@vibe80/vibe80 0.1.1

package/server/src/clientFactory.js

@@ -0,0 +1,164 @@
+import path from "path";
+import { CodexAppServerClient } from "./codexClient.js";
+import { ClaudeCliClient } from "./claudeClient.js";
+import { getSessionRuntime } from "./runtimeStore.js";
+
+/**
+ * Get an existing client or create a new one for the given provider.
+ * Clients are lazily initialized and cached in session.clients.
+ *
+ * @param {object} session - The session object
+ * @param {"codex" | "claude"} provider - The provider to get or create
+ * @returns {Promise<CodexAppServerClient | ClaudeCliClient>}
+ */
+export async function getOrCreateClient(session, provider) {
+  const runtime = getSessionRuntime(session.sessionId);
+  if (runtime?.clients?.[provider]) {
+    return runtime.clients[provider];
+  }
+
+  const defaultDenyGitCredentialsAccess =
+    typeof session.defaultDenyGitCredentialsAccess === "boolean"
+      ? session.defaultDenyGitCredentialsAccess
+      : true;
+
+  const client =
+    provider === "claude"
+      ? new ClaudeCliClient({
+          cwd: session.repoDir,
+          attachmentsDir: session.attachmentsDir,
+          repoDir: session.repoDir,
+          internetAccess: session.defaultInternetAccess,
+          denyGitCredentialsAccess: defaultDenyGitCredentialsAccess,
+          gitDir: session.gitDir || path.join(session.dir, "git"),
+          env: {
+            ...process.env,
+            TMPDIR: path.join(session.dir, "tmp"),
+            CLAUDE_CODE_TMPDIR: path.join(session.dir, "tmp"),
+          },
+          workspaceId: session.workspaceId,
+          tmpDir: path.join(session.dir, "tmp"),
+          sessionId: session.sessionId,
+          worktreeId: "main",
+          threadId: session.threadId || null,
+        })
+      : new CodexAppServerClient({
+          cwd: session.repoDir,
+          attachmentsDir: session.attachmentsDir,
+          repoDir: session.repoDir,
+          internetAccess: session.defaultInternetAccess,
+          denyGitCredentialsAccess: defaultDenyGitCredentialsAccess,
+          gitDir: session.gitDir || path.join(session.dir, "git"),
+          threadId: session.threadId || null,
+          env: {
+            ...process.env,
+            TMPDIR: path.join(session.dir, "tmp"),
+          },
+          workspaceId: session.workspaceId,
+          tmpDir: path.join(session.dir, "tmp"),
+          sessionId: session.sessionId,
+          worktreeId: "main",
+        });
+
+  if (runtime) {
+    runtime.clients[provider] = client;
+  }
+
+  return client;
+}
+
+/**
+ * Create a new client for a worktree (not cached, each worktree gets its own client).
+ *
+ * @param {object} worktree - The worktree object
+ * @param {string} worktree.path - The worktree directory path
+ * @param {"codex" | "claude"} worktree.provider - The provider
+ * @param {string} [attachmentsDir] - The attachments directory
+ * @returns {CodexAppServerClient | ClaudeCliClient}
+ */
+export function createWorktreeClient(
+  worktree,
+  attachmentsDir,
+  repoDir,
+  internetAccess,
+  threadId,
+  gitDir,
+  options = {}
+) {
+  const sessionDir = repoDir ? path.dirname(repoDir) : null;
+  const tmpDir = sessionDir ? path.join(sessionDir, "tmp") : null;
+  const denyGitCredentialsAccess =
+    typeof worktree.denyGitCredentialsAccess === "boolean"
+      ? worktree.denyGitCredentialsAccess
+      : true;
+  const client =
+    worktree.provider === "claude"
+      ? new ClaudeCliClient({
+          cwd: worktree.path,
+          attachmentsDir,
+          repoDir,
+          internetAccess,
+          denyGitCredentialsAccess,
+          gitDir,
+          env: {
+            ...process.env,
+            ...(tmpDir
+              ? { TMPDIR: tmpDir, CLAUDE_CODE_TMPDIR: tmpDir }
+              : {}),
+          },
+          workspaceId: worktree.workspaceId,
+          tmpDir,
+          sessionId: worktree.sessionId,
+          worktreeId: worktree.id,
+          threadId: threadId || worktree.threadId || null,
+          forkFromThreadId:
+            options.sourceThreadId ||
+            (worktree.context === "fork" ? worktree.forkSourceThreadId || null : null),
+        })
+      : new CodexAppServerClient({
+          cwd: worktree.path,
+          attachmentsDir,
+          repoDir,
+          internetAccess,
+          denyGitCredentialsAccess,
+          gitDir,
+          threadId: threadId || worktree.threadId || null,
+          env: {
+            ...process.env,
+            ...(tmpDir ? { TMPDIR: tmpDir } : {}),
+          },
+          workspaceId: worktree.workspaceId,
+          tmpDir,
+          sessionId: worktree.sessionId,
+          worktreeId: worktree.id,
+          threadStartMode:
+            options.threadStartMode ||
+            (worktree.context === "fork" ? "fork" : "new"),
+          sourceThreadId:
+            options.sourceThreadId ||
+            (worktree.context === "fork" ? worktree.forkSourceThreadId || null : null),
+        });
+
+  return client;
+}
+
+/**
+ * Get the currently active client for the session.
