aegis-bridge 2.2.2

package/dist/permission-guard.js

@@ -0,0 +1,197 @@
+/**
+ * permission-guard.ts — Guard against settings overriding CLI permission mode.
+ *
+ * Problem: Claude Code checks settings in 3 locations (priority order):
+ *   1. ~/.claude/settings.json (user-level)
+ *   2. <project>/.claude/settings.json (project-level, committed)
+ *   3. <project>/.claude/settings.local.json (project-level, local)
+ *
+ * Any of these can set `permissions.defaultMode: "bypassPermissions"` which
+ * OVERRIDES the CLI `--permission-mode default` flag. When Aegis spawns a
+ * session with autoApprove: false, the user expects permission prompts — but
+ * the settings silently bypass them.
+ *
+ * Fix: Before launching CC, if autoApprove is false, we neutralize any
+ * `bypassPermissions` in ALL 3 settings files by backing them up and patching
+ * the permission mode. On session cleanup we restore them.
+ *
+ * Issue #102 safety: Backups are stored in ~/.aegis/permission-backups/
+ * instead of the project directory to prevent accidental commit of secrets.
+ */
+import { readFile, writeFile, rename, unlink } from 'node:fs/promises';
+import { existsSync, mkdirSync } from 'node:fs';
+import { join } from 'node:path';
+import { homedir } from 'node:os';
+import { createHash } from 'node:crypto';
+import { ccSettingsSchema } from './validation.js';
+const SETTINGS_DIR = '.claude';
+const LOCAL_SETTINGS_FILE = 'settings.local.json';
+const PROJECT_SETTINGS_FILE = 'settings.json';
+/** Hash a workDir path to create a safe, unique backup directory name. */
+function workDirHash(workDir) {
+    return createHash('sha256').update(workDir).digest('hex').slice(0, 16);
+}
+// ─── Path helpers ───
+/** Location 3: project-level local settings */
+export function settingsPath(workDir) {
+    return join(workDir, SETTINGS_DIR, LOCAL_SETTINGS_FILE);
+}
+/** Location 2: project-level committed settings */
+export function projectSettingsPath(workDir) {
+    return join(workDir, SETTINGS_DIR, PROJECT_SETTINGS_FILE);
+}
+/** Location 1: user-level settings. Accepts optional homeDir for test isolation. */
+export function userSettingsPath(homeDir) {
+    return join(homeDir ?? homedir(), SETTINGS_DIR, PROJECT_SETTINGS_FILE);
+}
+/** Backup directory for a given workDir. Accepts optional homeDir for test isolation. */
+export function backupDirForWorkDir(workDir, homeDir) {
+    const aegisDir = join(homeDir ?? homedir(), '.aegis');
+    return join(aegisDir, 'permission-backups', workDirHash(workDir));
+}
+/** Get backup path for settings.local.json. Accepts optional homeDir for test isolation. */
+export function backupPath(workDir, homeDir) {
+    return join(backupDirForWorkDir(workDir, homeDir), LOCAL_SETTINGS_FILE);
+}
+/** Legacy backup path (in project dir) — for migration/cleanup. */
+function legacyBackupPath(workDir) {
+    return settingsPath(workDir) + '.aegis-backup';
+}
+/** User-level backup directory. */
+function userBackupDir(homeDir) {
+    return join(homeDir, '.aegis', 'permission-backups', '_user_');
+}
+/** All settings locations that could contain bypassPermissions. */
+function getAllSettingsLocations(workDir, homeDir) {
+    return [
+        // Location 1: user-level
+        { filePath: userSettingsPath(homeDir), backupPath: join(userBackupDir(homeDir), PROJECT_SETTINGS_FILE) },
+        // Location 2: project-level committed
+        { filePath: projectSettingsPath(workDir), backupPath: join(backupDirForWorkDir(workDir, homeDir), PROJECT_SETTINGS_FILE) },
+        // Location 3: project-level local
+        { filePath: settingsPath(workDir), backupPath: backupPath(workDir, homeDir) },
+    ];
+}
+/**
+ * Check a single settings file for bypassPermissions, back it up, and patch it.
+ * Returns true if the file was patched.
+ */
+async function neutralizeOneFile(filePath, bpPath, targetMode) {
+    if (!existsSync(filePath))
+        return false;
+    try {
+        const raw = await readFile(filePath, 'utf-8');
+        const settingsParsed = ccSettingsSchema.safeParse(JSON.parse(raw));
+        if (!settingsParsed.success)
+            return false;
+        const settings = settingsParsed.data;
+        const mode = settings?.permissions?.defaultMode;
