@waishnav/devspace 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +146 -0
- package/dist/cli.js +331 -0
- package/dist/config.js +188 -0
- package/dist/db/client.js +22 -0
- package/dist/db/schema.js +29 -0
- package/dist/git-worktrees.js +134 -0
- package/dist/git.js +41 -0
- package/dist/logger.js +69 -0
- package/dist/oauth-provider.js +266 -0
- package/dist/pi-tools.js +81 -0
- package/dist/review-checkpoints.js +142 -0
- package/dist/roots.js +34 -0
- package/dist/server.js +1148 -0
- package/dist/skills.js +45 -0
- package/dist/ui/.vite/manifest.json +2520 -0
- package/dist/ui/assets/abap-CLvhMVsD.js +1 -0
- package/dist/ui/assets/actionscript-3--17pq3dv.js +1 -0
- package/dist/ui/assets/ada-C5qYipkI.js +1 -0
- package/dist/ui/assets/andromeeda-vGVdxbeo.js +1 -0
- package/dist/ui/assets/angular-html-Di31D1W0.js +1 -0
- package/dist/ui/assets/angular-ts-BKuSFrBS.js +1 -0
- package/dist/ui/assets/apache-U0d_L8uA.js +1 -0
- package/dist/ui/assets/apex-CGTLDQj6.js +1 -0
- package/dist/ui/assets/apl-DgqYbYoh.js +1 -0
- package/dist/ui/assets/applescript-CCn79oCD.js +1 -0
- package/dist/ui/assets/ara-4CJ0cIlV.js +1 -0
- package/dist/ui/assets/asciidoc-DE70LPWp.js +1 -0
- package/dist/ui/assets/asm-Cmm7eHzH.js +1 -0
- package/dist/ui/assets/astro-B19gi6Os.js +1 -0
- package/dist/ui/assets/aurora-x-CDeNXAV0.js +1 -0
- package/dist/ui/assets/awk-BWXHIvNe.js +1 -0
- package/dist/ui/assets/ayu-dark-DluEY0Gj.js +1 -0
- package/dist/ui/assets/ayu-light-C3h-C4tm.js +1 -0
- package/dist/ui/assets/ayu-mirage-Bqwy1Gya.js +1 -0
- package/dist/ui/assets/ballerina-B7ZEbQpA.js +1 -0
- package/dist/ui/assets/bat-Bo4NYOV-.js +1 -0
- package/dist/ui/assets/beancount-D-usSTwE.js +1 -0
- package/dist/ui/assets/berry-DKpUyyne.js +1 -0
- package/dist/ui/assets/bibtex-Ci_nEsc7.js +1 -0
- package/dist/ui/assets/bicep-CUHmPFLl.js +1 -0
- package/dist/ui/assets/bird2-C2hNVINV.js +1 -0
- package/dist/ui/assets/blade-BKHjA4oS.js +1 -0
- package/dist/ui/assets/bsl-BkkzgIyY.js +1 -0
- package/dist/ui/assets/c-FjyGimBn.js +1 -0
- package/dist/ui/assets/c3-CnJL0r0V.js +1 -0
- package/dist/ui/assets/cadence-CQ2zXKGN.js +1 -0
- package/dist/ui/assets/cairo-DLTphjLi.js +1 -0
- package/dist/ui/assets/catppuccin-frappe-3VR1Za6u.js +1 -0
- package/dist/ui/assets/catppuccin-latte-DwIHMF0Q.js +1 -0
- package/dist/ui/assets/catppuccin-macchiato-DYnBP6_5.js +1 -0
- package/dist/ui/assets/catppuccin-mocha-DYhrFGRu.js +1 -0
- package/dist/ui/assets/clarity-SemFz856.js +1 -0
- package/dist/ui/assets/clojure-DqKBuwfJ.js +1 -0
- package/dist/ui/assets/cmake-Bj61d0ZC.js +1 -0
- package/dist/ui/assets/cobol-DlmtgjjX.js +1 -0
- package/dist/ui/assets/codeowners-C8r90Shi.js +1 -0
- package/dist/ui/assets/codeql-oeQT6MSM.js +1 -0
- package/dist/ui/assets/coffee-BlTKLwcf.js +1 -0
- package/dist/ui/assets/common-lisp-Cv5bFMCO.js +1 -0
- package/dist/ui/assets/coq-BrsZFFmf.js +1 -0
- package/dist/ui/assets/cpp-DtVUwoaa.js +1 -0
- package/dist/ui/assets/crystal-C0TLGTHr.js +1 -0
- package/dist/ui/assets/csharp-Ct8U2NOr.js +1 -0
- package/dist/ui/assets/css-FssmIjiX.js +1 -0
- package/dist/ui/assets/csv-Dx-8-gkx.js +1 -0
- package/dist/ui/assets/cue-CE9AQfxI.js +1 -0
- package/dist/ui/assets/cypher-ClKdZ_lG.js +1 -0
- package/dist/ui/assets/d-qD-0Kul2.js +1 -0
- package/dist/ui/assets/dark-plus-Cs2F2srj.js +1 -0
- package/dist/ui/assets/dart-DkHntEIa.js +1 -0
- package/dist/ui/assets/dax-BkyTk9wS.js +1 -0
- package/dist/ui/assets/desktop-Dlh5hvp9.js +1 -0
- package/dist/ui/assets/diff-woXpYk--.js +1 -0
- package/dist/ui/assets/docker-IyjqRm3v.js +1 -0
- package/dist/ui/assets/dotenv-_5a1GRtc.js +1 -0
- package/dist/ui/assets/dracula-BHWKrbxM.js +1 -0
- package/dist/ui/assets/dracula-soft-5eyTD99u.js +1 -0
- package/dist/ui/assets/dream-maker-DW3nJb8Q.js +1 -0
- package/dist/ui/assets/edge-_m-12TBz.js +1 -0
- package/dist/ui/assets/elixir-RKJED3b7.js +1 -0
- package/dist/ui/assets/elm-CzMSD9Oq.js +1 -0
- package/dist/ui/assets/emacs-lisp-C9PiwqqW.js +1 -0
- package/dist/ui/assets/erb-Cqpp-3vK.js +1 -0
- package/dist/ui/assets/erlang-Cphh6RMH.js +1 -0
- package/dist/ui/assets/everforest-dark-sB-x3p7T.js +1 -0
- package/dist/ui/assets/everforest-light-Df2xbC6M.js +1 -0
- package/dist/ui/assets/fennel-DQxkIbk2.js +1 -0
- package/dist/ui/assets/fish-BJitypiv.js +1 -0
- package/dist/ui/assets/fluent-C03EYrpw.js +1 -0
- package/dist/ui/assets/fortran-fixed-form-DEKoE2YW.js +1 -0
- package/dist/ui/assets/fortran-free-form-CYNrtFtB.js +1 -0
- package/dist/ui/assets/fsharp-D13ZGOAj.js +1 -0
- package/dist/ui/assets/gdresource-C0sCabJj.js +1 -0
- package/dist/ui/assets/gdscript-Cp2uCuqX.js +1 -0
- package/dist/ui/assets/gdshader-CBce3t8t.js +1 -0
- package/dist/ui/assets/genie-CV2tkWYe.js +1 -0
- package/dist/ui/assets/gherkin-DExj1W_8.js +1 -0
- package/dist/ui/assets/git-commit-BSykSTBG.js +1 -0
- package/dist/ui/assets/git-rebase-DLS2r2oj.js +1 -0
- package/dist/ui/assets/github-dark-C-LZuMrd.js +1 -0
- package/dist/ui/assets/github-dark-default-DXG-b-1a.js +1 -0