+ *
+ * @param {object} session - The session object
+ * @returns {CodexAppServerClient | ClaudeCliClient | null}
+ */
+export function getActiveClient(session) {
+  const runtime = getSessionRuntime(session.sessionId);
+  return runtime?.clients?.[session.activeProvider] || null;
+}
+
+/**
+ * Check if a provider string is valid.
+ *
+ * @param {string} provider
+ * @returns {provider is "codex" | "claude"}
+ */
+export function isValidProvider(provider) {
+  return provider === "codex" || provider === "claude";
+}

package/server/src/codexClient.js

@@ -0,0 +1,468 @@
+import { spawn } from "child_process";
+import { EventEmitter } from "events";
+import path from "path";
+import { SYSTEM_PROMPT } from "./config.js";
+import { createProviderLogger } from "./providerLogger.js";
+import { buildSandboxArgs, getWorkspaceHome } from "./runAs.js";
+
+const RUN_AS_HELPER = process.env.VIBE80_RUN_AS_HELPER || "/usr/local/bin/vibe80-run-as";
+const SUDO_PATH = process.env.VIBE80_SUDO_PATH || "sudo";
+const isMonoUser = process.env.DEPLOYMENT_MODE === "mono_user";
+
+export class CodexAppServerClient extends EventEmitter {
+  constructor({
+    cwd,
+    attachmentsDir,
+    repoDir,
+    internetAccess,
+    denyGitCredentialsAccess,
+    gitDir,
+    threadId,
+    env,
+    workspaceId,
+    tmpDir,
+    sessionId,
+    worktreeId,
+    threadStartMode,
+    sourceThreadId,
+  }) {
+    super();
+    this.cwd = cwd;
+    this.attachmentsDir = attachmentsDir;
+    this.repoDir = repoDir || cwd;
+    this.internetAccess = internetAccess ?? true;
+    this.denyGitCredentialsAccess = denyGitCredentialsAccess ?? true;
+    if (this.internetAccess === false && this.denyGitCredentialsAccess) {
+      throw new Error(
+        "Invalid Codex configuration: denyGitCredentialsAccess must be false when internetAccess is false."
+      );
+    }
+    this.gitDir = gitDir || null;
+    this.env = env || process.env;
+    this.workspaceId = workspaceId;
+    this.tmpDir = tmpDir || null;
+    this.sessionId = sessionId || null;
+    this.worktreeId = worktreeId || "main";
+    this.proc = null;
+    this.buffer = "";
+    this.stdoutLogBuffer = "";
+    this.stderrLogBuffer = "";
+    this.activeTurnIds = new Set();
+    this.restartPending = false;
+    this.restarting = false;
+    this.starting = false;
+    this.stopping = false;
+    this.stopReason = null;
+    this.lastIdleAt = Date.now();
+    this.providerLogger = createProviderLogger({
+      provider: "codex",
+      sessionId: this.sessionId,
+      worktreeId: this.worktreeId,
+    });
+    this.nextId = 1;
+    this.pending = new Map();
+    this.threadId = threadId || null;
+    this.threadStartMode =
+      threadStartMode === "fork" && !threadId ? "fork" : threadId ? "resume" : "new";
+    this.sourceThreadId = sourceThreadId || null;
+    this.ready = false;
+  }
+
+  async start() {
+    if (this.starting || this.restarting) {
+      return;
+    }
+    this.starting = true;
+    const codexArgs = [
+      "codex",
+      "--enable",
+      "sqlite",
+      "app-server"
+    ];
+    const useLandlock = this.internetAccess;
+    const shareGitCredentials = !this.denyGitCredentialsAccess;
+    const sshDir = path.join(getWorkspaceHome(this.workspaceId), ".ssh");
+    const sandboxArgs = !isMonoUser && useLandlock
+      ? buildSandboxArgs({
+          cwd: this.cwd,
+        repoDir: this.repoDir,
+        attachmentsDir: this.attachmentsDir,
+        tmpDir: this.tmpDir,
+        workspaceId: this.workspaceId,
+          internetAccess: this.internetAccess,
+          netMode: "tcp:22,53,443",
+          extraAllowRw: [
+            path.join(getWorkspaceHome(this.workspaceId), ".codex"),
+            ...(shareGitCredentials
+              ? [sshDir, ...(this.gitDir ? [this.gitDir] : [])]
+              : []),
+          ],
+        })
+      : [];