+        if (mode !== 'bypassPermissions')
+            return false;
+        // Back up
+        mkdirSync(join(bpPath, '..'), { recursive: true });
+        await writeFile(bpPath, raw);
+        // Patch
+        if (!settings.permissions)
+            settings.permissions = {};
+        settings.permissions.defaultMode = targetMode;
+        await writeFile(filePath, JSON.stringify(settings, null, 2) + '\n');
+        console.log(`Permission guard: neutralized bypassPermissions in ${filePath} (backup: ${bpPath})`);
+        return true;
+    }
+    catch (e) {
+        console.error(`Permission guard: failed to neutralize ${filePath}: ${e.message}`);
+        return false;
+    }
+}
+/**
+ * Check all 3 CC settings locations for bypassPermissions. Back up and patch
+ * any that have it. Returns true if ANY file was patched.
+ *
+ * @param homeDir - Override home directory (for test isolation). Defaults to os.homedir().
+ */
+export async function neutralizeBypassPermissions(workDir, targetMode = 'default', homeDir) {
+    const locations = getAllSettingsLocations(workDir, homeDir ?? homedir());
+    let anyPatched = false;
+    for (const loc of locations) {
+        const patched = await neutralizeOneFile(loc.filePath, loc.backupPath, targetMode);
+        if (patched)
+            anyPatched = true;
+    }
+    return anyPatched;
+}
+/**
+ * Restore a single settings file from its backup.
+ */
+async function restoreOneFile(filePath, bpPath) {
+    if (!existsSync(bpPath))
+        return false;
+    try {
+        const raw = await readFile(bpPath, 'utf-8');
+        await writeFile(filePath, raw);
+        await unlink(bpPath);
+        console.log(`Permission guard: restored ${filePath} from backup`);
+        return true;
+    }
+    catch (e) {
+        console.error(`Permission guard: failed to restore from ${bpPath}: ${e.message}`);
+        return false;
+    }
+}
+/**
+ * Restore all 3 settings files from backups.
+ * Checks new backup locations first, then legacy location for backward compat.
+ *
+ * @param homeDir - Override home directory (for test isolation). Defaults to os.homedir().
+ */
+export async function restoreSettings(workDir, homeDir) {
+    const locations = getAllSettingsLocations(workDir, homeDir ?? homedir());
+    for (const loc of locations) {
+        await restoreOneFile(loc.filePath, loc.backupPath);
+    }
+    // Legacy fallback for settings.local.json only (in project dir)
+    const legacy = legacyBackupPath(workDir);
+    if (existsSync(legacy)) {
+        try {
+            await rename(legacy, settingsPath(workDir));
+            console.log(`Permission guard: restored ${settingsPath(workDir)} from legacy backup`);
+        }
+        catch (e) {
+            console.error(`Permission guard: failed to restore from legacy ${legacy}: ${e.message}`);
+        }
+    }
+}
+/**
+ * Clean up any orphaned backups (e.g. from a crash).
+ * Restores all 3 settings files from their backups.
+ *
+ * @param homeDir - Override home directory (for test isolation). Defaults to os.homedir().
+ */
+export async function cleanOrphanedBackup(workDir, homeDir) {
+    const locations = getAllSettingsLocations(workDir, homeDir ?? homedir());
+    for (const loc of locations) {
+        if (!existsSync(loc.backupPath))
+            continue;
+        try {
+            const raw = await readFile(loc.backupPath, 'utf-8');
+            await writeFile(loc.filePath, raw);
+            await unlink(loc.backupPath);
+            console.log(`Permission guard: cleaned orphaned backup for ${loc.filePath}`);
+        }
+        catch (e) {
+            console.error(`Permission guard: failed to clean orphaned backup: ${e.message}`);
+        }
+    }
+    // Clean legacy backup
+    const legacy = legacyBackupPath(workDir);
+    if (existsSync(legacy)) {
+        try {
+            await rename(legacy, settingsPath(workDir));
+            console.log(`Permission guard: cleaned legacy orphaned backup in ${workDir}`);
+        }
+        catch (e) {
+            console.error(`Permission guard: failed to clean legacy orphaned backup: ${e.message}`);
+        }
+    }
+}
+//# sourceMappingURL=permission-guard.js.map