- package/dist/ui/assets/github-dark-dimmed-Bx1FflLF.js +1 -0
- package/dist/ui/assets/github-dark-high-contrast-B_tTalzw.js +1 -0
- package/dist/ui/assets/github-light-EUqPIrTm.js +1 -0
- package/dist/ui/assets/github-light-default-BXViO-2h.js +1 -0
- package/dist/ui/assets/github-light-high-contrast-B68TUdTA.js +1 -0
- package/dist/ui/assets/gleam-CSRkHgEL.js +1 -0
- package/dist/ui/assets/glimmer-js-B1t-JGK1.js +1 -0
- package/dist/ui/assets/glimmer-ts-CazygCNf.js +1 -0
- package/dist/ui/assets/glsl-gBg2vKZ-.js +1 -0
- package/dist/ui/assets/gn-ilITqXS6.js +1 -0
- package/dist/ui/assets/gnuplot-7GGW24-e.js +1 -0
- package/dist/ui/assets/go-BJwz_mda.js +1 -0
- package/dist/ui/assets/graphql-C8u6MNtl.js +1 -0
- package/dist/ui/assets/groovy-CacY0gHj.js +1 -0
- package/dist/ui/assets/gruvbox-dark-hard-C820rvS2.js +1 -0
- package/dist/ui/assets/gruvbox-dark-medium-BPjhmG05.js +1 -0
- package/dist/ui/assets/gruvbox-dark-soft-MrdJrrXF.js +1 -0
- package/dist/ui/assets/gruvbox-light-hard-BC_s9l72.js +1 -0
- package/dist/ui/assets/gruvbox-light-medium-BAWPOn9u.js +1 -0
- package/dist/ui/assets/gruvbox-light-soft-BSMLrYjP.js +1 -0
- package/dist/ui/assets/hack-CgKuqejW.js +1 -0
- package/dist/ui/assets/haml-I5WU4_Rg.js +1 -0
- package/dist/ui/assets/handlebars-DGf6O3Q6.js +1 -0
- package/dist/ui/assets/haskell-D8IpX4py.js +1 -0
- package/dist/ui/assets/haxe-OTjmBuCE.js +1 -0
- package/dist/ui/assets/hcl-Dh228itO.js +1 -0
- package/dist/ui/assets/heavy-payload-Bp6srDbj.js +4 -0
- package/dist/ui/assets/hjson-CxZEssPk.js +1 -0
- package/dist/ui/assets/hlsl-Cvrh5tZx.js +1 -0
- package/dist/ui/assets/horizon-CE9ld1lL.js +1 -0
- package/dist/ui/assets/horizon-bright-Br1oVSNq.js +1 -0
- package/dist/ui/assets/houston-CsvMBhTu.js +1 -0
- package/dist/ui/assets/html-BrIuweS5.js +1 -0
- package/dist/ui/assets/html-derivative-CflP_1S6.js +1 -0
- package/dist/ui/assets/http-qgGkv9Ds.js +1 -0
- package/dist/ui/assets/hurl-CantyQ5z.js +1 -0
- package/dist/ui/assets/hxml-B0Qn7Nwc.js +1 -0
- package/dist/ui/assets/hy-CZbG8q4J.js +1 -0
- package/dist/ui/assets/imba-DsUTQ-LC.js +1 -0
- package/dist/ui/assets/ini-B5eOa1yu.js +1 -0
- package/dist/ui/assets/java-DqStxnBY.js +1 -0
- package/dist/ui/assets/javascript-CJ1ZUMNM.js +1 -0
- package/dist/ui/assets/jinja-Ta-y-8tW.js +1 -0
- package/dist/ui/assets/jison-DZStAtdf.js +1 -0
- package/dist/ui/assets/json-Bfn_pgvS.js +1 -0
- package/dist/ui/assets/json5-BR5RXkoi.js +1 -0
- package/dist/ui/assets/jsonc-CYpm1nAK.js +1 -0
- package/dist/ui/assets/jsonl-CmCQp5Yx.js +1 -0
- package/dist/ui/assets/jsonnet-CJTPZ8u_.js +1 -0
- package/dist/ui/assets/jssm-DXw9l8Rf.js +1 -0
- package/dist/ui/assets/jsx-CFi5D1JI.js +1 -0
- package/dist/ui/assets/julia-CmuPb_FV.js +1 -0
- package/dist/ui/assets/just-xoDaYyy4.js +1 -0
- package/dist/ui/assets/kanagawa-dragon-CXtmUGW6.js +1 -0
- package/dist/ui/assets/kanagawa-lotus-BN08jTvb.js +1 -0
- package/dist/ui/assets/kanagawa-wave-CTweb8Dz.js +1 -0
- package/dist/ui/assets/kdl-CsD5j6eV.js +1 -0
- package/dist/ui/assets/kotlin-DhhofPvG.js +1 -0
- package/dist/ui/assets/kusto-BUv0MjJC.js +1 -0
- package/dist/ui/assets/laserwave-C_8bwKvT.js +1 -0
- package/dist/ui/assets/latex-C7jbQT4s.js +1 -0
- package/dist/ui/assets/lean-CewbzKMR.js +1 -0
- package/dist/ui/assets/less-DVTAwKKz.js +1 -0
- package/dist/ui/assets/light-plus-DVQuIRkW.js +1 -0
- package/dist/ui/assets/liquid-DyVckOju.js +1 -0
- package/dist/ui/assets/llvm-Cm23YOpf.js +1 -0
- package/dist/ui/assets/log-BNLmms1o.js +1 -0
- package/dist/ui/assets/logo-Cluzi2Zq.js +1 -0
- package/dist/ui/assets/lua-CQGEo-kr.js +1 -0
- package/dist/ui/assets/luau-CNKltnaQ.js +1 -0
- package/dist/ui/assets/make-Dixweg8N.js +1 -0
- package/dist/ui/assets/markdown-BYOwaDjH.js +1 -0
- package/dist/ui/assets/marko-CF3FIlcL.js +1 -0
- package/dist/ui/assets/material-theme-Bm3Qr25_.js +1 -0
- package/dist/ui/assets/material-theme-darker-2IIEA8gg.js +1 -0
- package/dist/ui/assets/material-theme-lighter-uhdI0v04.js +1 -0
- package/dist/ui/assets/material-theme-ocean-CHQ94UKr.js +1 -0
- package/dist/ui/assets/material-theme-palenight-B5W6OYN7.js +1 -0
- package/dist/ui/assets/matlab-D7qyCx1q.js +1 -0
- package/dist/ui/assets/mdc-DJfBh8KU.js +1 -0
- package/dist/ui/assets/mdx-DQZ5AkYe.js +1 -0
- package/dist/ui/assets/mermaid-Bk4SNUv9.js +1 -0
- package/dist/ui/assets/min-dark-BSWPekZh.js +1 -0
- package/dist/ui/assets/min-light-DDpmG2fV.js +1 -0
- package/dist/ui/assets/mipsasm-BMqwQI7S.js +1 -0
- package/dist/ui/assets/mojo-BgCJLMeH.js +1 -0
- package/dist/ui/assets/monokai-CdkpiU2Y.js +1 -0
- package/dist/ui/assets/moonbit-CaWjb8XO.js +1 -0
- package/dist/ui/assets/move-B1IS1UjX.js +1 -0
- package/dist/ui/assets/narrat-_X_XdTYD.js +1 -0
- package/dist/ui/assets/nextflow-Bbiyy34d.js +1 -0
- package/dist/ui/assets/nextflow-groovy-Dc_ddanL.js +1 -0
- package/dist/ui/assets/nginx-CmN5T-d3.js +1 -0
- package/dist/ui/assets/night-owl-DhmEMT88.js +1 -0
- package/dist/ui/assets/night-owl-light-eJ-hLW7d.js +1 -0
