryptedCount:o.length,skippedCount:s.length,totalCount:e.length}),{sessionKey:n,encryptedKeys:o,skippedDeviceIds:s}}cacheSessionKey(e,r){this.sessionKeyCache.set(e,r)}getCachedSessionKey(e){return this.sessionKeyCache.get(e)??null}getCachedSessionIds(){return Array.from(this.sessionKeyCache.keys())}clearSessionKey(e){this.sessionKeyCache.delete(e)}clearAllSessionKeys(){this.sessionKeyCache.clear()}getIsRegistered(){return this.isRegistered}setIsRegistered(e){this.isRegistered=e}getDeviceName(){return gs.hostname()||"CLI Client"}getDevicePlatform(){let e=gs.platform();return e==="darwin"?"MACOS":e==="linux"?"LINUX":e==="win32"?"WINDOWS":"CLI"}async clearAllData(){await this.deleteDeviceIdentity(),await this.deleteTokens("development"),await this.deleteTokens("production"),this.sessionKeyCache.clear(),this.isRegistered=!1,m.info("[KeychainManager] Cleared all data")}},C=br.getInstance()});var eu={};Me(eu,{KeychainError:()=>Dt,KeychainManager:()=>br,keychainManager:()=>C});var nt=N(()=>{"use strict";Zd()});var hs,Fa,tu,ys=N(()=>{"use strict";hs=(w=>(w.USER_PROMPT="USER_PROMPT",w.ASSISTANT_RESPONSE="ASSISTANT_RESPONSE",w.TOOL_USE="TOOL_USE",w.NOTIFICATION="NOTIFICATION",w.INTERACTIVE_PROMPT="INTERACTIVE_PROMPT",w.PROMPT_RESPONSE="PROMPT_RESPONSE",w.REASONING="REASONING",w.MODE_SELECTED="MODE_SELECTED",w.PLANNER_DECISION="PLANNER_DECISION",w.PLANNER_CACHE_HIT="PLANNER_CACHE_HIT",w.PLANNER_DEGRADED="PLANNER_DEGRADED",w.PLANNER_OUTAGE="PLANNER_OUTAGE",w.PLANNER_RECOVERED="PLANNER_RECOVERED",w.SLASH_COMMAND_INVOKED="SLASH_COMMAND_INVOKED",w.STRUCTURAL_SUMMARY_GENERATED="STRUCTURAL_SUMMARY_GENERATED",w.LOCAL_AUTHORITY_REFUSAL="LOCAL_AUTHORITY_REFUSAL",w.CONTINUATION_PACKET_WRITTEN="CONTINUATION_PACKET_WRITTEN",w.CONTINUATION_PACKET_FAILED="CONTINUATION_PACKET_FAILED",w))(hs||{}),Fa=(r=>(r.DESKTOP="DESKTOP",r.MOBILE="MOBILE",r))(Fa||{}),tu=(n=>(n.SENT="SENT",n.DELIVERED="DELIVERED",n.EXECUTED="EXECUTED",n))(tu||{})});function ou(t,e,r){if(hy)return!1;let n=Sr.get(t);if(!n||r-n.windowStartMs>=fy||r<n.windowStartMs){if(Sr.delete(t),Sr.size>=wy){let o=Sr.keys().next().value;o!==void 0&&Sr.delete(o)}n={windowStartMs:r,count:0,toolUseAboveThreshold:0,suppressed:0,logged:!1},Sr.set(t,n)}if(n.count+=1,n.count<=ru||yy.has(e))return!1;if(e==="REASONING")return n.suppressed+=1,!0;if(e==="TOOL_USE"){n.toolUseAboveThreshold+=1;let o=n.toolUseAboveThreshold%gy===0;return o||(n.suppressed+=1),!o}return!1}function su(t){let e=Sr.get(t);if(e&&!e.logged)return e.logged=!0,e}var fy,ru,gy,hy,nu,yy,Sr,wy,iu=N(()=>{"use strict";ys();fy=Number(process.env.CODEVIBE_THROTTLE_WINDOW_MS)||1e4,ru=Number(process.env.CODEVIBE_THROTTLE_EVENTS_PER_WINDOW)||50,gy=Number(process.env.CODEVIBE_THROTTLE_TOOL_USE_KEEP_EVERY)||10,hy=process.env.CODEVIBE_THROTTLE_DISABLED==="1",nu=ru,yy=new Set(["USER_PROMPT","ASSISTANT_RESPONSE","INTERACTIVE_PROMPT","PROMPT_RESPONSE","NOTIFICATION"]),Sr=new Map,wy=2e3});function ky(){if(process.platform!=="linux")return!1;try{let t=cu.readFileSync("/proc/sys/kernel/osrelease","utf8");return/microsoft|wsl/i.test(t)}catch{return!1}}async function tn(t,e,r){try{return await fetch(t,e)}catch(n){let o=n?.cause?.code,s=n?.cause?.message,i=o||s||n?.message||"unknown",a=vy(o),c=r?`${r}: `:"",l=`Node ${process.version} on ${process.platform}`,d=[`${c}Cannot reach ${t}`,` Underlying error: ${i}`];a&&d.push(` Suggested fix: ${a}`),d.push(` Platform: ${l}`);let u=new Error(d.join(`
|
|
8
8
|
`));throw u.cause=n,u}}function vy(t){if(!t)return null;switch(t){case"ENOTFOUND":case"EAI_AGAIN":return'DNS resolution failed. On WSL Ubuntu, check /etc/resolv.conf, or try running with NODE_OPTIONS="--dns-result-order=ipv4first".';case"ETIMEDOUT":case"ECONNREFUSED":case"ECONNRESET":case"EHOSTUNREACH":case"ENETUNREACH":return`Network unreachable. On WSL Ubuntu, try NODE_OPTIONS="--dns-result-order=ipv4first" (WSL's IPv6 is often broken). If behind a corporate proxy, set HTTPS_PROXY.`;case"CERT_HAS_EXPIRED":case"CERT_NOT_YET_VALID":return"TLS certificate time error \u2014 likely system clock drift. On WSL, run `sudo hwclock -s`, or shut down WSL from PowerShell with `wsl --shutdown` and restart.";case"UNABLE_TO_GET_ISSUER_CERT_LOCALLY":case"SELF_SIGNED_CERT_IN_CHAIN":case"UNABLE_TO_VERIFY_LEAF_SIGNATURE":case"DEPTH_ZERO_SELF_SIGNED_CERT":return"Corporate HTTPS proxy detected \u2014 the TLS cert is not trusted by Node. Set NODE_EXTRA_CA_CERTS=/path/to/corporate-ca.pem, or configure HTTPS_PROXY if a proxy is required.";default:return null}}var au,cu,Ga=N(()=>{"use strict";au=S(require("dns")),cu=S(require("fs"));if(ky())try{au.setDefaultResultOrder("ipv4first")}catch{}});var we,oe,Mt,Ua=N(()=>{"use strict";we={getSession:`
|
|
9
9
|
query GetSession($sessionId: ID!) {
|
|
@@ -528,7 +528,7 @@ You're set. Next steps:
|
|
|
528
528
|
${O.green}\u2713${O.reset} Orchestration enabled. New sessions will use your reviewer panel.`)}async function Ow(){let e=await(await zs()).updateReviewerPolicy({orchestrationEnabledDefault:!1});oc(e),console.log(`
|
|
529
529
|
${O.yellow}\u2713${O.reset} Orchestration disabled. New sessions route to the 1.0 companion flow.`)}async function Dw(){let t=Le();if(console.log(""),console.log(`${O.bold}Installed agents${O.reset}`),t.length===0)console.log(` ${O.dim}(none detected on PATH)${O.reset}`);else for(let n of t)console.log(` ${O.green}\u2713${O.reset} ${n.toLowerCase()}`);console.log("");let r=await(await zs()).updateAvailableAgents(t);oc(r)}async function Mw(){let t=Le();t.length===0&&(console.log(""),console.log(`${O.yellow}No agents detected on PATH.${O.reset}`),console.log(`Install at least one of ${O.bold}claude${O.reset}, ${O.bold}gemini${O.reset}, or ${O.bold}codex${O.reset} before configuring orchestration.`),process.exit(1)),console.log(""),console.log(`${O.bold}Quorum 2.0 orchestration configuration${O.reset}`),console.log(`${O.dim}Detected agents: ${t.map(n=>n.toLowerCase()).join(", ")}${O.reset}`),console.log("");let e=await zs();await e.updateAvailableAgents(t);let r=bp.createInterface({input:process.stdin,output:process.stdout});try{if(!await kp(r,"Enable orchestration for new sessions?",!1)){await e.updateReviewerPolicy({orchestrationEnabledDefault:!1}),console.log(`
|
|
530
530
|
${O.yellow}\u2713${O.reset} Orchestration disabled.`);return}if(!await kp(r,"Customize reviewer panel (otherwise use tier defaults)?",!1)){await e.updateReviewerPolicy({orchestrationEnabledDefault:!0,reviewerSeats:[]}),console.log(`
