@thevinci/web 1.0.0

package/server/lib/opencode/proxy.js

@@ -0,0 +1,445 @@
+import { createProxyMiddleware } from 'http-proxy-middleware';
+
+import {
+  applyForwardProxyResponseHeaders,
+  collectForwardProxyHeaders,
+  shouldForwardProxyResponseHeader,
+} from '../../proxy-headers.js';
+
+export const waitForSseDrain = (res, signal) => new Promise((resolve) => {
+  if (signal?.aborted || res.writableEnded || res.destroyed) {
+    resolve();
+    return;
+  }
+
+  const cleanup = () => {
+    res.off?.('drain', onDone);
+    res.off?.('close', onDone);
+    res.off?.('error', onDone);
+    signal?.removeEventListener?.('abort', onDone);
+  };
+  const onDone = () => {
+    cleanup();
+    resolve();
+  };
+
+  res.once?.('drain', onDone);
+  res.once?.('close', onDone);
+  res.once?.('error', onDone);
+  signal?.addEventListener?.('abort', onDone, { once: true });
+});
+
+export const writeSseChunkWithBackpressure = async (res, value, signal) => {
+  if (!value || value.length === 0 || signal?.aborted || res.writableEnded || res.destroyed) {
+    return false;
+  }
+
+  const flushed = res.write(value);
+  if (flushed !== false) {
+    return true;
+  }
+
+  await waitForSseDrain(res, signal);
+  return !signal?.aborted && !res.writableEnded && !res.destroyed;
+};
+
+export const createSseBoundaryTracker = () => {
+  const decoder = new TextDecoder();
+  let tail = '';
+
+  const normalize = (value) => value.replace(/\r\n/g, '\n').replace(/\r/g, '\n');
+
+  return {
+    observe(value) {
+      const text = typeof value === 'string'
+        ? value
+        : decoder.decode(value, { stream: true });
+      if (text.length > 0) {
+        tail = `${tail}${normalize(text)}`;
+        if (tail.length > 4096) {
+          tail = tail.slice(-4096);
+        }
+      }
+      return this.isAtBoundary();
+    },
+    isAtBoundary() {
+      return tail.length === 0 || tail.endsWith('\n\n');
+    },
+  };
+};
+
+export const registerOpenCodeProxy = (app, deps) => {
+  const {
+    fs,
+    os,
+    path,
+    OPEN_CODE_READY_GRACE_MS,
+    getRuntime,
+    getOpenCodeAuthHeaders,
+    buildOpenCodeUrl,
+    ensureOpenCodeApiPrefix,
+  } = deps;
+
+  if (app.get('opencodeProxyConfigured')) {
+    return;
+  }
+
+  const runtime = getRuntime();
+  if (runtime.openCodePort) {
+    console.log(`[proxy] Setting up proxy to OpenCode on port ${runtime.openCodePort}`);
+  } else {
+    console.log('[proxy] Setting up OpenCode API gate (OpenCode not started yet)');
+  }
+  console.log('[proxy] Runtime state:', JSON.stringify({
+    openCodePort: runtime.openCodePort,
+    openCodeBaseUrl: runtime.openCodeBaseUrl,
+    isOpenCodeReady: runtime.isOpenCodeReady,
+  }));
+  app.set('opencodeProxyConfigured', true);
+
+  const isAbortError = (error) => error?.name === 'AbortError';
+  const FALLBACK_PROXY_TARGET = 'http://127.0.0.1:3902';
+
+  const normalizeProxyTarget = (candidate) => {
+    if (typeof candidate !== 'string') {
+      return null;
+    }
+
+    const trimmed = candidate.trim();
+    if (!trimmed) {
+      return null;
+    }
+
+    return trimmed.replace(/\/+$/, '');
+  };
+
+  // Keep generic proxy requests on the same upstream base URL that health checks
+  // and direct fetch helpers use. This avoids split-brain state where /health
+  // succeeds against an external host but /api/* still proxies to 127.0.0.1.