- package/dist/ui/assets/nim-a_705mqZ.js +1 -0
- package/dist/ui/assets/nix-IvuFDN5E.js +1 -0
- package/dist/ui/assets/nord-Cb4Vim4T.js +1 -0
- package/dist/ui/assets/nushell-DcLAeLz5.js +1 -0
- package/dist/ui/assets/objective-c-D1A_Heim.js +1 -0
- package/dist/ui/assets/objective-cpp-BsSzOQcm.js +1 -0
- package/dist/ui/assets/ocaml-O90oeIOV.js +1 -0
- package/dist/ui/assets/odin-B1RWQWA5.js +1 -0
- package/dist/ui/assets/one-dark-pro-CLwyXe_n.js +1 -0
- package/dist/ui/assets/one-light-D7Lr4KcI.js +1 -0
- package/dist/ui/assets/openscad-BUDT5pXO.js +1 -0
- package/dist/ui/assets/pascal-4ZHwLPI5.js +1 -0
- package/dist/ui/assets/perl-BFxFi55O.js +1 -0
- package/dist/ui/assets/php-C9Uf0Vo_.js +1 -0
- package/dist/ui/assets/pierre-dark-sU4Zdns8.js +1 -0
- package/dist/ui/assets/pierre-dark-soft-HXgun5vs.js +1 -0
- package/dist/ui/assets/pierre-light-DWBk51d8.js +1 -0
- package/dist/ui/assets/pierre-light-soft-CodEzPxf.js +1 -0
- package/dist/ui/assets/pkl-ot-7Btpt.js +1 -0
- package/dist/ui/assets/plastic-DQwYfKfQ.js +1 -0
- package/dist/ui/assets/plsql-DGHpHOYJ.js +1 -0
- package/dist/ui/assets/po-BiJDBrnU.js +1 -0
- package/dist/ui/assets/poimandres-DRFjx7u4.js +1 -0
- package/dist/ui/assets/polar-C7UOKdEL.js +1 -0
- package/dist/ui/assets/postcss-BXeXVLqQ.js +1 -0
- package/dist/ui/assets/powerquery-DNMTfnFr.js +1 -0
- package/dist/ui/assets/powershell-DshXNtvi.js +1 -0
- package/dist/ui/assets/prisma-BsRQq5mF.js +1 -0
- package/dist/ui/assets/prolog-iXnhIJG7.js +1 -0
- package/dist/ui/assets/proto-DB4EqR-F.js +1 -0
- package/dist/ui/assets/pug-DQIrtlYh.js +1 -0
- package/dist/ui/assets/puppet-CDv2pdJW.js +1 -0
- package/dist/ui/assets/purescript-9MfHhQsQ.js +1 -0
- package/dist/ui/assets/python-gzcpVVnB.js +1 -0
- package/dist/ui/assets/qml-CpI_Asuw.js +1 -0
- package/dist/ui/assets/qmldir-DCQb3MpD.js +1 -0
- package/dist/ui/assets/qss-Fe1Jh2GI.js +1 -0
- package/dist/ui/assets/r-hYZdyIMH.js +1 -0
- package/dist/ui/assets/racket-DcIDlBhZ.js +1 -0
- package/dist/ui/assets/raku-B3gFvitq.js +1 -0
- package/dist/ui/assets/razor-CbXx350T.js +1 -0
- package/dist/ui/assets/red-CJ3rzSJv.js +1 -0
- package/dist/ui/assets/reg-CRGYupPL.js +1 -0
- package/dist/ui/assets/regexp-BdfO5R2u.js +1 -0
- package/dist/ui/assets/rel-BtDbiS_P.js +1 -0
- package/dist/ui/assets/review-payload-CC-3-Lb9.js +1 -0
- package/dist/ui/assets/riscv-Ckw8ddFX.js +1 -0
- package/dist/ui/assets/ron-VUp2lXgN.js +1 -0
- package/dist/ui/assets/rose-pine-BthvhNj6.js +1 -0
- package/dist/ui/assets/rose-pine-dawn-Dg85fqjY.js +1 -0
- package/dist/ui/assets/rose-pine-moon-hon4tzzS.js +1 -0
- package/dist/ui/assets/rosmsg-CAekHB0j.js +1 -0
- package/dist/ui/assets/rst-CP6mAm3Y.js +1 -0
- package/dist/ui/assets/ruby-8tjXzrRr.js +1 -0
- package/dist/ui/assets/rust-Cfkwpbl8.js +1 -0
- package/dist/ui/assets/sas-rqWHY37U.js +1 -0
- package/dist/ui/assets/sass-DXrisJhu.js +1 -0
- package/dist/ui/assets/scala-DKOlJaKm.js +1 -0
- package/dist/ui/assets/scheme-DQCgrYNe.js +1 -0
- package/dist/ui/assets/scss-aGYgGui9.js +1 -0
- package/dist/ui/assets/sdbl-bTVj8UrX.js +1 -0
- package/dist/ui/assets/shaderlab-TOUzSsQk.js +1 -0
- package/dist/ui/assets/shellscript-CYr5JWBI.js +1 -0
- package/dist/ui/assets/shellsession-CO3ljRR7.js +1 -0
- package/dist/ui/assets/slack-dark-DnToyrRv.js +1 -0
- package/dist/ui/assets/slack-ochin-B2OO5cIa.js +1 -0
- package/dist/ui/assets/smalltalk-B16xEiuN.js +1 -0
- package/dist/ui/assets/snazzy-light-4G7pJPwS.js +1 -0
- package/dist/ui/assets/solarized-dark-DV17i1UV.js +1 -0
- package/dist/ui/assets/solarized-light-DSh2HLQt.js +1 -0
- package/dist/ui/assets/solidity-CKzVLygQ.js +1 -0
- package/dist/ui/assets/soy-C4_rLmHV.js +1 -0
- package/dist/ui/assets/sparql-D_iOobhT.js +1 -0
- package/dist/ui/assets/splunk-BC2Px7Mm.js +1 -0
- package/dist/ui/assets/sql-2jcbKHJ9.js +1 -0
- package/dist/ui/assets/ssh-config-BgfXC-Er.js +1 -0
- package/dist/ui/assets/stata-Dbr0lM_v.js +1 -0
- package/dist/ui/assets/stylus-B6D30XZt.js +1 -0
- package/dist/ui/assets/surrealql-Cp0eMxMo.js +1 -0
- package/dist/ui/assets/svelte-BfsT9lcS.js +1 -0
- package/dist/ui/assets/swift-DonLKvLd.js +1 -0
- package/dist/ui/assets/synthwave-84-nFMaYfgc.js +1 -0
- package/dist/ui/assets/system-verilog-DJ5XKQeo.js +1 -0
- package/dist/ui/assets/systemd-BxMlprV5.js +1 -0
- package/dist/ui/assets/talonscript-CohzipZa.js +1 -0
- package/dist/ui/assets/tasl-DMoTqEGO.js +1 -0
- package/dist/ui/assets/tcl-CZd0xW_V.js +1 -0
- package/dist/ui/assets/templ-BBOwNqeW.js +1 -0
- package/dist/ui/assets/terraform-DswuEJGm.js +1 -0
- package/dist/ui/assets/tex-CPmn_RsX.js +1 -0
- package/dist/ui/assets/tokyo-night-oM2G3aXe.js +1 -0
- package/dist/ui/assets/toml-CcmNWLt0.js +1 -0
- package/dist/ui/assets/ts-tags-DMILlUz_.js +1 -0
- package/dist/ui/assets/tsv-sltzmVWM.js +1 -0
- package/dist/ui/assets/tsx-CUP2Lfiz.js +1 -0
- package/dist/ui/assets/turtle-ByJddavk.js +1 -0
- package/dist/ui/assets/twig-DEZ_7SDX.js +1 -0