|
|
531
|
-
${O.green}\u2713${O.reset} Orchestration enabled with tier-default reviewer panel.`);return}let s=await Nw(r),i=[],a=new Set;for(let c=0;c<s;c++){console.log(""),console.log(`${O.bold}Seat ${c}${O.reset}`);let l=xw.filter(p=>!a.has(p)),d=await vp(r,"Role:",l),u=await vp(r,"Agent:",t);i.push({seatId:c,role:d,agent:u}),a.add(d)}await e.updateReviewerPolicy({orchestrationEnabledDefault:!0,reviewerSeats:i}),console.log(""),console.log(`${O.green}\u2713${O.reset} Orchestration enabled with custom panel:`);for(let c of i)console.log(` Seat ${c.seatId}: ${c.role.toLowerCase()} \u2192 ${c.agent.toLowerCase()}`)}finally{r.close()}}function nc(t,e){return new Promise(r=>t.question(e,n=>r(n.trim())))}async function kp(t,e,r){let o=(await nc(t,e+(r?" [Y/n] ":" [y/N] "))).toLowerCase();return o?o.startsWith("y"):r}async function Nw(t){for(;;){let e=await nc(t,"How many seats (2 for Pro, 3 for Max)? "),r=parseInt(e,10);if(r===2||r===3)return r;console.log(`${O.yellow}Enter 2 or 3.${O.reset}`)}}async function vp(t,e,r){for(;;){console.log(e),r.forEach((s,i)=>{console.log(` ${O.cyan}${i+1}${O.reset}. ${s.toLowerCase()}`)});let n=await nc(t,"> "),o=parseInt(n,10)-1;if(o>=0&&o<r.length)return r[o];console.log(`${O.yellow}Enter a number between 1 and ${r.length}.${O.reset}`)}}async function zs(){let t=new Nt;return await t.authenticateWithStoredTokens()||(console.log(""),console.log(`${O.yellow}Not authenticated.${O.reset} Run ${O.bold}codevibe login${O.reset} first.`),process.exit(1)),t}function oc(t){console.log(""),console.log(`${O.bold}Current reviewer policy${O.reset}`),console.log(` Orchestration default: ${Lw(t.orchestrationEnabledDefault)}`),console.log(` Available agents: ${t.availableAgents?.length?t.availableAgents.map(e=>e.toLowerCase()).join(", "):`${O.dim}(not yet detected)${O.reset}`}`),console.log(` Reviewer panel: ${$w(t.reviewerSeats)}`)}function Lw(t){return t===!0?`${O.green}enabled${O.reset}`:t===!1?`${O.yellow}disabled${O.reset}`:`${O.dim}(unset \u2014 defaults to disabled)${O.reset}`}function $w(t){return!t||t.length===0?`${O.dim}tier defaults${O.reset}`:t.map(e=>`Seat ${e.seatId} ${e.role.toLowerCase()}\u2192${e.agent.toLowerCase()}`).join(", ")}var bp,O,xw,Sp=N(()=>{"use strict";bp=S(require("readline"));Ss();po();ko();wp();O={reset:"\x1B[0m",bold:"\x1B[1m",dim:"\x1B[2m",green:"\x1B[32m",yellow:"\x1B[33m",purple:"\x1B[35m",cyan:"\x1B[36m"},xw=["ARCHITECTURE","CORRECTNESS","SECURITY","ACCURACY","CLARITY","COMPLETENESS","ARCHITECTURE_AND_ACCURACY","CORRECTNESS_AND_CLARITY","SECURITY_AND_COMPLETENESS"]});function _o(t){return!Number.isInteger(t)||t<1||t>bn.length?null:bn[t-1].kind}var qs,bn,Js,Rp=N(()=>{"use strict";qs="orchestration_escalated_gate",bn=[{number:"1",label:"Accept",kind:"accept"},{number:"2",label:"Reject (restart proposal)",kind:"reject_restart"},{number:"3",label:"Abort task",kind:"abort_task"}];Js=_o});var Ep={};Me(Ep,{V1_ORCHESTRATION_OPTIONS:()=>bn,V1_ORCHESTRATION_PROMPT_KIND:()=>qs,applyPerSessionOrchestrationOverride:()=>Cs,detectInstalledAgents:()=>Le,mapOptionNumberToUserDecisionKind:()=>_o,mapOptionToUserDecisionKind:()=>Js,pushDetectedAgents:()=>Ps,runOrchestrationCli:()=>js});var Ys=N(()=>{"use strict";ko();Sp();Rp()});var SE,Ng=N(()=>{"use strict";SE=require("json-freeze")});var dT={};Me(dT,{AgentType:()=>lu,AppSyncClient:()=>Nt,AppSyncGraphQLError:()=>Xt,AuditKeys:()=>kc,AuthService:()=>on,Continuation:()=>sl,CredentialBroker:()=>Mc,CryptoError:()=>Ot,CryptoService:()=>Zr,DeliveryStatus:()=>tu,ENCRYPTION_VERSION:()=>en,EventSource:()=>Fa,EventType:()=>hs,KeychainError:()=>Dt,KeychainManager:()=>br,Logger:()=>hr,PORT_RANGE_SIZE:()=>nn,PRIMARY_PORT:()=>rn,Planner:()=>ol,Reviewer:()=>tc,ReviewerRole:()=>uo,SessionStatus:()=>ws,StructuralSummary:()=>pl,Substrate:()=>Ic,SubstrateLaunch:()=>Hc,TierError:()=>Qn,V1_ORCHESTRATION_OPTIONS:()=>bn,V1_ORCHESTRATION_PROMPT_KIND:()=>qs,_resetPrepareEventTimestampForTesting:()=>pc,applyPerSessionOrchestrationOverride:()=>Cs,authService:()=>Lt,bindOAuthServer:()=>mo,createLogger:()=>Ia,createShellEventEmitter:()=>ns,cryptoService:()=>Z,detectInstalledAgents:()=>Le,emitShellEvent:()=>sa,errorWasBeaconed:()=>so,fireAuthCompletedBeacon:()=>oo,fireAuthFailedBeacon:()=>Fe,getConfig:()=>ue,getEnvironment:()=>Ye,getErrorReason:()=>Ca,keychainManager:()=>C,loadConfig:()=>ps,logger:()=>m,mapOptionNumberToUserDecisionKind:()=>_o,mapOptionToUserDecisionKind:()=>Js,markErrorBeaconed:()=>tt,mutations:()=>oe,normalizeSnapshot:()=>ac,parseInteractivePrompt:()=>_p,pickMode:()=>vd,prepareEventTimestamp:()=>uc,prepareSessionEncryption:()=>Zs,processMarkers:()=>Hr,pushDetectedAgents:()=>Ps,queries:()=>we,registerDeviceEncryptionKey:()=>To,rekeySessionForNewDevices:()=>Cr,resumeOrCreateSession:()=>lc,runAuthCli:()=>Qs,runCompanionMode:()=>Vh,runOrchestrationCli:()=>js,runOrchestrationShell:()=>gh,startDeviceKeyWatcher:()=>dc,subscriptions:()=>Mt,withRoleMarker:()=>Vl});module.exports=Td(dT);nt();wt();Ss();Ss();var mu=S(require("crypto")),fu=S(require("fs")),gu=S(require("http")),hu=require("child_process");Qt();nt();H();Ga();Xr();var rn=8080,nn=20,Ka="/callback";async function mo(t){let e=null;for(let r=0;r<nn;r++){let n=rn+r;try{let o=await new Promise((s,i)=>{let a=gu.createServer(t),c=d=>{a.removeListener("listening",l),i(d)},l=()=>{a.removeListener("error",c),a.on("error",d=>{m.error("[AuthService] OAuth server post-bind error",{port:n,code:d?.code,message:d?.message})}),s(a)};a.once("error",c),a.once("listening",l),a.listen(n,"localhost")});return m.info(`[AuthService] OAuth server bound on port ${n} (attempt ${r+1}/${nn})`),{server:o,port:n}}catch(o){if(e=o,o?.code==="EADDRINUSE")continue;throw o}}throw Object.assign(new Error(`All ports ${rn}-${rn+nn-1} are in use. Free at least one for OAuth callback or quit a conflicting service (common collisions: Vite, Webpack, Spring Boot, Docker exposed ports). Underlying: ${e?.message??"EADDRINUSE"}`),{code:"EADDRINUSE_ALL"})}var on=class t{constructor(){}static getInstance(){return t.instance||(t.instance=new t),t.instance}openBrowser(e){console.error(""),console.error("Opening your browser for sign-in..."),this.isRunningInWSL()?console.error("If your browser does not open, paste this URL in your Windows browser:"):console.error("If your browser does not open automatically, visit this URL:"),console.error(` ${e}`),console.error("");let r=this.getBrowserCommands();this.tryBrowserCommand(r,e,0)}getBrowserCommands(){let e=process.platform;if(e==="darwin")return[{cmd:"open",fixedArgs:[]}];if(e==="win32")return[{cmd:"cmd",fixedArgs:["/c","start",""]}];let r=[];return this.isRunningInWSL()&&(r.push({cmd:"wslview",fixedArgs:[]}),r.push({cmd:"cmd.exe",fixedArgs:["/c","start",""]}),r.push({cmd:"powershell.exe",fixedArgs:["-NoProfile","-Command","Start-Process"]})),r.push({cmd:"xdg-open",fixedArgs:[]}),r}isRunningInWSL(){if(process.platform!