+  const resolveProxyTarget = () => {
+    try {
+      const resolved = normalizeProxyTarget(buildOpenCodeUrl('/', ''));
+      if (resolved) {
+        return resolved;
+      }
+    } catch {
+    }
+
+    const runtimeState = getRuntime();
+    const externalBase = normalizeProxyTarget(runtimeState.openCodeBaseUrl);
+    if (externalBase) {
+      return externalBase;
+    }
+
+    if (runtimeState.openCodePort) {
+      return `http://localhost:${runtimeState.openCodePort}`;
+    }
+
+    return FALLBACK_PROXY_TARGET;
+  };
+
+  // Log proxy target resolution for debugging
+  const resolveProxyTargetLogged = () => {
+    const target = resolveProxyTarget();
+    console.log('[proxy] resolveProxyTarget ->', target);
+    return target;
+  };
+
+  const forwardSseRequest = async (req, res) => {
+    const abortController = new AbortController();
+    const closeUpstream = () => abortController.abort();
+    let upstream = null;
+    let reader = null;
+    let heartbeatTimer = null;
+    let writeQueue = Promise.resolve(true);
+    const sseBoundary = createSseBoundaryTracker();
+
+    req.on('close', closeUpstream);
+
+    try {
+      const requestUrl = typeof req.originalUrl === 'string' && req.originalUrl.length > 0
+        ? req.originalUrl
+        : (typeof req.url === 'string' ? req.url : '');
+      const upstreamPath = requestUrl.startsWith('/api') ? requestUrl.slice(4) || '/' : requestUrl;
+      const headers = collectForwardProxyHeaders(req.headers, getOpenCodeAuthHeaders());
+      headers.accept ??= 'text/event-stream';
+      headers['cache-control'] ??= 'no-cache';
+
+      const targetUrl = buildOpenCodeUrl(upstreamPath, '');
+      console.log(`[proxy] SSE ${req.method} ${requestUrl} -> ${targetUrl}`);
+
+      upstream = await fetch(targetUrl, {
+        method: 'GET',
+        headers,
+        signal: abortController.signal,
+      });
+
+      console.log(`[proxy] SSE upstream status: ${upstream.status}, content-type: ${upstream.headers.get('content-type')}`);
+
+      res.status(upstream.status);
+      applyForwardProxyResponseHeaders(upstream.headers, res);
+
+      const contentType = upstream.headers.get('content-type') || 'text/event-stream';
+      const isEventStream = contentType.toLowerCase().includes('text/event-stream');
+
+      if (!upstream.body) {
+        res.end(await upstream.text().catch(() => ''));
+        return;
+      }
+
+      if (!isEventStream) {
+        res.end(await upstream.text());
+        return;
+      }
+
+      res.setHeader('Content-Type', contentType);
+      res.setHeader('Cache-Control', 'no-cache');
+      res.setHeader('Connection', 'keep-alive');
+      res.setHeader('X-Accel-Buffering', 'no');
+      if (typeof res.flushHeaders === 'function') {
+        res.flushHeaders();
+      }
+
+      // Disable TCP Nagle's algorithm so small SSE chunks are sent immediately
+      // instead of being buffered up to ~200ms by the TCP stack.
+      if (res.socket && typeof res.socket.setNoDelay === 'function') {
+        res.socket.setNoDelay(true);
+      }
+
+      const SSE_HEARTBEAT_INTERVAL_MS = 20_000;
+
+      const scheduleHeartbeat = () => {
+        heartbeatTimer = setTimeout(async () => {
+          if (abortController.signal.aborted || res.writableEnded || res.destroyed) {
+            return;
+          }
+          if (!sseBoundary.isAtBoundary()) {
+            scheduleHeartbeat();
+            return;
+          }
+          const canContinue = await enqueueSseWrite(':heartbeat\n\n');
+          if (canContinue) {
+            scheduleHeartbeat();
+          }
+        }, SSE_HEARTBEAT_INTERVAL_MS);
+      };
+
+      const enqueueSseWrite = (value) => {
+        writeQueue = writeQueue
+          .catch(() => false)
+          .then((canContinue) => {
+            if (!canContinue) {
+              return false;
+            }
+            return writeSseChunkWithBackpressure(res, value, abortController.signal);
+          });
+        return writeQueue;
+      };
+
+      scheduleHeartbeat();
+
+      reader = upstream.body.getReader();
+      while (!abortController.signal.aborted) {
+        const { done, value } = await reader.read();
