npm - agent-relay - Versions diffs - 1.2.0 → 1.3.0 - Mend

agent-relay 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (668) hide show

package/.gitattributes +3 -0
package/.nvmrc +1 -0
package/.trajectories/agent-relay-322-324.md +17 -0
package/.trajectories/completed/2026-01/traj_03zupyv1s7b9.json +49 -0
package/.trajectories/completed/2026-01/traj_03zupyv1s7b9.md +31 -0
package/.trajectories/completed/2026-01/traj_0zacdjl1g4ht.json +125 -0
package/.trajectories/completed/2026-01/traj_0zacdjl1g4ht.md +62 -0
package/.trajectories/completed/2026-01/traj_1dviorhnkcb5.json +65 -0
package/.trajectories/completed/2026-01/traj_1dviorhnkcb5.md +37 -0
package/.trajectories/completed/2026-01/traj_1k5if5snst2e.json +65 -0
package/.trajectories/completed/2026-01/traj_1k5if5snst2e.md +37 -0
package/.trajectories/completed/2026-01/traj_1rp3rges5811.json +49 -0
package/.trajectories/completed/2026-01/traj_1rp3rges5811.md +31 -0
package/.trajectories/completed/2026-01/traj_22bhyulruouw.json +113 -0
package/.trajectories/completed/2026-01/traj_22bhyulruouw.md +57 -0
package/.trajectories/completed/2026-01/traj_2dao7ddgnta0.json +53 -0
package/.trajectories/completed/2026-01/traj_2dao7ddgnta0.md +32 -0
package/.trajectories/completed/2026-01/traj_33iuy72sezbk.json +49 -0
package/.trajectories/completed/2026-01/traj_33iuy72sezbk.md +31 -0
package/.trajectories/completed/2026-01/traj_3t0440mjeunc.json +26 -0
package/.trajectories/completed/2026-01/traj_3t0440mjeunc.md +6 -0
package/.trajectories/completed/2026-01/traj_45x9494d9xnr.json +47 -0
package/.trajectories/completed/2026-01/traj_45x9494d9xnr.md +32 -0
package/.trajectories/completed/2026-01/traj_4aa0bb77s4nh.json +53 -0
package/.trajectories/completed/2026-01/traj_4aa0bb77s4nh.md +32 -0
package/.trajectories/completed/2026-01/traj_5ammh5qtvklq.json +77 -0
package/.trajectories/completed/2026-01/traj_5ammh5qtvklq.md +42 -0
package/.trajectories/completed/2026-01/traj_5lhmzq8rxpqv.json +59 -0
package/.trajectories/completed/2026-01/traj_5lhmzq8rxpqv.md +33 -0
package/.trajectories/completed/2026-01/traj_5vr4e9erb1fs.json +53 -0
package/.trajectories/completed/2026-01/traj_5vr4e9erb1fs.md +32 -0
package/.trajectories/completed/2026-01/traj_6fgiwdoklvym.json +48 -0
package/.trajectories/completed/2026-01/traj_6fgiwdoklvym.md +24 -0
package/.trajectories/completed/2026-01/traj_6mieijqyvaag.json +77 -0
package/.trajectories/completed/2026-01/traj_6mieijqyvaag.md +42 -0
package/.trajectories/completed/2026-01/traj_78ffm31jn3uk.json +77 -0
package/.trajectories/completed/2026-01/traj_78ffm31jn3uk.md +42 -0
package/.trajectories/completed/2026-01/traj_7ludwvz45veh.json +209 -0
package/.trajectories/completed/2026-01/traj_7ludwvz45veh.md +97 -0
package/.trajectories/completed/2026-01/traj_94gnp3k30goq.json +66 -0
package/.trajectories/completed/2026-01/traj_94gnp3k30goq.md +36 -0
package/.trajectories/completed/2026-01/traj_9921cuhel0pj.json +48 -0