=="linux")return!1;try{let e=fu.readFileSync("/proc/sys/kernel/osrelease","utf8");return/microsoft|wsl/i.test(e)}catch{return!1}}tryBrowserCommand(e,r,n){if(n>=e.length){m.debug("[AuthService] No browser-opening command succeeded. User must open the sign-in URL manually (printed to stderr above)."),console.error(""),console.error("\u26A0\uFE0F Could not open browser automatically."),this.isRunningInWSL()?console.error(" WSL detected \u2014 paste this URL in your Windows browser:"):console.error(" Please copy and paste this URL into your browser:"),console.error(` ${r}`),console.error("");return}let o=e[n],s=[...o.fixedArgs,r],i=!1,a=u=>{i||(i=!0,m.debug(`[AuthService] Browser command '${o.cmd}' ${u}; trying next fallback`),this.tryBrowserCommand(e,r,n+1))},c=u=>{i||(i=!0,m.debug(`[AuthService] Browser command '${o.cmd}' ${u}`))},l;try{l=(0,hu.spawn)(o.cmd,s,{detached:!0,stdio:"ignore"})}catch(u){a(`threw synchronously: ${u?.message||u}`);return}l.on("error",u=>{a(`failed to spawn: ${u?.message||u}`)}),l.on("exit",(u,p)=>{u===0?c("exited successfully"):a(p?`terminated by signal ${p}`:`exited with code ${u}`)}),setTimeout(()=>{c("still running after 3s, assuming success")},3e3).unref(),l.unref()}generateState(){return mu.randomBytes(32).toString("hex")}buildAuthUrl(e,r){let n=ue(),o=new URLSearchParams({client_id:n.aws.cognitoClientId,response_type:"code",scope:"email openid profile",redirect_uri:r,state:e});return`https://${n.aws.cognitoDomain}/oauth2/authorize?${o.toString()}`}async exchangeCodeForTokens(e,r){let n=ue(),o=`https://${n.aws.cognitoDomain}/oauth2/token`,s=new URLSearchParams({grant_type:"authorization_code",client_id:n.aws.cognitoClientId,code:e,redirect_uri:r}),i;try{i=await tn(o,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:s.toString()},"Token exchange")}catch(c){throw await Fe("token_exchange_network_error"),tt(c,"token_exchange_network_error"),c}if(!i.ok){let c=await i.text(),l=new Error(`Token exchange failed: ${i.status} ${c}`);throw await Fe("token_exchange_failed",{httpStatus:i.status}),tt(l,"token_exchange_failed"),l}let a=await i.json();return{accessToken:a.access_token,idToken:a.id_token,refreshToken:a.refresh_token,expiresIn:a.expires_in}}decodeJwt(e){let r=e.split(".");if(r.length!==3)throw new Error("Invalid JWT");return JSON.parse(Buffer.from(r[1],"base64").toString("utf-8"))}async refreshTokens(e){let r=ue(),n=`https://${r.aws.cognitoDomain}/oauth2/token`,o=new URLSearchParams({grant_type:"refresh_token",client_id:r.aws.cognitoClientId,refresh_token:e}),s=await tn(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:o.toString()},"Token refresh");if(!s.ok)throw new Error(`Token refresh failed: ${s.status}`);let i=await s.json();return{accessToken:i.access_token,idToken:i.id_token,expiresIn:i.expires_in}}async login(){let e=await C.getTokens(Ye());if(e&&!C.isTokenExpired(e))return e;let r=this.generateState();return new Promise((n,o)=>{let s={},i=null,a=!1,c=!1,l=p=>{p.closeAllConnections?.()},d=p=>{if(a)return;a=!0,i&&(clearTimeout(i),i=null);let f=s.server;f?(l(f),f.close(()=>n(p))):n(p)},u=p=>{if(a)return;a=!0,i&&(clearTimeout(i),i=null);let f=s.server;f?(l(f),f.close(()=>o(p))):o(p)};(async()=>{let p;try{p=await mo(async(h,y)=>{if(c||a){y.writeHead(200,{Connection:"close"}),y.end();return}let w=`http://localhost:${h.socket?.localPort??p.port}${Ka}`,R=new URL(h.url||"",w);if(R.pathname!==Ka){y.writeHead(404,{Connection:"close"}),y.end("Not found");return}try{let b=R.searchParams.get("code"),E=R.searchParams.get("state"),A=R.searchParams.get("error");if(A){let x=new Error(`OAuth error: ${A}`);throw await Fe("cognito_rejected"),tt(x,"cognito_rejected"),x}if(E!==r){let x=new Error("State mismatch");throw await Fe("state_mismatch"),tt(x,"state_mismatch"),x}if(!b){let x=new Error("No authorization code");throw await Fe("no_authorization_code"),tt(x,"no_authorization_code"),x}c=!0;let _=await this.exchangeCodeForTokens(b,w),B=this.decodeJwt(_.idToken),W={accessToken:_.accessToken,idToken:_.idToken,refreshToken:_.refreshToken,expiresAt:Date.now()+_.expiresIn*1e3,userId:B.sub,email:B.email||"unknown"};try{await C.setTokens(W,Ye())}catch(x){throw await Fe("keychain_write_failed",{errorFragment:x?.message?String(x.message):String(x)}),tt(x,"keychain_write_failed"),x}y.writeHead(200,{"Content-Type":"text/html; charset=utf-8",Connection:"close"}),y.end(`
|
|
531
|
+
${O.green}\u2713${O.reset} Orchestration enabled with tier-default reviewer panel.`);return}let s=await Nw(r),i=[],a=new Set;for(let c=0;c<s;c++){console.log(""),console.log(`${O.bold}Seat ${c}${O.reset}`);let l=xw.filter(p=>!a.has(p)),d=await vp(r,"Role:",l),u=await vp(r,"Agent:",t);i.push({seatId:c,role:d,agent:u}),a.add(d)}await e.updateReviewerPolicy({orchestrationEnabledDefault:!0,reviewerSeats:i}),console.log(""),console.log(`${O.green}\u2713${O.reset} Orchestration enabled with custom panel:`);for(let c of i)console.log(` Seat ${c.seatId}: ${c.role.toLowerCase()} \u2192 ${c.agent.toLowerCase()}`)}finally{r.close()}}function nc(t,e){return new Promise(r=>t.question(e,n=>r(n.trim())))}async function kp(t,e,r){let o=(await nc(t,e+(r?" [Y/n] ":" [y/N] "))).toLowerCase();return o?o.startsWith("y"):r}async function Nw(t){for(;;){let e=await nc(t,"How many seats (2 for Pro, 3 for Max)? "),r=parseInt(e,10);if(r===2||r===3)return r;console.log(`${O.yellow}Enter 2 or 3.${O.reset}`)}}async function vp(t,e,r){for(;;){console.log(e),r.forEach((s,i)=>{console.log(` ${O.cyan}${i+1}${O.reset}. ${s.toLowerCase()}`)});let n=await nc(t,"> "),o=parseInt(n,10)-1;if(o>=0&&o<r.length)return r[o];console.log(`${O.yellow}Enter a number between 1 and ${r.length}.${O.reset}`)}}async function zs(){let t=new Nt;return await t.authenticateWithStoredTokens()||(console.log(""),console.log(`${O.yellow}Not authenticated.${O.reset} Run ${O.bold}codevibe login${O.reset} first.