+        if (done) {
+          break;
+        }
+        if (value && value.length > 0) {
+          sseBoundary.observe(value);
+          const canContinue = await enqueueSseWrite(value);
+          if (!canContinue) {
+            break;
+          }
+        }
+      }
+
+      res.end();
+    } catch (error) {
+      if (isAbortError(error)) {
+        return;
+      }
+      console.error('[proxy] OpenCode SSE proxy error:', error?.message ?? error);
+      if (!res.headersSent) {
+        res.status(503).json({ error: 'OpenCode service unavailable' });
+      } else {
+        res.end();
+      }
+    } finally {
+      if (heartbeatTimer) {
+        clearTimeout(heartbeatTimer);
+        heartbeatTimer = null;
+      }
+      req.off('close', closeUpstream);
+      try {
+        if (reader) {
+          await reader.cancel();
+          reader.releaseLock();
+        } else if (upstream?.body && !upstream.body.locked) {
+          await upstream.body.cancel();
+        }
+      } catch {
+      }
+    }
+  };
+
+  // Ensure API prefix is detected before proxying
+  app.use('/api', (_req, _res, next) => {
+    ensureOpenCodeApiPrefix();
+    next();
+  });
+
+  // Readiness gate — return 503 while OpenCode is starting/restarting
+  app.use('/api', (req, res, next) => {
+    if (
+      req.path.startsWith('/themes/custom') ||
+      req.path.startsWith('/push') ||
+      req.path.startsWith('/config/agents') ||
+      req.path.startsWith('/config/opencode-resolution') ||
+      req.path.startsWith('/config/settings') ||
+      req.path.startsWith('/config/skills') ||
+      req.path === '/config/reload' ||
+      req.path === '/health'
+    ) {
+      return next();
+    }
+
+    const runtimeState = getRuntime();
+    const waitElapsed = runtimeState.openCodeNotReadySince === 0 ? 0 : Date.now() - runtimeState.openCodeNotReadySince;
+    const stillWaiting =
+      (!runtimeState.isOpenCodeReady && (runtimeState.openCodeNotReadySince === 0 || waitElapsed < OPEN_CODE_READY_GRACE_MS)) ||
+      runtimeState.isRestartingOpenCode ||
+      !runtimeState.openCodePort;
+
+    if (stillWaiting) {
+      console.log(`[proxy] Readiness gate BLOCKED ${req.method} ${req.originalUrl} — OpenCode not ready (port=${runtimeState.openCodePort}, ready=${runtimeState.isOpenCodeReady}, restarting=${runtimeState.isRestartingOpenCode})`);
+      return res.status(503).json({
+        error: 'OpenCode is restarting',
+        restarting: true,
+      });
+    }
+
+    next();
+  });
+
+  // Windows: session merge for cross-directory session listing
+  if (process.platform === 'win32') {
+    app.get('/api/session', async (req, res, next) => {
+      const rawUrl = req.originalUrl || req.url || '';
+      if (rawUrl.includes('directory=')) return next();
+
+      try {
+        const authHeaders = getOpenCodeAuthHeaders();
+        const fetchOpts = {
+          method: 'GET',
+          headers: { Accept: 'application/json', ...authHeaders },
+          signal: AbortSignal.timeout(10000),
+        };
+        const globalRes = await fetch(buildOpenCodeUrl('/session', ''), fetchOpts);
+        const globalPayload = globalRes.ok ? await globalRes.json().catch(() => []) : [];
+        const globalSessions = Array.isArray(globalPayload) ? globalPayload : [];
+
+        const settingsDir = process.env.VINCI_DATA_DIR
+          ? path.resolve(process.env.VINCI_DATA_DIR)
+          : path.join(os.homedir(), '.vinci');
+        const settingsPath = path.join(settingsDir, 'settings.json');
+        let projectDirs = [];
+        try {
+          const settingsRaw = fs.readFileSync(settingsPath, 'utf8');
+          const settings = JSON.parse(settingsRaw);
+          projectDirs = (settings.projects || [])
+            .map((project) => (typeof project?.path === 'string' ? project.path.trim() : ''))
+            .filter(Boolean);
+        } catch {
+        }
+
+        const seen = new Set(
+          globalSessions
+            .map((session) => (session && typeof session.id === 'string' ? session.id : null))
+            .filter((id) => typeof id === 'string')
+        );
+        const extraSessions = [];
+        for (const dir of projectDirs) {