package/.trajectories/completed/2026-01/traj_9921cuhel0pj.md +24 -0
package/.trajectories/completed/2026-01/traj_ajs7zqfux4wc.json +49 -0
package/.trajectories/completed/2026-01/traj_ajs7zqfux4wc.md +23 -0
package/.trajectories/completed/2026-01/traj_avqeghu6pz5a.json +40 -0
package/.trajectories/completed/2026-01/traj_avqeghu6pz5a.md +22 -0
package/.trajectories/completed/2026-01/traj_cvtqhlwcq9s0.json +53 -0
package/.trajectories/completed/2026-01/traj_cvtqhlwcq9s0.md +32 -0
package/.trajectories/completed/2026-01/traj_cxofprm2m2en.json +49 -0
package/.trajectories/completed/2026-01/traj_cxofprm2m2en.md +31 -0
package/.trajectories/completed/2026-01/traj_d2hhz3k0vrhn.json +26 -0
package/.trajectories/completed/2026-01/traj_d2hhz3k0vrhn.md +6 -0
package/.trajectories/completed/2026-01/traj_dcsp9s8y01ra.json +121 -0
package/.trajectories/completed/2026-01/traj_dcsp9s8y01ra.md +29 -0
package/.trajectories/completed/2026-01/traj_dfuvww9pege5.json +59 -0
package/.trajectories/completed/2026-01/traj_dfuvww9pege5.md +37 -0
package/.trajectories/completed/2026-01/traj_fhx9irlckht6.json +53 -0
package/.trajectories/completed/2026-01/traj_fhx9irlckht6.md +32 -0
package/.trajectories/completed/2026-01/traj_fqduidx3xbtp.json +101 -0
package/.trajectories/completed/2026-01/traj_fqduidx3xbtp.md +52 -0
package/.trajectories/completed/2026-01/traj_g0fisy9h51mf.json +77 -0
package/.trajectories/completed/2026-01/traj_g0fisy9h51mf.md +42 -0
package/.trajectories/completed/2026-01/traj_gjdre5voouod.json +53 -0
package/.trajectories/completed/2026-01/traj_gjdre5voouod.md +32 -0
package/.trajectories/completed/2026-01/traj_gtlyqtta3x8l.json +25 -0
package/.trajectories/completed/2026-01/traj_gtlyqtta3x8l.md +15 -0
package/.trajectories/completed/2026-01/traj_h4xijiuip3w4.json +101 -0
package/.trajectories/completed/2026-01/traj_h4xijiuip3w4.md +44 -0
package/.trajectories/completed/2026-01/traj_hf81ey93uz6t.json +49 -0
package/.trajectories/completed/2026-01/traj_hf81ey93uz6t.md +31 -0
package/.trajectories/completed/2026-01/traj_hfmki2jr9d4r.json +65 -0
package/.trajectories/completed/2026-01/traj_hfmki2jr9d4r.md +37 -0
package/.trajectories/completed/2026-01/traj_hhxte7w4gjjx.json +22 -0
package/.trajectories/completed/2026-01/traj_hhxte7w4gjjx.md +5 -0
package/.trajectories/completed/2026-01/traj_hpungyhoj6v5.json +53 -0
package/.trajectories/completed/2026-01/traj_hpungyhoj6v5.md +32 -0
package/.trajectories/completed/2026-01/traj_lq450ly148uw.json +49 -0
package/.trajectories/completed/2026-01/traj_lq450ly148uw.md +31 -0
package/.trajectories/completed/2026-01/traj_m2xkjv0w2sq7.json +25 -0
package/.trajectories/completed/2026-01/traj_m2xkjv0w2sq7.md +15 -0
package/.trajectories/completed/2026-01/traj_multi_server_arch.md +101 -0
package/.trajectories/completed/2026-01/traj_noq5zbvnrdvz.json +53 -0
package/.trajectories/completed/2026-01/traj_noq5zbvnrdvz.md +32 -0
package/.trajectories/completed/2026-01/traj_ntbs6ppopf46.json +53 -0