- package/dist/ui/assets/typescript-DhaMQEhQ.js +1 -0
- package/dist/ui/assets/typespec-B88KGewJ.js +1 -0
- package/dist/ui/assets/typst-DI99ib-x.js +1 -0
- package/dist/ui/assets/useFileDiffInstance-Bo6irrE6.js +244 -0
- package/dist/ui/assets/v-DETTlOr0.js +1 -0
- package/dist/ui/assets/vala-zf12oZj6.js +1 -0
- package/dist/ui/assets/vb-Djn5o6TS.js +1 -0
- package/dist/ui/assets/verilog-CiiDBU1e.js +1 -0
- package/dist/ui/assets/vesper-D5bVUKB1.js +1 -0
- package/dist/ui/assets/vhdl-BroJfC0k.js +1 -0
- package/dist/ui/assets/viml-DvXPmvsu.js +1 -0
- package/dist/ui/assets/vitesse-black-fwtXNY1n.js +1 -0
- package/dist/ui/assets/vitesse-dark-BZCL-v6S.js +1 -0
- package/dist/ui/assets/vitesse-light-VbXTXTou.js +1 -0
- package/dist/ui/assets/vue-CAaS6wtt.js +1 -0
- package/dist/ui/assets/vue-html-D3Etensv.js +1 -0
- package/dist/ui/assets/vue-vine-DNRKj0Lh.js +1 -0
- package/dist/ui/assets/vyper-CgoNMtux.js +1 -0
- package/dist/ui/assets/wasm-BnjxR4X6.js +1 -0
- package/dist/ui/assets/wasm-ByWQv1Qj.js +1 -0
- package/dist/ui/assets/wenyan-C8pVoKbM.js +1 -0
- package/dist/ui/assets/wgsl-BsKzXJz4.js +1 -0
- package/dist/ui/assets/wikitext-ClFFjSW2.js +1 -0
- package/dist/ui/assets/wit-DdvCle-K.js +1 -0
- package/dist/ui/assets/wolfram-DLL8P-h_.js +1 -0
- package/dist/ui/assets/workspace-app-8--oTbCd.css +1 -0
- package/dist/ui/assets/workspace-app-BLeU1qC_.js +118 -0
- package/dist/ui/assets/xml-M-X6I2aP.js +1 -0
- package/dist/ui/assets/xsl-CR0ZlrL7.js +1 -0
- package/dist/ui/assets/yaml-pI4xDDgj.js +1 -0
- package/dist/ui/assets/zenscript-BnlCZFoB.js +1 -0
- package/dist/ui/assets/zig-CMLA9XwU.js +1 -0
- package/dist/ui/workspace-app.html +15 -0
- package/dist/user-config.js +57 -0
- package/dist/workspace-store.js +125 -0
- package/dist/workspaces.js +226 -0
- package/docs/assets/devspace-logo-light.png +0 -0
- package/docs/assets/devspace-screenshot.png +0 -0
- package/docs/chatgpt-coding-workflow.md +143 -0
- package/docs/configuration.md +129 -0
- package/docs/gotchas.md +214 -0
- package/docs/security.md +100 -0
- package/docs/setup.md +132 -0
- package/package.json +66 -0
- package/scripts/build-release.mjs +89 -0
- package/scripts/ensure-native-deps.mjs +29 -0
|
@@ -0,0 +1,143 @@
|
|
|
1
|
+
# ChatGPT Coding Workflow
|
|
2
|
+
|
|
3
|
+
DevSpace brings a Codex-style coding-agent loop to ChatGPT and other MCP hosts:
|
|
4
|
+
inspect the repo, follow local instructions, make scoped edits, run
|
|
5
|
+
verification, and show the user what changed.
|
|
6
|
+
|
|
7
|
+
## Open One Workspace
|
|
8
|
+
|
|
9
|
+
ChatGPT should call `open_workspace` once for a project folder:
|
|
10
|
+
|
|
11
|
+
```json
|
|
12
|
+
{
|
|
13
|
+
"path": "~/work/my-project"
|
|
14
|
+
}
|
|
15
|
+
```
|
|
16
|
+
|
|
17
|
+
The result includes a `workspaceId`. All later file, search, edit, review, and
|
|
18
|
+
shell calls should reuse that same `workspaceId`.
|
|
19
|
+
|
|
20
|
+
Do not reopen the same folder unless:
|
|
21
|
+
|
|
22
|
+
- the `workspaceId` is rejected as unknown
|
|
23
|
+
- the user switches to another folder
|
|
24
|
+
- the user switches between checkout and worktree mode
|
|
25
|
+
- the user explicitly asks to reopen
|
|
26
|
+
|
|
27
|
+
## Checkout Mode
|
|
28
|
+
|
|
29
|
+
Checkout mode is the default. DevSpace opens the actual directory:
|
|
30
|
+
|
|
31
|
+
```json
|
|
32
|
+
{
|
|
33
|
+
"path": "~/work/my-project"
|
|
34
|
+
}
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
Use this when the user wants ChatGPT to work in the current checkout.
|
|
38
|
+
|
|
39
|
+
## Worktree Mode
|
|
40
|
+
|
|
41
|
+
Use worktree mode for isolated parallel work:
|
|
42
|
+
|
|
43
|
+
```json
|
|
44
|
+
{
|
|
45
|
+
"path": "~/work/my-project",
|
|
46
|
+
"mode": "worktree"
|
|
47
|
+
}
|
|
48
|
+
```
|
|
49
|
+
|
|
50
|
+
Managed worktrees are created under:
|
|
51
|
+
|
|
52
|
+
```text
|
|
53
|
+
~/.devspace/worktrees
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
Worktree mode requires a Git repository with at least one commit. It starts from
|
|
57
|
+
`HEAD` unless `baseRef` is provided.
|
|
58
|
+
|
|
59
|
+
Uncommitted source checkout changes are not copied into the managed worktree.
|
|
60
|
+
DevSpace reports when the source checkout was dirty so the model can decide how
|
|
61
|
+
to proceed with the user.
|
|
62
|
+
|
|
63
|
+
## Project Instructions
|
|
64
|
+
|
|
65
|
+
When a workspace opens, DevSpace loads root-level instruction files:
|
|
66
|
+
|
|
67
|
+
- `AGENTS.md`
|
|
68
|
+
- `AGENTS.MD`
|
|
69
|
+
- `CLAUDE.md`
|
|
70
|
+
- `CLAUDE.MD`
|
|
71
|
+
|
|
72
|
+
Nested instruction files are returned as `availableAgentsFiles`. The model
|
|
73
|
+
should read the relevant nested file before working under that directory.
|
|
74
|
+
|
|
75
|
+
This keeps instructions explicit and inspectable instead of silently injecting
|
|
76
|
+
new context during later tool calls.
|
|
77
|
+
|
|
78
|
+
## Skills
|
|
79
|
+
|
|
80
|
+
Skills are enabled by default for coding-agent workflows.