+          const candidates = Array.from(new Set([
+            dir,
+            dir.replace(/\\/g, '/'),
+            dir.replace(/\//g, '\\'),
+          ]));
+          for (const candidateDir of candidates) {
+            const encoded = encodeURIComponent(candidateDir);
+            try {
+              const dirRes = await fetch(buildOpenCodeUrl(`/session?directory=${encoded}`, ''), fetchOpts);
+              if (dirRes.ok) {
+                const dirPayload = await dirRes.json().catch(() => []);
+                const dirSessions = Array.isArray(dirPayload) ? dirPayload : [];
+                for (const session of dirSessions) {
+                  const id = session && typeof session.id === 'string' ? session.id : null;
+                  if (id && !seen.has(id)) {
+                    seen.add(id);
+                    extraSessions.push(session);
+                  }
+                }
+              }
+            } catch {
+            }
+          }
+        }
+
+        const merged = [...globalSessions, ...extraSessions];
+        merged.sort((a, b) => {
+          const aTime = a && typeof a.time_updated === 'number' ? a.time_updated : 0;
+          const bTime = b && typeof b.time_updated === 'number' ? b.time_updated : 0;
+          return bTime - aTime;
+        });
+        console.log(`[SessionMerge] ${globalSessions.length} global + ${extraSessions.length} extra = ${merged.length} total`);
+        return res.json(merged);
+      } catch (error) {
+        console.log(`[SessionMerge] Error: ${error.message}, falling through`);
+        next();
+      }
+    });
+  }
+
+  app.get('/api/global/event', forwardSseRequest);
+  app.get('/api/event', forwardSseRequest);
+
+  // Generic proxy for non-SSE OpenCode API routes.
+  const apiProxy = createProxyMiddleware({
+    target: resolveProxyTarget(),
+    changeOrigin: true,
+    pathRewrite: { '^/api': '' },
+    // Dynamic target — port can change after restart
+    router: () => resolveProxyTargetLogged(),
+    on: {
+      proxyReq: (proxyReq, req) => {
+        // Inject OpenCode auth headers
+        const authHeaders = getOpenCodeAuthHeaders();
+        if (authHeaders.Authorization) {
+          proxyReq.setHeader('Authorization', authHeaders.Authorization);
+        }
+
+        // Defensive: request identity encoding from upstream OpenCode.
+        // This avoids compressed-body/header mismatches in multi-proxy setups.
+        proxyReq.setHeader('accept-encoding', 'identity');
+
+        console.log(`[proxy] ${req.method} ${req.originalUrl} -> ${proxyReq.getHeader('host')}${proxyReq.path}`);
+      },
+      proxyRes: (proxyRes) => {
+        for (const key of Object.keys(proxyRes.headers || {})) {
+          if (!shouldForwardProxyResponseHeader(key)) {
+            delete proxyRes.headers[key];
+          }
+        }
+      },
+      error: (err, req, res) => {
+        console.error(`[proxy] OpenCode proxy error for ${req.method} ${req.originalUrl}:`, err.message);
+        if (err.code) console.error(`[proxy]   code: ${err.code}`);
+        if (err.stack) console.error(`[proxy]   stack: ${err.stack.split('\n').slice(0, 3).join('\n')}`);
+        if (res && !res.headersSent && typeof res.status === 'function') {
+          res.status(503).json({ error: 'OpenCode service unavailable' });
+        }
+      },
+    },
+  });
+
+  app.use('/api', apiProxy);
+};

package/server/lib/opencode/pwa-manifest-routes.js

@@ -0,0 +1,257 @@
+const DEFAULT_PWA_APP_NAME = 'Vinci - AI Coding Assistant';
+const mapPwaOrientationToManifest = (value) => {
+  if (value === 'portrait') {
+    return 'portrait-primary';
+  }
+  if (value === 'landscape') {
+    return 'landscape-primary';
+  }
+  return undefined;
+};
+
+export const registerPwaManifestRoute = (app, dependencies) => {
+  const {
+    process,
+    resolveProjectDirectory,
+    buildOpenCodeUrl,
+    getOpenCodeAuthHeaders,
+    readSettingsFromDiskMigrated,
+    normalizePwaAppName,
+    normalizePwaOrientation,
+  } = dependencies;
+
+  const recentPwaSessionsCache = new Map();
+
+  const getRecentPwaSessionShortcuts = async (req) => {
+    const now = Date.now();
+