package/.trajectories/completed/2026-01/traj_ntbs6ppopf46.md +32 -0
package/.trajectories/completed/2026-01/traj_ozd98si6a7ns.json +48 -0
package/.trajectories/completed/2026-01/traj_ozd98si6a7ns.md +24 -0
package/.trajectories/completed/2026-01/traj_prdza7a5cxp5.json +53 -0
package/.trajectories/completed/2026-01/traj_prdza7a5cxp5.md +32 -0
package/.trajectories/completed/2026-01/traj_psd9ob0j2ru3.json +27 -0
package/.trajectories/completed/2026-01/traj_psd9ob0j2ru3.md +14 -0
package/.trajectories/completed/2026-01/traj_qb3twvvywfwi.json +77 -0
package/.trajectories/completed/2026-01/traj_qb3twvvywfwi.md +42 -0
package/.trajectories/completed/2026-01/traj_qft54mi7nfor.json +53 -0
package/.trajectories/completed/2026-01/traj_qft54mi7nfor.md +32 -0
package/.trajectories/completed/2026-01/traj_qx9uhf8whhxo.json +83 -0
package/.trajectories/completed/2026-01/traj_qx9uhf8whhxo.md +47 -0
package/.trajectories/completed/2026-01/traj_rd9toccj18a0.json +59 -0
package/.trajectories/completed/2026-01/traj_rd9toccj18a0.md +37 -0
package/.trajectories/completed/2026-01/traj_rt4fiw3ecp50.json +48 -0
package/.trajectories/completed/2026-01/traj_rt4fiw3ecp50.md +16 -0
package/.trajectories/completed/2026-01/traj_st8j35b0hrlc.json +59 -0
package/.trajectories/completed/2026-01/traj_st8j35b0hrlc.md +37 -0
package/.trajectories/completed/2026-01/traj_t1yy8m7hbuxp.json +53 -0
package/.trajectories/completed/2026-01/traj_t1yy8m7hbuxp.md +32 -0
package/.trajectories/completed/2026-01/traj_tmux_orchestrator_analysis.json +84 -0
package/.trajectories/completed/2026-01/traj_tmux_orchestrator_analysis.md +109 -0
package/.trajectories/completed/2026-01/traj_u9n9eqasw16k.json +53 -0
package/.trajectories/completed/2026-01/traj_u9n9eqasw16k.md +32 -0
package/.trajectories/completed/2026-01/traj_ub8csuv3lcv4.json +53 -0
package/.trajectories/completed/2026-01/traj_ub8csuv3lcv4.md +32 -0
package/.trajectories/completed/2026-01/traj_uc29tlso8i9s.json +186 -0
package/.trajectories/completed/2026-01/traj_uc29tlso8i9s.md +86 -0
package/.trajectories/completed/2026-01/traj_ui9b4tqxoa7j.json +77 -0
package/.trajectories/completed/2026-01/traj_ui9b4tqxoa7j.md +42 -0
package/.trajectories/completed/2026-01/traj_v87hypnongqx.json +71 -0
package/.trajectories/completed/2026-01/traj_v87hypnongqx.md +42 -0
package/.trajectories/completed/2026-01/traj_v9dkdoxylyid.json +89 -0
package/.trajectories/completed/2026-01/traj_v9dkdoxylyid.md +47 -0
package/.trajectories/completed/2026-01/traj_wkp2fgzdyinb.json +53 -0
package/.trajectories/completed/2026-01/traj_wkp2fgzdyinb.md +32 -0
package/.trajectories/completed/2026-01/traj_x14t8w8rn7xg.json +20 -0
package/.trajectories/completed/2026-01/traj_x14t8w8rn7xg.md +6 -0
package/.trajectories/completed/2026-01/traj_xnwbznkvv8ua.json +175 -0
package/.trajectories/completed/2026-01/traj_xnwbznkvv8ua.md +82 -0
package/.trajectories/completed/2026-01/traj_xy9vifpqet80.json +65 -0
package/.trajectories/completed/2026-01/traj_xy9vifpqet80.md +37 -0