`),process.exit(1)),t}function oc(t){console.log(""),console.log(`${O.bold}Current reviewer policy${O.reset}`),console.log(` Orchestration default: ${Lw(t.orchestrationEnabledDefault)}`),console.log(` Available agents: ${t.availableAgents?.length?t.availableAgents.map(e=>e.toLowerCase()).join(", "):`${O.dim}(not yet detected)${O.reset}`}`),console.log(` Reviewer panel: ${$w(t.reviewerSeats)}`)}function Lw(t){return t===!0?`${O.green}enabled${O.reset}`:t===!1?`${O.yellow}disabled${O.reset}`:`${O.dim}(unset \u2014 defaults to disabled)${O.reset}`}function $w(t){return!t||t.length===0?`${O.dim}tier defaults${O.reset}`:t.map(e=>`Seat ${e.seatId} ${e.role.toLowerCase()}\u2192${e.agent.toLowerCase()}`).join(", ")}var bp,O,xw,Sp=N(()=>{"use strict";bp=S(require("readline"));Ss();po();ko();wp();O={reset:"\x1B[0m",bold:"\x1B[1m",dim:"\x1B[2m",green:"\x1B[32m",yellow:"\x1B[33m",purple:"\x1B[35m",cyan:"\x1B[36m"},xw=["ARCHITECTURE","CORRECTNESS","SECURITY","ACCURACY","CLARITY","COMPLETENESS","ARCHITECTURE_AND_ACCURACY","CORRECTNESS_AND_CLARITY","SECURITY_AND_COMPLETENESS"]});function _o(t){return!Number.isInteger(t)||t<1||t>bn.length?null:bn[t-1].kind}var qs,bn,Js,Rp=N(()=>{"use strict";qs="orchestration_escalated_gate",bn=[{number:"1",label:"Accept",kind:"accept"},{number:"2",label:"Reject (restart proposal)",kind:"reject_restart"},{number:"3",label:"Abort task",kind:"abort_task"}];Js=_o});var Ep={};Me(Ep,{V1_ORCHESTRATION_OPTIONS:()=>bn,V1_ORCHESTRATION_PROMPT_KIND:()=>qs,applyPerSessionOrchestrationOverride:()=>Cs,detectInstalledAgents:()=>Le,mapOptionNumberToUserDecisionKind:()=>_o,mapOptionToUserDecisionKind:()=>Js,pushDetectedAgents:()=>Ps,runOrchestrationCli:()=>js});var Ys=N(()=>{"use strict";ko();Sp();Rp()});var SE,Ng=N(()=>{"use strict";SE=require("json-freeze")});var uT={};Me(uT,{AgentType:()=>lu,AppSyncClient:()=>Nt,AppSyncGraphQLError:()=>Xt,AuditKeys:()=>kc,AuthService:()=>on,Continuation:()=>sl,CredentialBroker:()=>Mc,CryptoError:()=>Ot,CryptoService:()=>Zr,DeliveryStatus:()=>tu,ENCRYPTION_VERSION:()=>en,EventSource:()=>Fa,EventType:()=>hs,KeychainError:()=>Dt,KeychainManager:()=>br,Logger:()=>hr,PORT_RANGE_SIZE:()=>nn,PRIMARY_PORT:()=>rn,Planner:()=>ol,Reviewer:()=>tc,ReviewerRole:()=>uo,SessionStatus:()=>ws,StructuralSummary:()=>pl,Substrate:()=>Ic,SubstrateLaunch:()=>Hc,TierError:()=>Qn,V1_ORCHESTRATION_OPTIONS:()=>bn,V1_ORCHESTRATION_PROMPT_KIND:()=>qs,_resetPrepareEventTimestampForTesting:()=>pc,applyPerSessionOrchestrationOverride:()=>Cs,authService:()=>Lt,bindOAuthServer:()=>mo,createLogger:()=>Ia,createShellEventEmitter:()=>ns,cryptoService:()=>Z,detectInstalledAgents:()=>Le,emitShellEvent:()=>sa,errorWasBeaconed:()=>so,fireAuthCompletedBeacon:()=>oo,fireAuthFailedBeacon:()=>Fe,getConfig:()=>ue,getEnvironment:()=>Ye,getErrorReason:()=>Ca,keychainManager:()=>C,loadConfig:()=>ps,logger:()=>m,mapOptionNumberToUserDecisionKind:()=>_o,mapOptionToUserDecisionKind:()=>Js,markErrorBeaconed:()=>tt,mutations:()=>oe,normalizeSnapshot:()=>ac,parseInteractivePrompt:()=>_p,pickMode:()=>vd,prepareEventTimestamp:()=>uc,prepareSessionEncryption:()=>Zs,processMarkers:()=>Hr,pushDetectedAgents:()=>Ps,queries:()=>we,registerDeviceEncryptionKey:()=>To,rekeySessionForNewDevices:()=>Cr,resumeOrCreateSession:()=>lc,runAuthCli:()=>Qs,runCompanionMode:()=>Vh,runOrchestrationCli:()=>js,runOrchestrationShell:()=>gh,startDeviceKeyWatcher:()=>dc,subscriptions:()=>Mt,withRoleMarker:()=>Vl});module.exports=Td(uT);nt();wt();Ss();Ss();var mu=S(require("crypto")),fu=S(require("fs")),gu=S(require("http")),hu=require("child_process");Qt();nt();H();Ga();Xr();var rn=8080,nn=20,Ka="/callback";async function mo(t){let e=null;for(let r=0;r<nn;r++){let n=rn+r;try{let o=await new Promise((s,i)=>{let a=gu.createServer(t),c=d=>{a.removeListener("listening",l),i(d)},l=()=>{a.removeListener("error",c),a.on("error",d=>{m.error("[AuthService] OAuth server post-bind error",{port:n,code:d?.code,message:d?.message})}),s(a)};a.once("error",c),a.once("listening",l),a.listen(n,"localhost")});return m.info(`[AuthService] OAuth server bound on port ${n} (attempt ${r+1}/${nn})`),{server:o,port:n}}catch(o){if(e=o,o?.code==="EADDRINUSE")continue;throw o}}throw Object.assign(new Error(`All ports ${rn}-${rn+nn-1} are in use. Free at least one for OAuth callback or quit a conflicting service (common collisions: Vite, Webpack, Spring Boot, Docker exposed ports). Underlying: ${e?.message??"EADDRINUSE"}`),{code:"EADDRINUSE_ALL"})}var on=class t{constructor(){}static getInstance(){return t.instance||(t.instance=new t),t.instance}openBrowser(e){console.error(""),console.error("Opening your browser for sign-in..."),this.isRunningInWSL()?console.error("If your browser does not open, paste this URL in your Windows browser:"):console.error("If your browser does not open automatically, visit this URL:"),console.error(` ${e}`),console.error("");let r=this.getBrowserCommands();this.tryBrowserCommand(r,e,0)}getBrowserCommands(){let e=process.platform;if(e==="darwin")return[{cmd:"open",fixedArgs:[]}];if(e==="win32")return[{cmd:"cmd",fixedArgs:["/c","start",""]}];let r=[];return this.isRunningInWSL()&&(r.push({cmd:"wslview",fixedArgs:[]}),r.push({cmd:"cmd.exe",fixedArgs:["/c","start",""]}),r.push({cmd:"powershell.exe",fixedArgs:["-NoProfile","-Command","Start-Process"]})),r.push({cmd:"xdg-open",fixedArgs:[]}),r}isRunningInWSL(){if(process.platform!=="linux")return!1;try{let e=fu.readFileSync("/proc/sys/kernel/osrelease","utf8");return/microsoft|wsl/i.test(e)}catch{return!1}}tryBrowserCommand(e,r,n){if(n>=e.length){m.debug("[AuthService] No browser-opening command succeeded. User must open the sign-in URL manually (printed to stderr above)."),console.error(""),console.error("\u26A0\uFE0F Could not open browser automatically."),this.isRunningInWSL()?console.error(" WSL detected \u2014 paste this URL in your Windows browser:"):console.error(" Please copy and paste this URL into your browser:"),console.error(` ${r}`),console.error("");return}let o=e[n],s=[...o.fixedArgs,r],i=!1,a=u=>{i||(i=!0,m.debug(`[AuthService] Browser command '${o.cmd}' ${u}; trying next fallback`),this.tryBrowserCommand(e,r,n+1))},c=u=>{i||(i=!0,m.debug(`[AuthService] Browser command '${o.cmd}' ${u}`))},l;try{l=(0,hu.spawn)(o.cmd,s,{detached:!0,stdio:"ignore"})}catch(u){a(`threw synchronously: ${u?.message||u}`);return}l.on("error",u=>{a(`failed to spawn: ${u?.message||u}`)}),l.on("exit",(u,p)=>{u===0?c("exited successfully"):a(p?