+    const resolvedDirectoryResult = await resolveProjectDirectory(req).catch(() => ({ directory: null }));
+    const preferredDirectory = typeof resolvedDirectoryResult?.directory === 'string'
+      ? resolvedDirectoryResult.directory
+      : null;
+
+    const cacheKey = preferredDirectory ? `dir:${preferredDirectory}` : 'global';
+    const cached = recentPwaSessionsCache.get(cacheKey);
+    if (cached && now - cached.at < 5000) {
+      return cached.data;
+    }
+
+    const normalizeShortcutTitle = (value, fallback) => {
+      const normalized = normalizePwaAppName(value, fallback);
+      return normalized.length > 48 ? normalized.slice(0, 48) : normalized;
+    };
+
+    const toFiniteNumber = (value) => {
+      if (typeof value === 'number' && Number.isFinite(value)) {
+        return value;
+      }
+      if (typeof value === 'string' && value.trim().length > 0) {
+        const parsed = Number(value);
+        if (Number.isFinite(parsed)) {
+          return parsed;
+        }
+      }
+      return null;
+    };
+
+    const normalizeDirectory = (value) => {
+      if (typeof value !== 'string') {
+        return '';
+      }
+      const trimmed = value.trim();
+      if (!trimmed) {
+        return '';
+      }
+      const normalized = trimmed.replace(/\\/g, '/');
+      if (normalized === '/') {
+        return '/';
+      }
+      return normalized.length > 1 ? normalized.replace(/\/+$/, '') : normalized;
+    };
+
+    const sessionUpdatedAt = (session) => {
+      const time = session && typeof session.time === 'object' ? session.time : null;
+      return toFiniteNumber(time?.updated) ?? toFiniteNumber(time?.created) ?? 0;
+    };
+
+    const filterSessionsByDirectory = (sessions, directory) => {
+      const normalizedDirectory = normalizeDirectory(directory);
+      if (!normalizedDirectory) {
+        return sessions;
+      }
+
+      const prefix = normalizedDirectory === '/' ? '/' : `${normalizedDirectory}/`;
+      return sessions.filter((session) => {
+        const sessionDirectory = normalizeDirectory(session?.directory);
+        if (!sessionDirectory) {
+          return false;
+        }
+        return sessionDirectory === normalizedDirectory || sessionDirectory.startsWith(prefix);
+      });
+    };
+
+    const listSessions = async (directory) => {
+      const query = (() => {
+        if (typeof directory !== 'string' || directory.length === 0) {
+          return '';
+        }
+        const preparedDirectory = process.platform === 'win32'
+          ? directory.replace(/\//g, '\\\\')
+          : directory;
+        return `?directory=${encodeURIComponent(preparedDirectory)}`;
+      })();
+
+      const response = await fetch(buildOpenCodeUrl(`/session${query}`, ''), {
+        method: 'GET',
+        headers: {
+          Accept: 'application/json',
+          ...getOpenCodeAuthHeaders(),
+        },
+        signal: AbortSignal.timeout(2500),
+      });
+
+      if (!response.ok) {
+        return [];
+      }
+
+      const payload = await response.json().catch(() => null);
+      return Array.isArray(payload) ? payload : [];
+    };
+
+    try {
+      let payload = [];
+
+      if (preferredDirectory) {
+        const scopedPayload = await listSessions(preferredDirectory);
+        const filteredScopedPayload = filterSessionsByDirectory(scopedPayload, preferredDirectory);
+
+        if (filteredScopedPayload.length > 0) {
+          payload = filteredScopedPayload;
+        } else {
+          const globalPayload = await listSessions(null);
+          const filteredGlobalPayload = filterSessionsByDirectory(globalPayload, preferredDirectory);
+          payload = filteredGlobalPayload;
+        }
+      } else {
+        payload = await listSessions(null);
+      }
+
+      const seen = new Set();
+      const rows = [];
+
+      for (const item of payload) {
+        if (!item || typeof item !== 'object') {
+          continue;
+        }
+
+        const id = typeof item.id === 'string' ? item.id.trim().slice(0, 160) : '';
+        if (!id || seen.has(id)) {
+          continue;
+        }
+
+        seen.add(id);
+        const title = normalizeShortcutTitle(item.title, `Session ${rows.length + 1}`);