package/.trajectories/completed/2026-01/traj_y7aiwijyfmmv.json +49 -0
package/.trajectories/completed/2026-01/traj_y7aiwijyfmmv.md +31 -0
package/.trajectories/completed/2026-01/traj_ysjc8zaeqtd3.json +47 -0
package/.trajectories/completed/2026-01/traj_ysjc8zaeqtd3.md +32 -0
package/.trajectories/completed/2026-01/traj_yvdadtvdgnz3.json +59 -0
package/.trajectories/completed/2026-01/traj_yvdadtvdgnz3.md +37 -0
package/.trajectories/completed/2026-01/traj_z0vcw1wrzide.json +53 -0
package/.trajectories/completed/2026-01/traj_z0vcw1wrzide.md +32 -0
package/.trajectories/consolidate-settings-panel.md +24 -0
package/.trajectories/gh-cli-user-token.md +26 -0
package/.trajectories/index.json +468 -0
package/ARCHITECTURE.md +1245 -0
package/TESTING.md +278 -0
package/deploy/init-db.sql +5 -0
package/deploy/scripts/setup-fly-workspaces.sh +69 -0
package/deploy/scripts/setup-railway.sh +75 -0
package/deploy/workspace/codex.config.toml +15 -0
package/deploy/workspace/entrypoint-browser.sh +118 -0
package/deploy/workspace/entrypoint.sh +508 -0
package/deploy/workspace/git-credential-relay +126 -0
package/dist/bridge/spawner.d.ts +7 -0
package/dist/bridge/spawner.js +40 -9
package/dist/bridge/types.d.ts +2 -0
package/dist/cli/index.js +260 -1
package/dist/cloud/api/admin.d.ts +8 -0
package/dist/cloud/api/admin.js +212 -0
package/dist/cloud/api/auth.js +8 -0
package/dist/cloud/api/billing.d.ts +0 -10
package/dist/cloud/api/billing.js +278 -67
package/dist/cloud/api/codex-auth-helper.d.ts +21 -0
package/dist/cloud/api/codex-auth-helper.js +307 -0
package/dist/cloud/api/coordinators.js +402 -0
package/dist/cloud/api/daemons.js +15 -11
package/dist/cloud/api/git.js +127 -19
package/dist/cloud/api/github-app.js +42 -8
package/dist/cloud/api/nango-auth.js +297 -16
package/dist/cloud/api/onboarding.js +112 -35
package/dist/cloud/api/providers.js +12 -16
package/dist/cloud/api/repos.d.ts +1 -0
package/dist/cloud/api/repos.js +311 -49
package/dist/cloud/api/test-helpers.js +40 -0
package/dist/cloud/api/usage.js +13 -0
package/dist/cloud/api/webhooks.d.ts +1 -0
package/dist/cloud/api/webhooks.js +149 -0
package/dist/cloud/api/workspaces.d.ts +18 -0
package/dist/cloud/api/workspaces.js +1042 -21
package/dist/cloud/billing/plans.js +19 -19
package/dist/cloud/config.d.ts +8 -0
package/dist/cloud/config.js +15 -0
package/dist/cloud/db/drizzle.d.ts +5 -2
package/dist/cloud/db/drizzle.js +27 -20
package/dist/cloud/db/schema.d.ts +19 -51
package/dist/cloud/db/schema.js +5 -4
package/dist/cloud/index.d.ts +0 -1
package/dist/cloud/index.js +0 -1
package/dist/cloud/provisioner/index.d.ts +125 -1
package/dist/cloud/provisioner/index.js +939 -53
package/dist/cloud/server.js +161 -16
package/dist/cloud/services/compute-enforcement.d.ts +57 -0
package/dist/cloud/services/compute-enforcement.js +175 -0
package/dist/cloud/services/index.d.ts +2 -0
package/dist/cloud/services/index.js +4 -0
package/dist/cloud/services/intro-expiration.d.ts +55 -0