+    const spawnCommand = isMonoUser ? codexArgs[0] : SUDO_PATH;
+    const spawnArgs = isMonoUser
+      ? codexArgs.slice(1)
+      : [
+          "-n",
+          RUN_AS_HELPER,
+          "--workspace-id",
+          this.workspaceId,
+          "--cwd",
+          this.cwd,
+          ...sandboxArgs,
+          "--",
+          ...codexArgs,
+        ];
+    this.proc = spawn(spawnCommand, spawnArgs, {
+      stdio: ["pipe", "pipe", "pipe"],
+      env: this.env,
+      cwd: isMonoUser ? this.cwd : undefined,
+    });
+    const spawnReady = new Promise((resolve, reject) => {
+      this.proc.once("spawn", resolve);
+      this.proc.once("error", (error) => {
+        const details = [
+          `Failed to spawn Codex app-server`,
+          `mode=${isMonoUser ? "mono_user" : "multi_user"}`,
+          isMonoUser ? `cmd=${codexArgs[0]}` : `sudo=${SUDO_PATH}`,
+          isMonoUser ? null : `helper=${RUN_AS_HELPER}`,
+          `workspace=${this.workspaceId}`,
+          `cwd=${this.cwd}`,
+          `error=${error?.message || error}`,
+        ]
+          .filter(Boolean)
+          .join(" ");
+        this.emit("log", details);
+        reject(new Error(details));
+      });
+    });
+
+    this.proc.stdout.setEncoding("utf8");
+    this.proc.stdout.on("data", (chunk) => {
+      this.#logStreamChunk("OUT", "stdoutLogBuffer", chunk);
+      this.#handleStdout(chunk);
+    });
+
+    this.proc.stderr.setEncoding("utf8");
+    this.proc.stderr.on("data", (chunk) => {
+      this.#logStreamChunk("ERR", "stderrLogBuffer", chunk);
+      this.emit("log", chunk.trim());
+    });
+
+    this.proc.on("exit", (code, signal) => {
+      const stopReason = this.stopReason;
+      this.stopReason = null;
+      this.ready = false;
+      this.activeTurnIds.clear();
+      this.starting = false;
+      this.stopping = false;
+      this.restarting = false;
+      this.#flushLogBuffer("OUT", "stdoutLogBuffer");
+      this.#flushLogBuffer("ERR", "stderrLogBuffer");
+      this.providerLogger?.close?.();
+      this.emit("exit", { code, signal, reason: stopReason });
+    });
+
+    try {
+      await spawnReady;
+      await this.#initialize();
+      await this.#startThread();
+      this.ready = true;
+      this.lastIdleAt = Date.now();
+      this.emit("ready", { threadId: this.threadId });
+      this.#restartIfIdle();
+    } finally {
+      this.starting = false;
+    }
+  }
+
+  async stop({ force = false, timeoutMs = 5000, reason = null } = {}) {
+    if (!this.proc) {
+      return;
+    }
+    this.stopping = true;
+    this.stopReason = reason || null;
+    const proc = this.proc;
+    this.proc = null;
+    const exitPromise = new Promise((resolve) => {
+      proc.once("exit", resolve);
+      proc.once("close", resolve);
+    });
+    if (force) {
+      proc.kill("SIGKILL");
+      await exitPromise;
+      this.stopping = false;
+      return;
+    }
+    proc.kill("SIGTERM");
+    const timeout = new Promise((resolve) => {
+      setTimeout(resolve, timeoutMs);
+    });
+    await Promise.race([exitPromise, timeout]);
+    if (!proc.killed) {
+      proc.kill("SIGKILL");
+      await exitPromise;
+    }
+    this.stopping = false;
+  }
+
+  getStatus() {
+    if (this.restarting) return "restarting";
+    if (this.starting) return "starting";
+    if (this.stopping) return "stopping";
+    if (!this.proc && !this.ready) return "stopped";
+    if (!this.ready) return "starting";
+    if (this.activeTurnIds.size > 0) return "busy";
+    return "idle";
+  }
+
+  requestRestart() {
+    this.restartPending = true;
+  }
+
+  async restart() {
+    if (this.restarting) {
+      return;
+    }
+    this.restarting = true;
+    this.restartPending = false;
+    try {
+      await this.stop();
+    } catch {
+      // ignore stop errors
+    }
+    await this.start();
+    this.restarting = false;
+  }
+
+  async sendTurn(text) {
+    if (!this.threadId) {