package/dist/pipeline.d.ts

@@ -0,0 +1,84 @@
+/**
+ * pipeline.ts — Batch create and pipeline orchestration.
+ *
+ * Issue #36: Create multiple sessions in parallel, or define
+ * sequential pipelines with stage dependencies.
+ */
+import { type SessionManager } from './session.js';
+import { type SessionEventBus } from './events.js';
+export interface BatchSessionSpec {
+    name?: string;
+    workDir: string;
+    prompt?: string;
+    permissionMode?: string;
+    /** @deprecated Use permissionMode instead. */
+    autoApprove?: boolean;
+    stallThresholdMs?: number;
+}
+export interface BatchResult {
+    sessions: Array<{
+        id: string;
+        name: string;
+        promptDelivery?: {
+            delivered: boolean;
+            attempts: number;
+        };
+    }>;
+    created: number;
+    failed: number;
+    errors: string[];
+}
+export interface PipelineStage {
+    name: string;
+    workDir?: string;
+    prompt: string;
+    dependsOn?: string[];
+    permissionMode?: string;
+    /** @deprecated Use permissionMode instead. */
+    autoApprove?: boolean;
+}
+export interface PipelineConfig {
+    name: string;
+    workDir: string;
+    stages: PipelineStage[];
+}
+export type PipelineStageStatus = 'pending' | 'running' | 'completed' | 'failed';
+export interface PipelineState {
+    id: string;
+    name: string;
+    status: 'running' | 'completed' | 'failed';
+    stages: Array<{
+        name: string;
+        status: PipelineStageStatus;
+        sessionId?: string;
+        dependsOn: string[];
+        startedAt?: number;
+        completedAt?: number;
+        error?: string;
+    }>;
+    createdAt: number;
+}
+export declare class PipelineManager {
+    private sessions;
+    private eventBus?;
+    private pipelines;
+    private pipelineConfigs;
+    private pollInterval;
+    constructor(sessions: SessionManager, eventBus?: SessionEventBus | undefined);
+    /** Create multiple sessions in parallel. */
+    batchCreate(specs: BatchSessionSpec[]): Promise<BatchResult>;
+    /** Create a pipeline with stage dependencies. */
+    createPipeline(config: PipelineConfig): Promise<PipelineState>;
+    /** Get pipeline state. */
+    getPipeline(id: string): PipelineState | null;
+    /** List all pipelines. */
+    listPipelines(): PipelineState[];
+    /** Advance a pipeline: start stages whose dependencies are met. */
+    private advancePipeline;
+    /** Poll running pipelines and advance stages. */
+    private pollPipelines;
+    /** Detect circular dependencies. Throws if found. */
+    private detectCycles;
+    /** Clean up. */
+    destroy(): void;
+}