package/dist/cloud/services/intro-expiration.js +211 -0
package/dist/cloud/services/nango.d.ts +74 -0
package/dist/cloud/services/nango.js +218 -5
package/dist/cloud/services/planLimits.d.ts +22 -0
package/dist/cloud/services/planLimits.js +58 -5
package/dist/cloud/services/ssh-security.d.ts +31 -0
package/dist/cloud/services/ssh-security.js +63 -0
package/dist/continuity/manager.d.ts +5 -0
package/dist/continuity/manager.js +56 -2
package/dist/daemon/api.d.ts +2 -0
package/dist/daemon/api.js +214 -5
package/dist/daemon/cli-auth.d.ts +13 -1
package/dist/daemon/cli-auth.js +166 -47
package/dist/daemon/connection.d.ts +7 -1
package/dist/daemon/connection.js +15 -0
package/dist/daemon/orchestrator.d.ts +2 -0
package/dist/daemon/orchestrator.js +26 -0
package/dist/daemon/repo-manager.d.ts +116 -0
package/dist/daemon/repo-manager.js +384 -0
package/dist/daemon/router.d.ts +60 -1
package/dist/daemon/router.js +281 -20
package/dist/daemon/user-directory.d.ts +111 -0
package/dist/daemon/user-directory.js +233 -0
package/dist/dashboard/out/404.html +1 -1
package/dist/dashboard/out/_next/static/T1tgCqVWHFIkV7ClEtzD7/_ssgManifest.js +1 -0
package/dist/dashboard/out/_next/static/chunks/532-bace199897eeab37.js +9 -0
package/dist/dashboard/out/_next/static/chunks/766-b54f0853794b78c3.js +1 -0
package/dist/dashboard/out/_next/static/chunks/83-b51836037078006c.js +1 -0
package/dist/dashboard/out/_next/static/chunks/891-6cd50de1224f70bb.js +1 -0
package/dist/dashboard/out/_next/static/chunks/899-bb19a9b3d9b39ea6.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/app/onboarding/page-8939b0fc700f7eca.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/app/page-5af1b6b439858aa6.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/metrics/page-ac39dc0cc3c26fa7.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/{page-daf87e86f783f980.js → page-4a5938c18a11a654.js} +1 -1
package/dist/dashboard/out/_next/static/chunks/app/providers/page-ac3a6ac433fd6001.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/providers/setup/[provider]/page-09f9caae98a18c09.js +1 -0
package/dist/dashboard/out/_next/static/chunks/{main-97850e03d723ea8c.js → main-2ee6beb2ae96d210.js} +1 -1
package/dist/dashboard/out/_next/static/css/85d2af9c7ac74d62.css +1 -0
package/dist/dashboard/out/_next/static/css/fe4b28883eeff359.css +1 -0
package/dist/dashboard/out/app/onboarding.html +1 -0
package/dist/dashboard/out/app/onboarding.txt +7 -0
package/dist/dashboard/out/app.html +1 -1
package/dist/dashboard/out/app.txt +3 -3
package/dist/dashboard/out/apple-icon.png +0 -0
package/dist/dashboard/out/connect-repos.html +1 -1
package/dist/dashboard/out/connect-repos.txt +3 -3
package/dist/dashboard/out/history.html +1 -1
package/dist/dashboard/out/history.txt +3 -3
package/dist/dashboard/out/index.html +1 -1
package/dist/dashboard/out/index.txt +3 -3
package/dist/dashboard/out/login.html +2 -2
package/dist/dashboard/out/login.txt +3 -3