+        const updatedAt = sessionUpdatedAt(item);
+
+        rows.push({ id, title, updatedAt });
+      }
+
+      rows.sort((a, b) => b.updatedAt - a.updatedAt);
+
+      const shortcuts = rows.slice(0, 3).map((session) => ({
+        name: session.title,
+        short_name: session.title.length > 32 ? session.title.slice(0, 32) : session.title,
+        description: 'Open recent session',
+        url: `/?session=${encodeURIComponent(session.id)}`,
+        icons: [{ src: '/pwa-192.png', sizes: '192x192', type: 'image/png' }],
+      }));
+
+      recentPwaSessionsCache.set(cacheKey, { at: now, data: shortcuts });
+      return shortcuts;
+    } catch {
+      recentPwaSessionsCache.set(cacheKey, { at: now, data: [] });
+      return [];
+    }
+  };
+
+  app.get('/manifest.webmanifest', async (req, res) => {
+    const hasQueryOverride =
+      typeof req.query?.pwa_name === 'string'
+      || typeof req.query?.app_name === 'string'
+      || typeof req.query?.appName === 'string';
+
+    let queryValueRaw = '';
+    if (typeof req.query?.pwa_name === 'string') {
+      queryValueRaw = req.query.pwa_name;
+    } else if (typeof req.query?.app_name === 'string') {
+      queryValueRaw = req.query.app_name;
+    } else if (typeof req.query?.appName === 'string') {
+      queryValueRaw = req.query.appName;
+    }
+
+    const queryOverrideName = normalizePwaAppName(queryValueRaw, '');
+    const hasOrientationOverride = typeof req.query?.orientation === 'string';
+    const queryOverrideOrientation = normalizePwaOrientation(req.query?.orientation, 'system');
+
+    let storedName = '';
+    let storedOrientation = 'system';
+    try {
+      const settings = await readSettingsFromDiskMigrated();
+      storedName = normalizePwaAppName(settings?.pwaAppName, '');
+      storedOrientation = normalizePwaOrientation(settings?.pwaOrientation, 'system');
+    } catch {
+      storedName = '';
+      storedOrientation = 'system';
+    }
+
+    const appName = hasQueryOverride
+      ? (queryOverrideName || DEFAULT_PWA_APP_NAME)
+      : (storedName || DEFAULT_PWA_APP_NAME);
+    const manifestOrientation = mapPwaOrientationToManifest(
+      hasOrientationOverride ? queryOverrideOrientation : storedOrientation
+    );
+
+    const shortName = appName.length > 30 ? appName.slice(0, 30) : appName;
+    const recentSessionShortcuts = await getRecentPwaSessionShortcuts(req);
+
+    const manifest = {
+      name: appName,
+      short_name: shortName,
+      description: 'Web interface companion for OpenCode AI coding agent',
+      id: '/',
+      start_url: '/',
+      scope: '/',
+      display: 'standalone',
+      display_override: ['window-controls-overlay'],
+      background_color: '#151313',
+      theme_color: '#edb449',
+      ...(manifestOrientation ? { orientation: manifestOrientation } : {}),
+      icons: [
+        { src: '/pwa-192.png', sizes: '192x192', type: 'image/png', purpose: 'any' },
+        { src: '/pwa-512.png', sizes: '512x512', type: 'image/png', purpose: 'any' },
+        { src: '/pwa-maskable-192.png', sizes: '192x192', type: 'image/png', purpose: 'any maskable' },
+        { src: '/pwa-maskable-512.png', sizes: '512x512', type: 'image/png', purpose: 'any maskable' },
+        { src: '/apple-touch-icon-180x180.png', sizes: '180x180', type: 'image/png', purpose: 'any' },
+        { src: '/apple-touch-icon-152x152.png', sizes: '152x152', type: 'image/png', purpose: 'any' },
+        { src: '/favicon-32.png', sizes: '32x32', type: 'image/png' },
+        { src: '/favicon-16.png', sizes: '16x16', type: 'image/png' },
+      ],
+      shortcuts: [
+        {
+          name: 'Appearance Settings',
+          short_name: 'Settings',
+          description: 'Open appearance settings',
+          url: '/?settings=appearance',
+          icons: [{ src: '/pwa-192.png', sizes: '192x192', type: 'image/png' }],
+        },
+        ...recentSessionShortcuts,
+      ],
+      categories: ['developer', 'tools', 'productivity'],
+      lang: 'en',
+    };
+
+    res.setHeader('Cache-Control', 'no-store, must-revalidate');
+    res.type('application/manifest+json');
+    res.send(JSON.stringify(manifest));
+  });
+};