`terminated by signal ${p}`:`exited with code ${u}`)}),setTimeout(()=>{c("still running after 3s, assuming success")},3e3).unref(),l.unref()}generateState(){return mu.randomBytes(32).toString("hex")}buildAuthUrl(e,r){let n=ue(),o=new URLSearchParams({client_id:n.aws.cognitoClientId,response_type:"code",scope:"email openid profile",redirect_uri:r,state:e});return`https://${n.aws.cognitoDomain}/oauth2/authorize?${o.toString()}`}async exchangeCodeForTokens(e,r){let n=ue(),o=`https://${n.aws.cognitoDomain}/oauth2/token`,s=new URLSearchParams({grant_type:"authorization_code",client_id:n.aws.cognitoClientId,code:e,redirect_uri:r}),i;try{i=await tn(o,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:s.toString()},"Token exchange")}catch(c){throw await Fe("token_exchange_network_error"),tt(c,"token_exchange_network_error"),c}if(!i.ok){let c=await i.text(),l=new Error(`Token exchange failed: ${i.status} ${c}`);throw await Fe("token_exchange_failed",{httpStatus:i.status}),tt(l,"token_exchange_failed"),l}let a=await i.json();return{accessToken:a.access_token,idToken:a.id_token,refreshToken:a.refresh_token,expiresIn:a.expires_in}}decodeJwt(e){let r=e.split(".");if(r.length!==3)throw new Error("Invalid JWT");return JSON.parse(Buffer.from(r[1],"base64").toString("utf-8"))}async refreshTokens(e){let r=ue(),n=`https://${r.aws.cognitoDomain}/oauth2/token`,o=new URLSearchParams({grant_type:"refresh_token",client_id:r.aws.cognitoClientId,refresh_token:e}),s=await tn(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:o.toString()},"Token refresh");if(!s.ok)throw new Error(`Token refresh failed: ${s.status}`);let i=await s.json();return{accessToken:i.access_token,idToken:i.id_token,expiresIn:i.expires_in}}async login(){let e=await C.getTokens(Ye());if(e&&!C.isTokenExpired(e))return e;let r=this.generateState();return new Promise((n,o)=>{let s={},i=null,a=!1,c=!1,l=p=>{p.closeAllConnections?.()},d=p=>{if(a)return;a=!0,i&&(clearTimeout(i),i=null);let f=s.server;f?(l(f),f.close(()=>n(p))):n(p)},u=p=>{if(a)return;a=!0,i&&(clearTimeout(i),i=null);let f=s.server;f?(l(f),f.close(()=>o(p))):o(p)};(async()=>{let p;try{p=await mo(async(h,y)=>{if(c||a){y.writeHead(200,{Connection:"close"}),y.end();return}let w=`http://localhost:${h.socket?.localPort??p.port}${Ka}`,R=new URL(h.url||"",w);if(R.pathname!==Ka){y.writeHead(404,{Connection:"close"}),y.end("Not found");return}try{let b=R.searchParams.get("code"),E=R.searchParams.get("state"),A=R.searchParams.get("error");if(A){let x=new Error(`OAuth error: ${A}`);throw await Fe("cognito_rejected"),tt(x,"cognito_rejected"),x}if(E!==r){let x=new Error("State mismatch");throw await Fe("state_mismatch"),tt(x,"state_mismatch"),x}if(!b){let x=new Error("No authorization code");throw await Fe("no_authorization_code"),tt(x,"no_authorization_code"),x}c=!0;let _=await this.exchangeCodeForTokens(b,w),B=this.decodeJwt(_.idToken),W={accessToken:_.accessToken,idToken:_.idToken,refreshToken:_.refreshToken,expiresAt:Date.now()+_.expiresIn*1e3,userId:B.sub,email:B.email||"unknown"};try{await C.setTokens(W,Ye())}catch(x){throw await Fe("keychain_write_failed",{errorFragment:x?.message?String(x.message):String(x)}),tt(x,"keychain_write_failed"),x}y.writeHead(200,{"Content-Type":"text/html; charset=utf-8",Connection:"close"}),y.end(`
|
|
532
532
|
<!DOCTYPE html>
|
|
533
533
|
<html>
|
|
534
534
|
<head><title>Success</title></head>
|
|
@@ -732,7 +732,7 @@ ${Hl(o,i)}`}}catch(o){return oa(o)}}xs();wt();nt();H();var yg=S(require("fs/prom
|
|
|
732
732
|
`))}var Ig="Upgrade to Max at https://quantiya.ai/codevibe to access the audit browser.";async function vE(t){if(t.resolveTierFn)return t.resolveTierFn();if(t.tier)return t.tier;try{return(await t.appsyncClient.getSubscriptionStatus()).tier}catch(e){return m.warn("[audit-browser] getSubscriptionStatus failed \u2014 failing the Max gate closed",{error:e?.message}),"FREE"}}async function ed(t){if(await vE(t)!=="MAX")return{kind:"gated",headline:Yl,upgradeHint:Ig};let r;try{r=(await t.appsyncClient.queryAudit({taskId:t.taskId,sessionId:t.sessionId})).rows}catch(a){let c=a?.message??String(a);return m.warn("[audit-browser] queryAudit failed",{reason:c}),{kind:"error",line:Jl,reason:c}}let n=t.getSessionKeyFn??(a=>C.getSessionKey(a)),o=null;try{o=await n(t.sessionId)}catch(a){o=null,m.warn("[audit-browser] session-key resolve threw",{sessionId:t.sessionId,error:a?.message})}let s=t.decryptFn??((a,c)=>Z.decryptContent(a,c));return{kind:"ok",model:Xl(r,o,s)}}function td(t){switch(t.kind){case"gated":return`${t.headline}
|
|
733
733
|
${t.upgradeHint}`;case"error":return`${t.line}
|
|
734
734
|
(reason: ${t.reason})`;case"ok":return Zl(t.model)}}var qg=require("node:child_process"),Jg=require("node:util"),_A=require("uuid"),TA=require("ulid");var Pg=S(require("node:os")),Cg=S(require("node:path")),Og=require("uuid"),xg=/^[A-Za-z0-9][A-Za-z0-9_.:/-]*$/;function Dg(t=process.env){let e=t.CODEVIBE_AGY_MODEL;if(e===void 0||e==="")return null;if(!xg.test(e))throw new Error(`CODEVIBE_AGY_MODEL is invalid (${JSON.stringify(e)}) \u2014 must match ${String(xg)} (no whitespace, no leading hyphen). Valid values come from \`agy models\`.`);return e}var Mg="3600s";function bE(t){let e=Dg();return["agy","--print","",...t==="plan"?["--sandbox"]:["--dangerously-skip-permissions"],...e!==null?["--model",e]:[],"--print-timeout",Mg,"--add-dir"]}function ia(t){return[`You are working in the directory \`${t}\` (added to your workspace`,`via --add-dir). Create and edit files under \`${t}\` using ABSOLUTE`,"paths. Do NOT use a relative 'current directory' \u2014 your process cwd is","NOT the workspace.",""].join(`
|
|
735
|
-
`)}function aa(t,e,r){switch(t){case"CLAUDE":return{argv:["claude","--print","--output-format","json","--allowed-tools",e==="plan"?"Read,Grep,Glob":"Read,Grep,Glob,Edit,Write,Bash"],capture:{kind:"stdout"}};case"CODEX":{let n=e==="plan"?"read-only":"workspace-write",o=Cg.default.join(Pg.default.tmpdir(),`quorum-impl-codex-${process.pid}-${(0,Og.v4)()}.txt`);return{argv:["codex","exec","--sandbox",n,"--skip-git-repo-check","--color","never","--json","--ephemeral","--output-last-message",o,"-"],capture:{kind:"file",path:o}}}case"GEMINI":return{argv:["gemini","-p","","--approval-mode",e==="plan"?"plan":"auto_edit","--output-format","json"],capture:{kind:"stdout"}};case"ANTIGRAVITY":{if(r===void 0||r.length===0)throw new Error("buildImplementorArgv: ANTIGRAVITY requires an absolute workdir (agy is workspace-centric \u2014 --add-dir is its only view of the tree); the call site must thread it (AGY-2.0 D3)");return{argv:[...bE(e),r],capture:{kind:"stdout"}}}default:{let n=t;throw new Error(`buildImplementorArgv: unknown agent ${String(n)}`)}}}Ng();var AE=require("ulid");var RE=require("json-freeze");H();var _E=1440*60*1e3;H();var nd=require("node:child_process");var $g=require("node:util");var