+      throw new Error("Thread not ready yet.");
+    }
+
+    return this.#sendRequest("turn/start", {
+      threadId: this.threadId,
+      input: [{ type: "text", text }],
+    });
+  }
+
+  async interruptTurn(turnId) {
+    if (!this.threadId) {
+      throw new Error("Thread not ready yet.");
+    }
+    if (!turnId) {
+      throw new Error("Turn id is required.");
+    }
+
+    return this.#sendRequest("turn/interrupt", {
+      threadId: this.threadId,
+      turnId,
+    });
+  }
+
+  async listModels(cursor = null, limit = 100) {
+    return this.#sendRequest("model/list", { cursor, limit });
+  }
+
+  async setDefaultModel(model, reasoningEffort = null) {
+    return this.#sendRequest("setDefaultModel", { model, reasoningEffort });
+  }
+
+  async startAccountLogin(params) {
+    return this.#sendRequest("account/login/start", params);
+  }
+
+  #handleStdout(chunk) {
+    this.buffer += chunk;
+    let newlineIndex;
+
+    while ((newlineIndex = this.buffer.indexOf("\n")) !== -1) {
+      const raw = this.buffer.slice(0, newlineIndex).trim();
+      this.buffer = this.buffer.slice(newlineIndex + 1);
+
+      if (!raw) {
+        continue;
+      }
+
+      let message;
+      try {
+        message = JSON.parse(raw);
+      } catch (error) {
+        this.emit("log", `Failed to parse JSON: ${raw}`);
+        continue;
+      }
+
+      this.#handleMessage(message);
+    }
+  }
+
+  #handleMessage(message) {
+    if (Object.prototype.hasOwnProperty.call(message, "id")) {
+      this.emit("rpc_in", message);
+      const pending = this.pending.get(message.id);
+      if (pending) {
+        this.pending.delete(message.id);
+        if (message.error) {
+          pending.reject(new Error(message.error.message || "Unknown error"));
+        } else {
+          pending.resolve(message.result);
+        }
+      }
+      return;
+    }
+
+    if (message.method) {
+      this.emit("rpc_in", message);
+      if (message.method === "turn/started") {
+        const turnId = message?.params?.turn?.id;
+        if (turnId) {
+          this.activeTurnIds.add(turnId);
+        }
+      }
+      if (message.method === "turn/completed") {
+        const turnId = message?.params?.turn?.id;
+        if (turnId) {
+          this.activeTurnIds.delete(turnId);
+        }
+        if (this.activeTurnIds.size === 0) {
+          this.lastIdleAt = Date.now();
+        }
+        this.#restartIfIdle();
+      }
+      if (message.method === "error") {
+        const turnId = message?.params?.turnId;
+        const willRetry = Boolean(message?.params?.willRetry);
+        if (turnId && !willRetry) {
+          this.activeTurnIds.delete(turnId);
+          if (this.activeTurnIds.size === 0) {
+            this.lastIdleAt = Date.now();
+          }
+          this.#restartIfIdle();
+        }
+      }
+      this.emit("notification", message);
+    }
+  }
+
+  #restartIfIdle() {
+    if (!this.restartPending || this.restarting) {
+      return;
+    }
+    if (this.activeTurnIds.size === 0) {
+      void this.restart();
+    }
+  }
+
+  markActive() {
+    this.lastIdleAt = Date.now();
+  }
+
+  #sendRequest(method, params) {
+    const id = this.nextId++;
+    const payload = { jsonrpc: "2.0", id, method, params };
+
+    return new Promise((resolve, reject) => {
+      this.pending.set(id, { resolve, reject });
+      this.emit("rpc_out", payload);
+      const line = JSON.stringify(payload);
+      this.providerLogger?.writeLine("IN", line);
+      this.proc.stdin.write(`${line}\n`);
+    });
+  }
+
+  #logStreamChunk(prefix, bufferKey, chunk) {
+    if (!this.providerLogger) {
+      return;
+    }
+    const text = chunk == null ? "" : String(chunk);
+    this[bufferKey] += text;
+    let newlineIndex;
+    while ((newlineIndex = this[bufferKey].indexOf("\n")) !== -1) {
+      let line = this[bufferKey].slice(0, newlineIndex);