|
|
81
|
+
|
|
82
|
+
DevSpace discovers skills from:
|
|
83
|
+
|
|
84
|
+
- `DEVSPACE_AGENT_DIR`, which defaults to `~/.codex`
|
|
85
|
+
- project `.pi/skills`
|
|
86
|
+
- optional paths from `DEVSPACE_SKILL_PATHS`
|
|
87
|
+
|
|
88
|
+
When `open_workspace` returns matching skills, the model should read the
|
|
89
|
+
advertised `SKILL.md` before following that skill.
|
|
90
|
+
|
|
91
|
+
Skill paths may be outside the workspace. DevSpace only permits reading:
|
|
92
|
+
|
|
93
|
+
- advertised `SKILL.md` files
|
|
94
|
+
- files under a skill directory after that skill's `SKILL.md` has been read
|
|
95
|
+
|
|
96
|
+
Set `DEVSPACE_SKILLS=0` to hide skills from workspace output.
|
|
97
|
+
|
|
98
|
+
## Tool Names
|
|
99
|
+
|
|
100
|
+
Legacy names are the default:
|
|
101
|
+
|
|
102
|
+
- `open_workspace`
|
|
103
|
+
- `read_file`
|
|
104
|
+
- `write_file`
|
|
105
|
+
- `edit_file`
|
|
106
|
+
- `grep_files`
|
|
107
|
+
- `find_files`
|
|
108
|
+
- `list_directory`
|
|
109
|
+
- `run_shell`
|
|
110
|
+
|
|
111
|
+
Short names are available with `DEVSPACE_TOOL_NAMING=short`:
|
|
112
|
+
|
|
113
|
+
- `open_workspace`
|
|
114
|
+
- `read`
|
|
115
|
+
- `write`
|
|
116
|
+
- `edit`
|
|
117
|
+
- `grep`
|
|
118
|
+
- `glob`
|
|
119
|
+
- `ls`
|
|
120
|
+
- `bash`
|
|
121
|
+
|
|
122
|
+
## Review Changes
|
|
123
|
+
|
|
124
|
+
By default, `DEVSPACE_WIDGETS=changes`.
|
|
125
|
+
|
|
126
|
+
In that mode, DevSpace exposes `review_changes`. After a coherent set of edits,
|
|
127
|
+
the model should call it once to show an aggregate diff review card.
|
|
128
|
+
|
|
129
|
+
Use `DEVSPACE_WIDGETS=off` to disable widget UI, or `DEVSPACE_WIDGETS=full` to
|
|
130
|
+
restore per-tool debug cards.
|
|
131
|
+
|
|
132
|
+
## Shell Use
|
|
133
|
+
|
|
134
|
+
The shell tool is for commands that belong in a terminal:
|
|
135
|
+
|
|
136
|
+
- tests
|
|
137
|
+
- builds
|
|
138
|
+
- git inspection
|
|
139
|
+
- package scripts
|
|
140
|
+
- environment checks
|
|
141
|
+
|
|
142
|
+
File writes should go through the edit/write tools rather than shell
|
|
143
|
+
redirection, heredocs, `tee`, `sed -i`, or generated scripts.
|
|
@@ -0,0 +1,129 @@
|
|
|
1
|
+
# Configuration Reference
|
|
2
|
+
|
|
3
|
+
DevSpace can be configured through `devspace init`, persisted config files, or
|
|
4
|
+
environment variables.
|
|
5
|
+
|
|
6
|
+
The default files are:
|
|
7
|
+
|
|
8
|
+
```text
|
|
9
|
+
~/.devspace/config.json
|
|
10
|
+
~/.devspace/auth.json
|
|
11
|
+
```
|
|
12
|
+
|
|
13
|
+
Use another config directory with:
|
|
14
|
+
|
|
15
|
+
```bash
|
|
16
|
+
DEVSPACE_CONFIG_DIR=/path/to/config npx @waishnav/devspace serve
|
|
17
|
+
```
|
|
18
|
+
|
|
19
|
+
## Commands
|
|
20
|
+
|
|
21
|
+
```bash
|
|
22
|
+
npx @waishnav/devspace init
|
|
23
|
+
npx @waishnav/devspace serve
|
|
24
|
+
npx @waishnav/devspace doctor
|
|
25
|
+
npx @waishnav/devspace config get
|
|
26
|
+
npx @waishnav/devspace config set publicBaseUrl https://devspace.example.com
|
|
27
|
+
```
|
|
28
|
+
|
|
29
|
+
## Core Environment Variables
|
|
30
|
+
|
|
31
|
+
| Variable | Purpose |
|
|
32
|
+
| --- | --- |
|
|
33
|
+
| `HOST` | Local bind host. Defaults to `127.0.0.1`. |
|
|
34
|
+
| `PORT` | Local port. Defaults to `7676`. |
|
|
35
|
+
| `DEVSPACE_ALLOWED_ROOTS` | Comma-separated local roots that workspaces may open. |
|
|
36
|
+
| `DEVSPACE_PUBLIC_BASE_URL` | Public origin for the server, without `/mcp`. |
|
|
37
|
+
| `DEVSPACE_ALLOWED_HOSTS` | Optional Host header allowlist override. |
|
|
38
|
+
| `DEVSPACE_OAUTH_OWNER_TOKEN` | Owner password for OAuth approval. Must be at least 16 characters. |
|
|
39
|
+
| `DEVSPACE_WORKTREE_ROOT` | Directory for managed Git worktrees. Defaults to `~/.devspace/worktrees`. |
|
|
40
|
+
| `DEVSPACE_STATE_DIR` | Directory for SQLite state. Defaults to `~/.local/share/devspace`. |
|
|
41
|
+
|
|
42
|
+
## OAuth
|
|
43
|
+
|
|
44
|
+
DevSpace uses a single-user OAuth approval flow.
|
|
45
|
+
|
|
46
|
+
| Variable | Default |
|
|
47
|
+
| --- | --- |
|
|
48
|
+
| `DEVSPACE_OAUTH_ACCESS_TOKEN_TTL_SECONDS` | `3600` |
|
|
49
|
+
| `DEVSPACE_OAUTH_REFRESH_TOKEN_TTL_SECONDS` | `2592000` |
|
|
50
|
+
| `DEVSPACE_OAUTH_SCOPES` | `devspace` |
|
|
51
|
+
| `DEVSPACE_OAUTH_ALLOWED_REDIRECT_HOSTS` | `chatgpt.com,localhost,127.0.0.1` |
|
|
52
|
+
|
|
53
|
+
MCP clients discover metadata from:
|
|
54
|
+
|
|
55
|
+
```text
|
|
56
|
+
/.well-known/oauth-protected-resource/mcp
|
|
57
|
+
/.well-known/oauth-authorization-server
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
## Tool Modes
|
|
61
|
+
|
|
62
|
+
`DEVSPACE_TOOL_NAMING` controls tool names.
|
|
63
|
+
|
|
64
|
+
| Value | Behavior |
|
|
65
|
+
| --- | --- |
|
|
66
|
+
| `legacy` | Default. Uses `read_file`, `edit_file`, `run_shell`, and related names. |
|
|
67
|
+
| `short` | Uses `read`, `edit`, `bash`, and related names. |
|
|
68
|
+
|
|
69
|
+
`DEVSPACE_TOOL_MODE=minimal` disables dedicated search and list tools. In
|
|
70
|
+
minimal mode, clients use the shell tool with `rg`, `grep`, `find`, `ls`, or
|
|
71
|
+
`tree` for inspection.
|
|
72
|
+
|
|
73
|
+
## Widgets
|
|
74
|
+
|
|
75
|
+
`DEVSPACE_WIDGETS` controls ChatGPT Apps iframe usage.