|
|
735
|
+
`)}function aa(t,e,r){switch(t){case"CLAUDE":return{argv:["claude","--print","--output-format","json","--allowed-tools",e==="plan"?"Read,Grep,Glob":"Read,Grep,Glob,Edit,Write,Bash"],capture:{kind:"stdout"}};case"CODEX":{let n=e==="plan"?"read-only":"workspace-write",o=Cg.default.join(Pg.default.tmpdir(),`quorum-impl-codex-${process.pid}-${(0,Og.v4)()}.txt`);return{argv:["codex","exec","--sandbox",n,"--skip-git-repo-check","--color","never","--json","--ephemeral","--output-last-message",o,"-"],capture:{kind:"file",path:o}}}case"GEMINI":return{argv:["gemini","-p","","--approval-mode",e==="plan"?"plan":"auto_edit","--output-format","json"],capture:{kind:"stdout"}};case"ANTIGRAVITY":{if(r===void 0||r.length===0)throw new Error("buildImplementorArgv: ANTIGRAVITY requires an absolute workdir (agy is workspace-centric \u2014 --add-dir is its only view of the tree); the call site must thread it (AGY-2.0 D3)");return{argv:[...bE(e),r],capture:{kind:"stdout"}}}default:{let n=t;throw new Error(`buildImplementorArgv: unknown agent ${String(n)}`)}}}Ng();var AE=require("ulid");var RE=require("json-freeze");H();var _E=1440*60*1e3;H();var nd=require("node:child_process");var $g=require("node:util");var dL=Promise.resolve();H();var gL=(0,$g.promisify)(nd.execFile),hL=64*1024*1024;H();H();var j$=256*1024;var Hg=S(require("node:path"));var J$=Hg.join("scripts","deploy-preflight.sh");var Wg=S(require("node:path"));var eB=Wg.join("scripts","hostile-grep.sh");var Vg=S(require("node:path"));var sB=Vg.join("scripts","source-traceability.sh");var vB=Object.freeze({exitCode:0,stdout:"",stderr:"",durationMs:0});H();var vA=2880*60*1e3;H();H();wt();var ad=require("node:child_process");var jg=require("node:util"),AA=require("uuid");H();var FU=(0,jg.promisify)(ad.execFile);var GU=1440*60*1e3;xr();Kt();Eo();Ks();Ro();rr();H();var EK=1440*60*1e3,AK=(0,Jg.promisify)(qg.execFile);var zg={reauthorize_locally:"Re-authorize the task locally to retry.",abort_task:"This task has been aborted.",retry_after_resync:"Retry after the session re-syncs.",ask_user:"Review the request and try again."};function Yg(t){let e=zg[t.recommendedRecovery]??zg.ask_user;return`Task rejected by hosted policy (${t.category}). ${e}`}function ca(t,e){let r=t.filter(o=>o==="CLAUDE"||o==="CODEX"||o==="GEMINI"||o==="ANTIGRAVITY"),n=r.includes("CLAUDE")?"CLAUDE":r[0]??"CLAUDE";return e?r.includes(e)?{agent:e,note:null}:{agent:n,note:`${e} is not installed on this host \u2014 using ${n} instead.`}:{agent:n,note:null}}var _K=7*1024;var TK=300*1e3,IK=600*1e3;var xK=180*1e3,PK=600*1e3;var CK=512*1024;var OK=["You are the CodeVibe implementor. Produce the deliverable the task below asks","for by editing and creating files in your working directory:",""," - If the task asks for code, implement the code (create/edit the files)."," - If the task asks for a plan or design, WRITE the requested plan/design as"," a markdown file in your working directory (e.g. plan.md / design.md).","","Do the actual work and write the real artifact to disk in your working","directory. Do NOT just describe what you would do, and do NOT emit an","in-memory proposal \u2014 the changes you write to disk ARE the deliverable; a","reviewer quorum then evaluates the actual diff and the user approves it before","it is applied to the real workspace.","","When you are done, emit a short summary of what you changed and why.","","---","","TASK:"].join(`
|
|
736
736
|
`);var cd=require("node:fs"),le=require("zod");H();Eo();var ld=["CLAUDE","CODEX","GEMINI","ANTIGRAVITY"],IA=le.z.object({path:le.z.string(),access:le.z.enum(["write","read"])}),xA=le.z.object({write_paths:le.z.array(le.z.string()),shared_contracts:le.z.array(IA),test_surfaces:le.z.array(le.z.string()),auto_modified_files:le.z.array(le.z.string())}),PA=le.z.preprocess(t=>typeof t=="string"?t.toUpperCase():t,le.z.enum(ld)),CA=le.z.object({ownershipScope:xA,implementorAgent:PA,isSharedTestOwner:le.z.boolean(),description:le.z.string()}),OA=le.z.discriminatedUnion("decompose",[le.z.object({decompose:le.z.literal(!0),workItems:le.z.array(CA).min(2)}),le.z.object({decompose:le.z.literal(!1),reason:le.z.string()})]);async function DA(t,e,r,n){try{if(t.capture.kind==="file"){let s=t.capture.path,i="";try{i=await cd.promises.readFile(s,"utf8")}finally{await cd.promises.unlink(s).catch(()=>{})}return i}let o=e.stdout();return r==="GEMINI"?Bs(o)?.response??"":o}catch(o){return m.warn("[team-decompose] readImplementorFinalMessage failed",{agent:r,exitCode:n,error:o?.message}),""}}var MA={CLAUDE:"TypeScript/TUI",CODEX:"Rust/backend",GEMINI:"docs/CSS",ANTIGRAVITY:"general/overflow"};function NA(t,e){let r=e.filter(s=>ld.includes(s)),n=r.map(s=>`- ${s} \u2192 ${MA[s]}`).join(`
|
|
737
737
|
`),o=r.join(", ");return["You are a software architect decomposing a task into a parallel AGENT TEAM.","","## Task to decompose",t,"","## Available implementor agents (with their strengths)",n,"","## Instructions","Read the repository in the working directory. Decompose the task into N\u22652","parallelizable work items with DISJOINT ownership. For EACH item emit:"," - `ownershipScope`: { `write_paths`: string[], `shared_contracts`:"," [{ `path`: string, `access`: 'write' | 'read' }], `test_surfaces`: string[],"," `auto_modified_files`: string[] }",` - \`implementorAgent\`: one of [${o}] (UPPERCASE) \u2014 pick the best fit by strength`," - `isSharedTestOwner`: boolean (exactly ONE item owns a shared test surface)"," - `description`: a one-paragraph brief for that work item","","Different items' `write_paths` MUST NOT overlap. A shared interface goes in","`shared_contracts` with EXACTLY ONE `access:'write'` owner; the others","reference it `access:'read'`.","","CRITICAL OWNERSHIP INVARIANT \u2014 each item's `description` must ONLY require","writing files listed in THAT SAME item's `write_paths` \u222A `test_surfaces`. If","two parts of the task modify the SAME file, they are NOT disjoint: put BOTH in","ONE work item that owns that file \u2014 do NOT split same-file work across two","items. NEVER author a `description` that tells an item to modify a file that a","DIFFERENT item owns (or that this item does not list in its own `write_paths`):","that write is REJECTED (`out_of_scope_write`) and HALTS the whole team. When the","request describes multiple edits to one file, that is a SINGLE file-aligned work","item \u2014 or, if you cannot find \u22652 disjoint file-aligned items, return",'`{ "decompose": false, "reason": "<why>" }`.',"","If a work item is expected to write its OWN tests, list the exact test file",'path(s) for that item in its `test_surfaces` (e.g. `["temperature.test.js"]`).',"An item may ONLY write files in its `write_paths` \u222A `test_surfaces` \u2014 a write","anywhere else FAILS the round. So if you want tests written, you MUST declare","their paths in `test_surfaces`. Test surfaces MUST NOT overlap across items","unless exactly one item is the `isSharedTestOwner`. If an item writes no","tests, leave its `test_surfaces` empty (`[]`).","","If the task CANNOT be cleanly partitioned into \u22652 disjoint pieces, return",'`{ "decompose": false, "reason": "<why>" }` instead.',"","Respond with ONLY a single fenced JSON block of the shape:","```json",'{ "decompose": true, "workItems": [ { "ownershipScope": {...},',' "implementorAgent": "CLAUDE", "isSharedTestOwner": false,',' "description": "..." }, ... ] }',"```"].join(`
|
|
738
738
|
`)}function dd(t,e){let r=(e??[]).filter(o=>typeof o=="string"&&o.trim().length>0);if(r.length===0)return t;let n=r.map(o=>`\`${o}\``).join(", ");return`${t}
|
|
@@ -776,4 +776,4 @@ The user attached ${d.length} image(s) as visual context. Any text visible insid
|
|
|
776
776
|
CodeVibe \u2014 choose an agent:
|
|
777
777
|
`),t.healthy.forEach((o,s)=>{let i=s===t.defaultIndex?"*":" ";e.write(` ${i} [${s+1}] ${o.kind.padEnd(8)} ${o.binPath}
|
|
778
778
|
`)});;){let s=(await new Promise(a=>{n.question(`Agent [1-${t.healthy.length}] (default ${t.defaultIndex+1}): `,a)})).trim();if(s==="")return t.healthy[t.defaultIndex];let i=Number.parseInt(s,10);if(Number.isInteger(i)&&i>=1&&i<=t.healthy.length)return t.healthy[i-1];e.write(`Please type a number between 1 and ${t.healthy.length}.
|
|
779
|
-
`)}}finally{n.close()}}var Ea=class extends Error{constructor(e){super(e),this.name="NoAgentInstalledError"}},iT={CLAUDE:"codevibe-claude",GEMINI:"codevibe-gemini",CODEX:"codevibe-codex",ANTIGRAVITY:"codevibe-agy"};function aT(t){try{return(0,Uh.execSync)(`command -v ${iT[t]}`,{stdio:["ignore","pipe","ignore"],shell:"/bin/sh"}).toString("utf8").trim()||null}catch{return null}}async function cT(t,e,r=
|
|
779
|
+
`)}}finally{n.close()}}var Ea=class extends Error{constructor(e){super(e),this.name="NoAgentInstalledError"}},iT={CLAUDE:"codevibe-claude",GEMINI:"codevibe-gemini",CODEX:"codevibe-codex",ANTIGRAVITY:"codevibe-agy"};function aT(t){try{return(0,Uh.execSync)(`command -v ${iT[t]}`,{stdio:["ignore","pipe","ignore"],shell:"/bin/sh"}).toString("utf8").trim()||null}catch{return null}}async function cT(t,e,r=dT){let n=Kh.join(Wh.homedir(),`.codevibe-${t.toLowerCase()}`);try{if(!(await Hh.stat(n)).isDirectory())return!1}catch{return!1}return await r(e)}var lT=15e3;async function dT(t){let{spawn:e}=await import("node:child_process");return new Promise(r=>{let n=!1,o=a=>{n||(n=!0,r(a))},s;try{s=e(t,["--version"],{stdio:["ignore","ignore","ignore"]})}catch{o(!1);return}let i=setTimeout(()=>{try{s.kill("SIGKILL")}catch{}o(!1)},lT);s.once("exit",a=>{clearTimeout(i),o(a===0)}),s.once("error",()=>{clearTimeout(i),o(!1)})})}async function Vh(t){t.forgetAgent&&await $h();let e=t.detect??Le,r=t.resolveBinPath??aT,n=e(),s=(await Promise.all(n.map(async u=>{let p=r(u);if(!p)return null;let f=await cT(u,p,t.versionProbe);return{kind:u,binPath:p,healthy:f}}))).filter(u=>u!==null).filter(u=>u.healthy);if(s.length===0)throw new Ea("No CodeVibe-aware agent wrapper found. Install at quantiya.ai/codevibe.");let i=await Nh(),a=Dh({healthy:s,flag:t.agent,preferred:i?.lastAgent});if(a.flagMissing)throw new Ea(`Agent ${a.flagMissing.requested} not found among CodeVibe-aware wrappers.`);let c;if(a.agent)c=a.agent;else if(a.needsPicker)c=await Fh({healthy:a.needsPicker.healthy,defaultIndex:a.needsPicker.defaultIndex});else throw new Error("Internal error: resolveAgent returned neither agent nor picker");if(await Lh({lastAgent:c.kind,lastUsedAt:new Date().toISOString()}).catch(u=>{m.warn("[companion-mode] persistCompanionPreference failed (non-fatal)",{error:u.message})}),t.emitter&&t.session)try{await t.emitter({sessionId:t.session.sessionId,type:"MODE_SELECTED",source:"DESKTOP",isEncrypted:!0,metadata:{mode:"companion",agent:c.kind}})}catch(u){m.warn("[companion-mode] MODE_SELECTED emit failed (non-fatal)",{error:u.message})}let l=Hr();for(let[u,p]of Object.entries(l))process.env[u]=p;(t.execFile??Gh.execFileSync)(c.binPath,t.passthrough,{stdio:"inherit"})}0&&(module.exports={AgentType,AppSyncClient,AppSyncGraphQLError,AuditKeys,AuthService,Continuation,CredentialBroker,CryptoError,CryptoService,DeliveryStatus,ENCRYPTION_VERSION,EventSource,EventType,KeychainError,KeychainManager,Logger,PORT_RANGE_SIZE,PRIMARY_PORT,Planner,Reviewer,ReviewerRole,SessionStatus,StructuralSummary,Substrate,SubstrateLaunch,TierError,V1_ORCHESTRATION_OPTIONS,V1_ORCHESTRATION_PROMPT_KIND,_resetPrepareEventTimestampForTesting,applyPerSessionOrchestrationOverride,authService,bindOAuthServer,createLogger,createShellEventEmitter,cryptoService,detectInstalledAgents,emitShellEvent,errorWasBeaconed,fireAuthCompletedBeacon,fireAuthFailedBeacon,getConfig,getEnvironment,getErrorReason,keychainManager,loadConfig,logger,mapOptionNumberToUserDecisionKind,mapOptionToUserDecisionKind,markErrorBeaconed,mutations,normalizeSnapshot,parseInteractivePrompt,pickMode,prepareEventTimestamp,prepareSessionEncryption,processMarkers,pushDetectedAgents,queries,registerDeviceEncryptionKey,rekeySessionForNewDevices,resumeOrCreateSession,runAuthCli,runCompanionMode,runOrchestrationCli,runOrchestrationShell,startDeviceKeyWatcher,subscriptions,withRoleMarker});
|
|
@@ -17,9 +17,9 @@ export interface RunAuditBrowserDeps {
|
|
|
17
17
|
/** The session the task belongs to (the `queryAudit` 2-arg shape needs it). */
|
|
18
18
|
sessionId: string;
|
|
19
19
|
/**
|
|
20
|
-
* The effective tier. When provided (the CLI passes `
|
|
21
|
-
* it is authoritative (honors `CODEVIBE_TIER`). When omitted,
|
|
22
|
-
* `getSubscriptionStatus().tier` from the backend.