package/dist/pipeline.js

@@ -0,0 +1,218 @@
+/**
+ * pipeline.ts — Batch create and pipeline orchestration.
+ *
+ * Issue #36: Create multiple sessions in parallel, or define
+ * sequential pipelines with stage dependencies.
+ */
+import { getErrorMessage } from './validation.js';
+export class PipelineManager {
+    sessions;
+    eventBus;
+    pipelines = new Map();
+    pipelineConfigs = new Map(); // #219: preserve original stage config
+    pollInterval = null;
+    constructor(sessions, eventBus) {
+        this.sessions = sessions;
+        this.eventBus = eventBus;
+    }
+    /** Create multiple sessions in parallel. */
+    async batchCreate(specs) {
+        const results = await Promise.allSettled(specs.map(async (spec) => {
+            const session = await this.sessions.createSession({
+                workDir: spec.workDir,
+                name: spec.name,
+                permissionMode: spec.permissionMode,
+                autoApprove: spec.autoApprove,
+                stallThresholdMs: spec.stallThresholdMs,
+            });
+            let promptDelivery;
+            if (spec.prompt) {
+                promptDelivery = await this.sessions.sendInitialPrompt(session.id, spec.prompt);
+            }
+            return {
+                id: session.id,
+                name: session.windowName,
+                promptDelivery,
+            };
+        }));
+        const sessions = [];
+        const errors = [];
+        for (const result of results) {
+            if (result.status === 'fulfilled') {
+                sessions.push(result.value);
+            }
+            else {
+                errors.push(result.reason?.message || 'Unknown error');
+            }
+        }
+        return {
+            sessions,
+            created: sessions.length,
+            failed: errors.length,
+            errors,
+        };
+    }
+    /** Create a pipeline with stage dependencies. */
+    async createPipeline(config) {
+        const id = crypto.randomUUID();
+        // Validate: all dependsOn references must exist as stage names
+        const stageNames = new Set(config.stages.map(s => s.name));
+        for (const stage of config.stages) {
+            for (const dep of stage.dependsOn || []) {
+                if (!stageNames.has(dep)) {
+                    throw new Error(`Stage "${stage.name}" depends on unknown stage "${dep}"`);
+                }
+            }
+        }
+        // Check for circular dependencies
+        this.detectCycles(config.stages);
+        const pipeline = {
+            id,
+            name: config.name,
+            status: 'running',
+            stages: config.stages.map(s => ({
+                name: s.name,
+                status: 'pending',
+                dependsOn: s.dependsOn || [],
+            })),
+            createdAt: Date.now(),
+        };
+        this.pipelines.set(id, pipeline);
+        this.pipelineConfigs.set(id, config); // #219: store original config for polling
+        // Start stages with no dependencies immediately
+        await this.advancePipeline(id, config);
+        // Start polling for stage completion
+        if (!this.pollInterval) {
+            this.pollInterval = setInterval(() => this.pollPipelines(), 5000);
+        }
+        return pipeline;
+    }
+    /** Get pipeline state. */
+    getPipeline(id) {
+        return this.pipelines.get(id) || null;
+    }
+    /** List all pipelines. */
+    listPipelines() {
+        return Array.from(this.pipelines.values());
+    }
+    /** Advance a pipeline: start stages whose dependencies are met. */
+    async advancePipeline(id, config) {
+        const pipeline = this.pipelines.get(id);
+        if (!pipeline || pipeline.status !== 'running')
+            return;
+        const completedStages = new Set(pipeline.stages.filter(s => s.status === 'completed').map(s => s.name));
+        const failedStages = pipeline.stages.filter(s => s.status === 'failed');
+        // If any stage failed, fail the pipeline
+        if (failedStages.length > 0) {
+            pipeline.status = 'failed';
+            return;
+        }
+        // Check if all stages are completed
+        if (pipeline.stages.every(s => s.status === 'completed')) {
+            pipeline.status = 'completed';
+            if (this.eventBus) {
+                this.eventBus.emitEnded(id, 'pipeline_completed');
+            }
+            return;
+        }
+        // Start pending stages whose dependencies are all completed
+        for (const stage of pipeline.stages) {
+            if (stage.status !== 'pending')
+                continue;
+            const depsComplete = stage.dependsOn.every(d => completedStages.has(d));
+            if (!depsComplete)
+                continue;
+            // Find matching config stage
+            const stageConfig = config.stages.find(s => s.name === stage.name);
+            if (!stageConfig)
+                continue;
+            try {
+                const session = await this.sessions.createSession({
+                    workDir: stageConfig.workDir || config.workDir,
+                    name: `pipeline-${config.name}-${stage.name}`,
+                    permissionMode: stageConfig.permissionMode,
+                    autoApprove: stageConfig.autoApprove,
+                });
+                if (stageConfig.prompt) {
+                    await this.sessions.sendInitialPrompt(session.id, stageConfig.prompt);
+                }
+                stage.sessionId = session.id;
+                stage.status = 'running';
+                stage.startedAt = Date.now();
+            }
+            catch (e) {
+                stage.status = 'failed';
+                stage.error = getErrorMessage(e);
+                pipeline.status = 'failed';
+            }
+        }
+    }
+    /** Poll running pipelines and advance stages. */
+    async pollPipelines() {
+        for (const [id, pipeline] of this.pipelines) {
+            if (pipeline.status !== 'running')
+                continue;
+            // Check running stages for completion (idle status = done)
+            for (const stage of pipeline.stages) {
+                if (stage.status !== 'running' || !stage.sessionId)
+                    continue;
+                const session = this.sessions.getSession(stage.sessionId);
+                if (!session) {
+                    stage.status = 'failed';
+                    stage.error = 'Session disappeared';
+                    continue;
+                }
+                if (session.status === 'idle') {
+                    stage.status = 'completed';
+                    stage.completedAt = Date.now();
+                }
+            }
+            // #219: Use stored original config so stage prompt/permissionMode/autoApprove/workDir are preserved
+            const storedConfig = this.pipelineConfigs.get(id);
+            if (storedConfig) {
+                await this.advancePipeline(id, storedConfig);
+            }
+            // #221: Clean up completed/failed pipelines after 30s to avoid memory leak
+            // Note: advancePipeline may change status from 'running' to 'completed'/'failed'
+            if (pipeline.status !== 'running') {
+                const pipelineId = id;
+                setTimeout(() => {
+                    this.pipelines.delete(pipelineId);
+                    this.pipelineConfigs.delete(pipelineId); // #219: clean up stored config
+                }, 30_000);
+            }
+        }
+    }
+    /** Detect circular dependencies. Throws if found. */
+    detectCycles(stages) {
+        const graph = new Map();
+        for (const stage of stages) {
+            graph.set(stage.name, stage.dependsOn || []);
+        }
+        const visited = new Set();
+        const inStack = new Set();
+        const dfs = (node) => {
+            if (inStack.has(node))
+                throw new Error(`Circular dependency detected involving stage "${node}"`);
+            if (visited.has(node))
+                return;
+            inStack.add(node);
+            visited.add(node);
+            for (const dep of graph.get(node) || []) {
+                dfs(dep);
+            }
+            inStack.delete(node);
+        };
+        for (const stage of stages) {
+            dfs(stage.name);
+        }
+    }
+    /** Clean up. */
+    destroy() {
+        if (this.pollInterval) {
+            clearInterval(this.pollInterval);
+            this.pollInterval = null;
+        }
+    }
+}
+//# sourceMappingURL=pipeline.js.map