+      if (line.endsWith("\r")) {
+        line = line.slice(0, -1);
+      }
+      this.providerLogger.writeLine(prefix, line);
+      this[bufferKey] = this[bufferKey].slice(newlineIndex + 1);
+    }
+  }
+
+  #flushLogBuffer(prefix, bufferKey) {
+    if (!this.providerLogger) {
+      return;
+    }
+    const leftover = this[bufferKey];
+    if (leftover) {
+      this.providerLogger.writeLine(prefix, leftover);
+      this[bufferKey] = "";
+    }
+  }
+
+  async #initialize() {
+    await this.#sendRequest("initialize", {
+      clientInfo: {
+        name: "vibe80",
+        version: "0.1.0",
+      },
+    });
+  }
+
+  async #startThread() {
+    const shareGitCredentials = !this.denyGitCredentialsAccess;
+    const writableRoots = [
+      this.cwd,
+      this.repoDir,
+      this.attachmentsDir,
+      shareGitCredentials ? this.gitDir : null,
+    ].filter(Boolean);
+    const sandboxMode = isMonoUser
+      ? "workspace-write"
+      : this.internetAccess
+        ? "danger-full-access"
+        : "workspace-write";
+
+    const params = {
+      cwd: this.cwd,
+      config: {
+        // Reserved for future usage
+        // "developer_instructions": "",
+        "sandbox_workspace_write.writable_roots": writableRoots,
+        "sandbox_workspace_write.network_access": Boolean(this.internetAccess),
+        "web_search": this.internetAccess ? "live" : "disabled"
+      },
+      baseInstructions: SYSTEM_PROMPT,
+      sandbox: sandboxMode,
+      approvalPolicy: "never"
+    };
+
+    this.emit("thread_starting", {
+      mode:
+        this.threadStartMode === "fork"
+          ? "fork"
+          : this.threadId
+            ? "resume"
+            : "start",
+      threadId: this.threadStartMode === "fork" ? this.sourceThreadId : this.threadId || null,
+    });
+
+    const result =
+      this.threadStartMode === "fork" && this.sourceThreadId
+        ? await this.#sendRequest("thread/fork", {
+            ...params,
+            threadId: this.sourceThreadId,
+          })
+        : this.threadId
+          ? await this.#sendRequest("thread/resume", {
+              ...params,
+              threadId: this.threadId,
+            })
+          : await this.#sendRequest("thread/start", {
+              ...params,
+              includePlanTool: true,
+            });
+
+    this.threadId = result.thread.id;
+    this.threadStartMode = "resume";
+    this.sourceThreadId = null;
+  }
+}

package/server/src/config.js

@@ -0,0 +1,27 @@
+import path from "path";
+import { fileURLToPath } from "url";
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+export const SYSTEM_PROMPT =
+  process.env.SYSTEM_PROMPT ||
+  "output markdown format for inline generated text;" +
+  "Reference files using relative paths when possible; " +
+  "When proposing possible next steps, use: " +
+  "<!-- vibe80:choices <question?> --> then options (one per line), end with " +
+  "<!-- /vibe80:choices --> ; When complex user input is required, output ONLY a vibe80 form:  " +
+  "<!-- vibe80:form {question} --> input|textarea|radio|select|checkbox::field_id::Label::Default|Choices" +
+  "<!-- /vibe80:form --> One field per line and Use :: as choices separator; " +
+  "example form <!-- vibe80:form How r u? -->select::Anwser::Fine::very fine<!-- /vibe80:form -->" +
+  "Use <!-- vibe80:yesno <question?> --> to ask yes/no questions;" +
+  "Use <!-- vibe80:task <short_task_description> --> to notify the user about what you are doing;" +
+  "Use <!-- vibe80:fileref <filepath> --> to reference any file in the current repository";
+
+export const DEFAULT_GIT_AUTHOR_NAME =
+  process.env.DEFAULT_GIT_AUTHOR_NAME || "Vibe80 agent";
+export const DEFAULT_GIT_AUTHOR_EMAIL =
+  process.env.DEFAULT_GIT_AUTHOR_EMAIL || "vibe80@example.org";
+
+export const GIT_HOOKS_DIR = process.env.VIBE80_GIT_HOOKS_DIR
+  || path.resolve(__dirname, "../../git_hooks");