|
|
76
|
+
|
|
77
|
+
| Value | Behavior |
|
|
78
|
+
| --- | --- |
|
|
79
|
+
| `changes` | Default. Widget UI is attached to `open_workspace` and `review_changes`. |
|
|
80
|
+
| `full` | Enables legacy per-tool cards for debugging. |
|
|
81
|
+
| `off` | Disables widget UI. |
|
|
82
|
+
|
|
83
|
+
## Skills
|
|
84
|
+
|
|
85
|
+
| Variable | Purpose |
|
|
86
|
+
| --- | --- |
|
|
87
|
+
| `DEVSPACE_SKILLS` | Set to `0` to hide skills. Enabled by default. |
|
|
88
|
+
| `DEVSPACE_AGENT_DIR` | Defaults to `~/.codex`. |
|
|
89
|
+
| `DEVSPACE_SKILL_PATHS` | Optional comma-separated skill directories. |
|
|
90
|
+
|
|
91
|
+
Example:
|
|
92
|
+
|
|
93
|
+
```bash
|
|
94
|
+
DEVSPACE_SKILL_PATHS="$HOME/.codex/skills,$HOME/.claude/skills" \
|
|
95
|
+
npx @waishnav/devspace serve
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
## Logging
|
|
99
|
+
|
|
100
|
+
| Variable | Default |
|
|
101
|
+
| --- | --- |
|
|
102
|
+
| `DEVSPACE_LOG_LEVEL` | `info` |
|
|
103
|
+
| `DEVSPACE_LOG_FORMAT` | `json` |
|
|
104
|
+
| `DEVSPACE_LOG_REQUESTS` | `1` |
|
|
105
|
+
| `DEVSPACE_LOG_ASSETS` | `0` |
|
|
106
|
+
| `DEVSPACE_LOG_TOOL_CALLS` | `1` |
|
|
107
|
+
| `DEVSPACE_LOG_SHELL_COMMANDS` | `0` |
|
|
108
|
+
| `DEVSPACE_TRUST_PROXY` | `0` |
|
|
109
|
+
|
|
110
|
+
Set `DEVSPACE_LOG_FORMAT=pretty` for local debugging.
|
|
111
|
+
|
|
112
|
+
Set `DEVSPACE_LOG_SHELL_COMMANDS=1` only when you intentionally want command
|
|
113
|
+
previews in logs.
|
|
114
|
+
|
|
115
|
+
## Env-Only Example
|
|
116
|
+
|
|
117
|
+
```bash
|
|
118
|
+
DEVSPACE_OAUTH_OWNER_TOKEN="$(openssl rand -base64 32)" \
|
|
119
|
+
DEVSPACE_ALLOWED_ROOTS="$HOME/personal,$HOME/work" \
|
|
120
|
+
DEVSPACE_PUBLIC_BASE_URL="https://devspace.example.com" \
|
|
121
|
+
DEVSPACE_WORKTREE_ROOT="$HOME/.devspace/worktrees" \
|
|
122
|
+
DEVSPACE_TOOL_MODE="full" \
|
|
123
|
+
DEVSPACE_TOOL_NAMING="legacy" \
|
|
124
|
+
DEVSPACE_WIDGETS="changes" \
|
|
125
|
+
npx @waishnav/devspace serve
|
|
126
|
+
```
|
|
127
|
+
|
|
128
|
+
The environment assignments must be part of the same command invocation, or
|
|
129
|
+
exported first.
|
package/docs/gotchas.md
ADDED
|
@@ -0,0 +1,214 @@
|
|
|
1
|
+
# Troubleshooting Gotchas
|
|
2
|
+
|
|
3
|
+
This page collects the setup issues users are most likely to hit.
|
|
4
|
+
|
|
5
|
+
## `devspace` Command Not Found
|
|
6
|
+
|
|
7
|
+
Use `npx`:
|
|
8
|
+
|
|
9
|
+
```bash
|
|
10
|
+
npx @waishnav/devspace init
|
|
11
|
+
npx @waishnav/devspace serve
|
|
12
|
+
```
|
|
13
|
+
|
|
14
|
+
If you installed globally, confirm npm's global bin directory is on `PATH`.
|
|
15
|
+
|
|
16
|
+
## Unsupported Node Version
|
|
17
|
+
|
|
18
|
+
DevSpace requires Node `>=20.12 <27`.
|
|
19
|
+
|
|
20
|
+
Check:
|
|
21
|
+
|
|
22
|
+
```bash
|
|
23
|
+
node --version
|
|
24
|
+
```
|
|
25
|
+
|
|
26
|
+
Install Node 22 LTS with your preferred version manager such as `nvm`, `fnm`, or
|
|
27
|
+
`mise`.
|
|
28
|
+
|
|
29
|
+
## `better-sqlite3` Could Not Load
|
|
30
|
+
|
|
31
|
+
This usually means native dependencies were installed under a different Node
|
|
32
|
+
runtime.
|
|
33
|
+
|
|
34
|
+
Try:
|
|
35
|
+
|
|
36
|
+
```bash
|
|
37
|
+
npm rebuild better-sqlite3
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
Then run:
|
|
41
|
+
|
|
42
|
+
```bash
|
|
43
|
+
npx @waishnav/devspace doctor
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
Release starts run a native dependency check before launching.
|
|
47
|
+
|
|
48
|
+
## Public URL Includes `/mcp`
|
|
49
|
+
|
|
50
|
+
Use the origin for setup:
|
|
51
|
+
|
|
52
|
+
```text
|
|
53
|
+
https://your-tunnel-host.example.com
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
Use the MCP endpoint in the client:
|
|
57
|
+
|
|
58
|
+
```text
|
|
59
|
+
https://your-tunnel-host.example.com/mcp
|
|
60
|
+
```
|
|
61
|
+
|
|
62
|
+
If you saved the wrong value:
|
|
63
|
+
|
|
64
|
+
```bash
|
|
65
|
+
npx @waishnav/devspace config set publicBaseUrl https://your-tunnel-host.example.com
|
|
66
|
+
```
|
|
67
|
+
|
|
68
|
+
## Tunnel URL Changed
|
|
69
|
+
|
|
70
|
+
Temporary tunnels often change URLs between runs.
|
|
71
|
+
|
|
72
|
+
For a one-off run:
|
|
73
|
+
|
|
74
|
+
```bash
|
|
75
|
+
DEVSPACE_PUBLIC_BASE_URL="https://new-tunnel.example.com" npx @waishnav/devspace serve
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
For a stable URL:
|
|
79
|
+
|
|
80
|
+
```bash
|
|
81
|
+
npx @waishnav/devspace config set publicBaseUrl https://devspace.example.com
|
|
82
|
+
```
|
|
83
|
+
|
|
84
|
+
## Host Header Or 403 Problems
|
|
85
|
+
|
|
86
|
+
DevSpace derives allowed hosts from the configured public URL.
|
|
87
|
+
|
|
88
|
+
Run:
|
|
89
|
+
|
|
90
|
+
```bash
|
|
91
|
+
npx @waishnav/devspace doctor
|
|
92
|
+
```
|
|
93
|
+
|
|
94
|
+
Confirm the public URL hostname appears in allowed hosts. If you changed tunnel
|
|
95
|
+
URLs, update `publicBaseUrl`.