package/dist/screenshot.d.ts

@@ -0,0 +1,26 @@
+/**
+ * screenshot.ts — Headless screenshot capture via Playwright.
+ *
+ * Issue #22: Visual verification for CC sessions.
+ * Uses Playwright if available; returns 501 Not Implemented otherwise.
+ */
+export interface ScreenshotOptions {
+    url: string;
+    fullPage?: boolean;
+    width?: number;
+    height?: number;
+}
+export interface ScreenshotResult {
+    screenshot: string;
+    timestamp: string;
+    url: string;
+    width: number;
+    height: number;
+}
+/**
+ * Capture a screenshot of the given URL using headless Chromium.
+ * Returns the result or throws if Playwright is not available.
+ */
+export declare function captureScreenshot(opts: ScreenshotOptions): Promise<ScreenshotResult>;
+/** Check if Playwright is available for screenshot capture. */
+export declare function isPlaywrightAvailable(): boolean;

package/dist/screenshot.js

@@ -0,0 +1,57 @@
+/**
+ * screenshot.ts — Headless screenshot capture via Playwright.
+ *
+ * Issue #22: Visual verification for CC sessions.
+ * Uses Playwright if available; returns 501 Not Implemented otherwise.
+ */
+let playwrightAvailable = false;
+let chromium = null;
+// Lazy-load Playwright — only fails at startup, not import time
+try {
+    const pw = await import('playwright');
+    chromium = pw.chromium;
+    playwrightAvailable = true;
+}
+catch { /* playwright not installed — screenshot feature disabled */
+    playwrightAvailable = false;
+}
+/**
+ * Capture a screenshot of the given URL using headless Chromium.
+ * Returns the result or throws if Playwright is not available.
+ */
+export async function captureScreenshot(opts) {
+    if (!playwrightAvailable || !chromium) {
+        throw new Error('Playwright is not installed. Install it with: npx playwright install chromium && npm install -D playwright');
+    }
+    const browser = await chromium.launch({ headless: true });
+    try {
+        const context = await browser.newContext({
+            viewport: {
+                width: opts.width || 1280,
+                height: opts.height || 720,
+            },
+        });
+        const page = await context.newPage();
+        await page.goto(opts.url, { waitUntil: 'load', timeout: 30_000 });
+        const buffer = await page.screenshot({
+            fullPage: opts.fullPage || false,
+            type: 'png',
+        });
+        await context.close();
+        return {
+            screenshot: buffer.toString('base64'),
+            timestamp: new Date().toISOString(),
+            url: opts.url,
+            width: opts.width || 1280,
+            height: opts.height || 720,
+        };
+    }
+    finally {
+        await browser.close();
+    }
+}
+/** Check if Playwright is available for screenshot capture. */
+export function isPlaywrightAvailable() {
+    return playwrightAvailable;
+}
+//# sourceMappingURL=screenshot.js.map

package/dist/server.d.ts

@@ -0,0 +1,10 @@
+/**
+ * server.ts — HTTP API server for Aegis.
+ *
+ * Exposes RESTful endpoints for creating, managing, and interacting
+ * with Claude Code sessions running in tmux.
+ *
+ * Notification channels (Telegram, webhooks, etc.) are pluggable —
+ * the server doesn't know which channels are active.
+ */
+export {};