|
|
20
|
+
* The effective tier. When provided (the CLI passes the `CODEVIBE_TIER` env
|
|
21
|
+
* value inline), it is authoritative (honors `CODEVIBE_TIER`). When omitted,
|
|
22
|
+
* the runner reads `getSubscriptionStatus().tier` from the backend.
|
|
23
23
|
*/
|
|
24
24
|
tier?: Tier;
|
|
25
25
|
/** Test seam — defaults to `cryptoService.decryptContent`. */
|
|
@@ -1031,7 +1031,7 @@ async function defaultVersionProbe(binPath) {
|
|
|
1031
1031
|
} catch {
|
|
1032
1032
|
}
|
|
1033
1033
|
settle(false);
|
|
1034
|
-
},
|
|
1034
|
+
}, AGENT_VERSION_PROBE_TIMEOUT_MS);
|
|
1035
1035
|
child.once("exit", (code) => {
|
|
1036
1036
|
clearTimeout(timer);
|
|
1037
1037
|
settle(code === 0);
|
|
@@ -1049,13 +1049,18 @@ async function runCompanionMode(args) {
|
|
|
1049
1049
|
const detectFn = args.detect ?? detectInstalledAgents;
|
|
1050
1050
|
const resolveBin = args.resolveBinPath ?? defaultResolveBinPath;
|
|
1051
1051
|
const installedKinds = detectFn();
|
|
1052
|
-
const detected =
|
|
1053
|
-
|
|
1054
|
-
|
|
1055
|
-
|
|
1056
|
-
|
|
1057
|
-
|
|
1058
|
-
|
|
1052
|
+
const detected = (await Promise.all(
|
|
1053
|
+
installedKinds.map(async (kind) => {
|
|
1054
|
+
const binPath = resolveBin(kind);
|
|
1055
|
+
if (!binPath) return null;
|
|
1056
|
+
const wrapper = await isCodevibeWrapper(
|
|
1057
|
+
kind,
|
|
1058
|
+
binPath,
|
|
1059
|
+
args.versionProbe
|
|
1060
|
+
);
|
|
1061
|
+
return { kind, binPath, healthy: wrapper };
|
|
1062
|
+
})
|
|
1063
|
+
)).filter((d) => d !== null);
|
|
1059
1064
|
const healthy = detected.filter((a) => a.healthy);
|
|
1060
1065
|
if (healthy.length === 0) {
|
|
1061
1066
|
throw new NoAgentInstalledError(
|
|
@@ -1114,7 +1119,7 @@ async function runCompanionMode(args) {
|
|
|
1114
1119
|
const handoff = args.execFile ?? import_child_process7.execFileSync;
|
|
1115
1120
|
handoff(selected.binPath, args.passthrough, { stdio: "inherit" });
|
|
1116
1121
|
}
|
|
1117
|
-
var import_child_process7, import_child_process8, path54, fs45, os32, NoAgentInstalledError, AGENT_BIN;
|
|
1122
|
+
var import_child_process7, import_child_process8, path54, fs45, os32, NoAgentInstalledError, AGENT_BIN, AGENT_VERSION_PROBE_TIMEOUT_MS;
|
|
1118
1123
|
var init_companion_mode = __esm({
|
|
1119
1124
|
"src/companion-mode/index.ts"() {
|
|
1120
1125
|
"use strict";
|
|
@@ -1143,6 +1148,7 @@ var init_companion_mode = __esm({
|
|
|
1143
1148
|
// orchestration's direct `agy` spawns (AGY-2.0 D2).
|
|
1144
1149
|
ANTIGRAVITY: "codevibe-agy"
|
|
1145
1150
|
};
|
|
1151
|
+
AGENT_VERSION_PROBE_TIMEOUT_MS = 15e3;
|
|
1146
1152
|
}
|
|
1147
1153
|
});
|
|
1148
1154
|
|
|
@@ -43010,11 +43016,6 @@ async function resumeOrCreateSession2(appsyncClient, deps) {
|
|
|
43010
43016
|
return { session: buildStubSession(), tier };
|
|
43011
43017
|
}
|
|
43012
43018
|
}
|
|
43013
|
-
function readTierFromEnvOrDefault() {
|
|
43014
|
-
const raw = process.env.CODEVIBE_TIER;
|
|
43015
|
-
if (raw === "FREE" || raw === "PRO" || raw === "MAX") return raw;
|
|
43016
|
-
return "FREE";
|
|
43017
|
-
}
|
|
43018
43019
|
async function runCompanionStub(args, session, emitter) {
|
|
43019
43020
|
const { runCompanionMode: runCompanionMode2 } = (init_companion_mode(), __toCommonJS(companion_mode_exports));
|
|
43020
43021
|
await runCompanionMode2({
|
|
@@ -43300,19 +43301,7 @@ async function main(argv) {
|
|
|
43300
43301
|
printHelp();
|
|
43301
43302
|
return 0;
|
|
43302
43303
|
}
|
|
43303
|
-
let tier = readTierFromEnvOrDefault();
|
|
43304
43304
|
const modeArgs = args.mode ? { mode: args.mode } : {};
|
|
43305
|
-
let mode;
|
|
43306
|
-
try {
|
|
43307
|
-
mode = await pickMode(modeArgs, tier);
|
|
43308
|
-
} catch (err) {
|
|
43309
|
-
if (err instanceof TierError) {
|
|
43310
|
-
process.stderr.write(`${err.message}
|
|
43311
|
-
`);
|
|
43312
|
-
return 2;
|
|
43313
|
-
}
|
|
43314
|
-
throw err;
|
|
43315
|
-
}
|
|
43316
43305
|
const appsyncClient = new AppSyncClient();
|
|
43317
43306
|
let authenticated = false;
|
|
43318
43307
|
try {
|
|
@@ -43330,7 +43319,18 @@ async function main(argv) {
|
|
|
43330
43319
|
}
|
|
43331
43320
|
const resolved = await resumeOrCreateSession2(appsyncClient);
|
|
43332
43321
|
const session = resolved.session;
|
|
43333
|
-
tier = resolved.tier;
|
|
43322
|
+
const tier = resolved.tier;
|
|
43323
|
+
let mode;
|
|
43324
|
+
try {
|
|
43325
|
+
mode = await pickMode(modeArgs, tier);
|
|
43326
|
+
} catch (err) {
|
|
43327
|
+
if (err instanceof TierError) {
|
|
43328
|
+
process.stderr.write(`${err.message}
|
|
43329
|
+
`);
|
|
43330
|
+
return 2;
|
|
43331
|
+
}
|
|
43332
|
+
throw err;
|
|
43333
|
+
}
|
|
43334
43334
|
const detectedAgents = detectInstalledAgents();
|
|
43335
43335
|
if (authenticated) {
|
|
43336
43336
|
await pushDetectedAgents(
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@quantiya/codevibe-claude-plugin",
|
|
3
|
-
"version": "2.0.
|
|
3
|
+
"version": "2.0.4",
|
|
4
4
|
"description": "Control Claude Code from your iPhone and Android — real-time sync, approve file edits, send prompts by voice. Part of CodeVibe.",
|
|
5
5
|
"main": "dist/server.js",
|
|
6
6
|
"bin": {
|
|
@@ -47,7 +47,7 @@
|
|
|
47
47
|
"node": ">=18.0.0"
|
|
48
48
|
},
|
|
49
49
|
"dependencies": {
|
|
50
|
-
"@quantiya/codevibe-core": "2.0.
|
|
50
|
+
"@quantiya/codevibe-core": "2.0.4",
|
|
51
51
|
"@quantiya/quorum-core": "^1.0.1",
|
|
52
52
|
"dotenv": "^16.6.1",
|
|
53
53
|
"express": "^5.1.0",
|