|
|
96
|
+
|
|
97
|
+
Use this only for intentional local debugging:
|
|
98
|
+
|
|
99
|
+
```bash
|
|
100
|
+
DEVSPACE_ALLOWED_HOSTS="*" npx @waishnav/devspace serve
|
|
101
|
+
```
|
|
102
|
+
|
|
103
|
+
## OAuth Redirect Host Rejected
|
|
104
|
+
|
|
105
|
+
By default, DevSpace allows redirects for:
|
|
106
|
+
|
|
107
|
+
```text
|
|
108
|
+
chatgpt.com
|
|
109
|
+
localhost
|
|
110
|
+
127.0.0.1
|
|
111
|
+
```
|
|
112
|
+
|
|
113
|
+
If another MCP client uses a different redirect host, configure:
|
|
114
|
+
|
|
115
|
+
```bash
|
|
116
|
+
DEVSPACE_OAUTH_ALLOWED_REDIRECT_HOSTS="chatgpt.com,example.com" npx @waishnav/devspace serve
|
|
117
|
+
```
|
|
118
|
+
|
|
119
|
+
## Owner Password Not Accepted
|
|
120
|
+
|
|
121
|
+
Make sure you are entering the Owner password from:
|
|
122
|
+
|
|
123
|
+
```text
|
|
124
|
+
~/.devspace/auth.json
|
|
125
|
+
```
|
|
126
|
+
|
|
127
|
+
To regenerate setup:
|
|
128
|
+
|
|
129
|
+
```bash
|
|
130
|
+
npx @waishnav/devspace init --force
|
|
131
|
+
```
|
|
132
|
+
|
|
133
|
+
## Unknown `workspaceId`
|
|
134
|
+
|
|
135
|
+
`workspaceId` values are session identifiers. If the server restarts and the
|
|
136
|
+
client receives an unknown workspace error, call `open_workspace` again for that
|
|
137
|
+
project.
|
|
138
|
+
|
|
139
|
+
Workspace session metadata is persisted, but clients should still treat
|
|
140
|
+
`open_workspace` as the way to begin a fresh working session.
|
|
141
|
+
|
|
142
|
+
## Workspace Path Rejected
|
|
143
|
+
|
|
144
|
+
The path must be inside one of the allowed roots configured during setup.
|
|
145
|
+
|
|
146
|
+
Run:
|
|
147
|
+
|
|
148
|
+
```bash
|
|
149
|
+
npx @waishnav/devspace config get
|
|
150
|
+
```
|
|
151
|
+
|
|
152
|
+
Then either open a project under an allowed root or rerun setup:
|
|
153
|
+
|
|
154
|
+
```bash
|
|
155
|
+
npx @waishnav/devspace init --force
|
|
156
|
+
```
|
|
157
|
+
|
|
158
|
+
## Worktree Mode Fails
|
|
159
|
+
|
|
160
|
+
Worktree mode requires:
|
|
161
|
+
|
|
162
|
+
- Git installed
|
|
163
|
+
- the path is inside a Git repository
|
|
164
|
+
- the repository has at least one commit
|
|
165
|
+
- the requested `baseRef` resolves to a commit
|
|
166
|
+
|
|
167
|
+
For a new repository, create the first commit or use checkout mode.
|
|
168
|
+
|
|
169
|
+
Uncommitted source checkout changes are not copied into the managed worktree.
|
|
170
|
+
Commit, stash, or ask the model to work in checkout mode if those changes are
|
|
171
|
+
needed.
|
|
172
|
+
|
|
173
|
+
## Windows Shell Commands Fail
|
|
174
|
+
|
|
175
|
+
DevSpace shell execution requires Bash. Native PowerShell and `cmd.exe` command
|
|
176
|
+
execution are not supported yet.
|
|
177
|
+
|
|
178
|
+
Install Git for Windows and use Git Bash, or use WSL, MSYS2, or Cygwin Bash.
|
|
179
|
+
|
|
180
|
+
Run:
|
|
181
|
+
|
|
182
|
+
```bash
|
|
183
|
+
npx @waishnav/devspace doctor
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
Confirm Bash is detected.
|
|
187
|
+
|
|
188
|
+
## Skills Do Not Appear
|
|
189
|
+
|
|
190
|
+
Skills are enabled by default. Check:
|
|
191
|
+
|
|
192
|
+
```bash
|
|
193
|
+
DEVSPACE_SKILLS=1 npx @waishnav/devspace serve
|
|
194
|
+
```
|
|
195
|
+
|
|
196
|
+
DevSpace looks in:
|
|
197
|
+
|
|
198
|
+
- `DEVSPACE_AGENT_DIR`, defaulting to `~/.codex`
|
|
199
|
+
- project `.pi/skills`
|
|
200
|
+
- `DEVSPACE_SKILL_PATHS`
|
|
201
|
+
|
|
202
|
+
If a skill appears in `open_workspace`, the model must read that skill's
|
|
203
|
+
`SKILL.md` before reading other files inside the skill directory.
|
|
204
|
+
|
|
205
|
+
## Review Card Does Not Appear
|
|
206
|
+
|
|
207
|
+
The aggregate diff card is enabled by default with:
|
|
208
|
+
|
|
209
|
+
```bash
|
|
210
|
+
DEVSPACE_WIDGETS=changes
|
|
211
|
+
```
|
|
212
|
+
|
|
213
|
+
The model should call `review_changes` after a coherent set of edits. Plain MCP
|
|
214
|
+
clients may ignore ChatGPT Apps widget metadata and only show text results.
|
package/docs/security.md
ADDED
|
@@ -0,0 +1,100 @@
|
|
|
1
|
+
# Security Model
|
|
2
|
+
|
|
3
|
+
DevSpace exposes local coding capabilities over MCP. Treat it as remote access
|
|
4
|
+
to your development machine.
|
|
5
|
+
|
|
6
|
+
The security model is simple:
|
|
7
|
+
|
|
8
|
+
- you choose a narrow filesystem allowlist
|
|
9
|
+
- the MCP endpoint requires OAuth approval with your Owner password
|
|
10
|
+
- Host headers are allowlisted from the configured public URL
|
|
11
|
+
- every coding action happens through explicit MCP tool calls
|
|
12
|
+
|
|
13
|
+
## Filesystem Allowlist
|
|
14
|
+
|
|
15
|
+
DevSpace only opens workspaces under configured roots.
|
|
16
|
+
|
|
17
|
+
Good examples:
|
|
18
|
+
|
|
19
|
+
```text
|
|
20
|
+
~/work
|
|
21
|
+
~/personal/open-source
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
Avoid broad roots:
|
|
25
|
+
|
|
26
|
+
```text
|
|
27
|
+
~
|
|
28
|
+
/
|
|
29
|
+
C:\
|
|
30
|
+
```
|
|
31
|
+
|
|
32
|
+
The narrower the root, the easier it is to reason about what the MCP client can
|
|
33
|
+
reach.
|
|
34
|
+
|
|
35
|
+
## Owner Password
|
|
36
|
+
|
|
37
|
+
`devspace init` generates an Owner password and stores it in:
|
|
38
|
+
|
|
39
|
+
```text
|
|
40
|
+
~/.devspace/auth.json
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
When an MCP client connects, DevSpace shows an approval page. Enter the Owner
|
|
44
|
+
password only when you intentionally want that client to access this server.
|
|
45
|
+
|
|
46
|
+
For env-driven deployments, set a long random value:
|
|
47
|
+
|
|
48
|
+
```bash
|
|
49
|
+
DEVSPACE_OAUTH_OWNER_TOKEN="$(openssl rand -base64 32)"
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
## Public URL And Host Allowlist
|
|
53
|
+
|
|
54
|
+
DevSpace needs `DEVSPACE_PUBLIC_BASE_URL` so MCP clients can discover OAuth
|
|
55
|
+
metadata and connect to the correct resource.
|
|
56
|
+
|
|
57
|
+
The value should be the origin only:
|
|
58
|
+
|
|
59
|
+
```text
|
|
60
|
+
https://your-tunnel-host.example.com
|
|
61
|
+
```
|
|
62
|
+
|
|
63
|
+
Do not include `/mcp` in `DEVSPACE_PUBLIC_BASE_URL`.
|
|
64
|
+
|
|
65
|
+
By default, DevSpace derives allowed Host headers from the local host and public
|
|
66
|
+
URL. Use `DEVSPACE_ALLOWED_HOSTS=*` only for intentional local debugging.
|
|
67
|
+
|
|
68
|
+
## Tunnels
|
|
69
|
+
|
|
70
|
+
DevSpace does not manage tunnels. Your tunnel or reverse proxy should point to:
|
|
71
|
+
|
|
72
|
+
```text
|
|
73
|
+
http://127.0.0.1:7676
|
|
74
|
+
```
|
|
75
|
+
|
|
76
|
+
Prefer adding Cloudflare Access, Tailscale identity controls, or equivalent
|
|
77
|
+
protection in front of public tunnels. DevSpace OAuth still protects the MCP
|
|
78
|
+
endpoint, but the tunnel URL should not be treated as a secret.
|
|
79
|
+
|
|
80
|
+
## Shell Access
|
|
81
|
+
|
|
82
|
+
The shell tool is powerful by design. It is meant for tests, builds, git, and
|
|
83
|
+
package scripts.
|
|
84
|
+
|
|
85
|
+
Filesystem path containment applies to DevSpace file tools. Shell commands run
|
|
86
|
+
as local commands and can do what your user account can do. This is why the MCP
|
|
87
|
+
client must be trusted and the Owner password must stay private.
|
|
88
|
+
|
|
89
|
+
## Worktrees
|
|
90
|
+
|
|
91
|
+
Managed worktrees reduce accidental edits to your active checkout, but they are
|
|
92
|
+
not a security boundary. They are a workflow boundary for isolated coding
|
|
93
|
+
sessions.
|
|
94
|
+
|
|
95
|
+
## Logs
|
|
96
|
+
|
|
97
|
+
By default, DevSpace logs requests and tool calls. Shell command previews are
|
|
98
|
+
disabled unless `DEVSPACE_LOG_SHELL_COMMANDS=1`.
|
|
99
|
+
|
|
100
|
+
Do not enable shell command logging if commands may contain secrets.
|
package/docs/setup.md
ADDED
|
@@ -0,0 +1,132 @@
|
|
|
1
|
+
# Setup Guide
|
|
2
|
+
|
|
3
|
+
This guide is for users who want ChatGPT or another MCP host to work in local
|
|
4
|
+
projects through DevSpace.
|
|
5
|
+
|
|
6
|
+
## Requirements
|
|
7
|
+
|
|
8
|
+
- Node `>=20.12 <27`; Node 22 LTS is recommended
|
|
9
|
+
- npm
|
|
10
|
+
- Git
|
|
11
|
+
- Bash, including Git Bash or WSL on Windows
|
|
12
|
+
- a public HTTPS URL that forwards to the local DevSpace server
|
|
13
|
+
|
|
14
|
+
DevSpace does not create the public tunnel for you. Use Cloudflare Tunnel,
|
|
15
|
+
ngrok, Pinggy, Tailscale Funnel, or your own HTTPS reverse proxy.
|
|
16
|
+
|
|
17
|
+
## Install And Configure
|
|
18
|
+
|
|
19
|
+
Run:
|
|
20
|
+
|
|
21
|
+
```bash
|
|
22
|
+
npx @waishnav/devspace init
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
The setup flow asks one question at a time.
|
|
26
|
+
|
|
27
|
+
### Project Roots
|
|
28
|
+
|
|
29
|
+
Choose the folders ChatGPT is allowed to open through DevSpace. Keep this
|
|
30
|
+
narrow.
|
|
31
|
+
|
|
32
|
+
Examples:
|
|
33
|
+
|
|
34
|
+
```text
|
|
35
|
+
~/personal,~/work
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
```text
|
|
39
|
+
/Users/alice/dev,/Users/alice/work
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
```text
|
|
43
|
+
C:\Users\alice\dev,C:\Users\alice\work
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
### Local Port
|
|
47
|
+
|
|
48
|
+
The default is `7676`.
|
|
49
|
+
|
|
50
|
+
The local MCP URL is:
|
|
51
|
+
|
|
52
|
+
```text
|
|
53
|
+
http://127.0.0.1:7676/mcp
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
### Public Base URL
|
|
57
|
+
|
|
58
|
+
Start your tunnel or reverse proxy before entering this value. Point the tunnel
|
|
59
|
+
at:
|
|
60
|
+
|
|
61
|
+
```text
|
|
62
|
+
http://127.0.0.1:7676
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
Enter the public origin without `/mcp`:
|
|
66
|
+
|
|
67
|
+
```text
|
|
68
|
+
https://your-tunnel-host.example.com
|
|
69
|
+
```
|
|
70
|
+
|
|
71
|
+
Configure the MCP client with the full MCP endpoint:
|
|
72
|
+
|
|
73
|
+
```text
|
|
74
|
+
https://your-tunnel-host.example.com/mcp
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
## Start The Server
|
|
78
|
+
|
|
79
|
+
Run:
|
|
80
|
+
|
|
81
|
+
```bash
|
|
82
|
+
npx @waishnav/devspace serve
|
|
83
|
+
```
|
|
84
|
+
|
|
85
|
+
If your tunnel URL changes for one run, override it without rewriting config:
|
|
86
|
+
|
|
87
|
+
```bash
|
|
88
|
+
DEVSPACE_PUBLIC_BASE_URL="https://new-tunnel.example.com" npx @waishnav/devspace serve
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
For a stable public URL, persist it:
|
|
92
|
+
|
|
93
|
+
```bash
|
|
94
|
+
npx @waishnav/devspace config set publicBaseUrl https://devspace.example.com
|
|
95
|
+
npx @waishnav/devspace serve
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
## Approve The Client
|
|
99
|
+
|
|
100
|
+
When ChatGPT, Claude, or another MCP client connects, DevSpace shows an Owner
|
|
101
|
+
password approval page. Enter the Owner password printed during setup.
|
|
102
|
+
|
|
103
|
+
The default config files are:
|
|
104
|
+
|
|
105
|
+
```text
|
|
106
|
+
~/.devspace/config.json
|
|
107
|
+
~/.devspace/auth.json
|
|
108
|
+
```
|
|
109
|
+
|
|
110
|
+
Keep `auth.json` private.
|
|
111
|
+
|
|
112
|
+
## Check Your Setup
|
|
113
|
+
|
|
114
|
+
Run:
|
|
115
|
+
|
|
116
|
+
```bash
|
|
117
|
+
npx @waishnav/devspace doctor
|
|
118
|
+
```
|
|
119
|
+
|
|
120
|
+
The doctor command reports the resolved config, Node version, Node ABI, platform,
|
|
121
|
+
Git, Bash, public URL, allowed hosts, and SQLite native dependency status.
|
|
122
|
+
|
|
123
|
+
## Running From A Local Checkout
|
|
124
|
+
|
|
125
|
+
If you are developing DevSpace itself instead of using the published package:
|
|
126
|
+
|
|
127
|
+
```bash
|
|
128
|
+
npm install --include=dev
|
|
129
|
+
npm run dev
|
|
130
|
+
```
|
|
131
|
+
|
|
132
|
+
The same setup rules apply.
|