package/dist/dashboard/out/metrics.html +1 -1
package/dist/dashboard/out/metrics.txt +3 -3
package/dist/dashboard/out/pricing.html +3 -3
package/dist/dashboard/out/pricing.txt +3 -3
package/dist/dashboard/out/providers/setup/claude.html +1 -0
package/dist/dashboard/out/providers/setup/claude.txt +8 -0
package/dist/dashboard/out/providers/setup/codex.html +1 -0
package/dist/dashboard/out/providers/setup/codex.txt +8 -0
package/dist/dashboard/out/providers.html +1 -1
package/dist/dashboard/out/providers.txt +3 -3
package/dist/dashboard/out/signup.html +2 -2
package/dist/dashboard/out/signup.txt +3 -3
package/dist/dashboard-server/server.js +316 -12
package/dist/dashboard-server/user-bridge.d.ts +103 -0
package/dist/dashboard-server/user-bridge.js +189 -0
package/dist/protocol/channels.d.ts +205 -0
package/dist/protocol/channels.js +154 -0
package/dist/protocol/types.d.ts +13 -1
package/dist/resiliency/provider-context.js +2 -0
package/dist/shared/cli-auth-config.d.ts +19 -0
package/dist/shared/cli-auth-config.js +58 -2
package/dist/utils/agent-config.js +1 -1
package/dist/wrapper/auth-detection.d.ts +49 -0
package/dist/wrapper/auth-detection.js +192 -0
package/dist/wrapper/base-wrapper.d.ts +153 -0
package/dist/wrapper/base-wrapper.js +393 -0
package/dist/wrapper/client.d.ts +7 -1
package/dist/wrapper/client.js +3 -0
package/dist/wrapper/index.d.ts +1 -0
package/dist/wrapper/index.js +4 -3
package/dist/wrapper/pty-wrapper.d.ts +62 -84
package/dist/wrapper/pty-wrapper.js +154 -180
package/dist/wrapper/tmux-wrapper.d.ts +41 -66
package/dist/wrapper/tmux-wrapper.js +90 -134
package/package.json +5 -12
package/scripts/postinstall.js +11 -155
package/scripts/test-interactive-terminal.sh +248 -0
package/test-push.txt +1 -0
package/bin/tmux +0 -0
package/dist/bridge/config.d.ts.map +0 -1
package/dist/bridge/config.js.map +0 -1
package/dist/bridge/index.d.ts.map +0 -1
package/dist/bridge/index.js.map +0 -1
package/dist/bridge/multi-project-client.d.ts.map +0 -1
package/dist/bridge/multi-project-client.js.map +0 -1
package/dist/bridge/shadow-cli.d.ts.map +0 -1
package/dist/bridge/shadow-cli.js.map +0 -1
package/dist/bridge/shadow-config.d.ts.map +0 -1
package/dist/bridge/shadow-config.js.map +0 -1
package/dist/bridge/spawner.d.ts.map +0 -1
package/dist/bridge/spawner.js.map +0 -1
package/dist/bridge/teams-config.d.ts.map +0 -1
package/dist/bridge/teams-config.js.map +0 -1
package/dist/bridge/types.d.ts.map +0 -1
package/dist/bridge/types.js.map +0 -1
package/dist/bridge/utils.d.ts.map +0 -1
package/dist/bridge/utils.js.map +0 -1
package/dist/cli/index.d.ts.map +0 -1
package/dist/cli/index.js.map +0 -1
package/dist/cloud/api/auth.d.ts.map +0 -1
package/dist/cloud/api/auth.js.map +0 -1
package/dist/cloud/api/billing.d.ts.map +0 -1
package/dist/cloud/api/billing.js.map +0 -1
package/dist/cloud/api/cli-pty-runner.d.ts.map +0 -1
package/dist/cloud/api/cli-pty-runner.js.map +0 -1
package/dist/cloud/api/coordinators.d.ts.map +0 -1
package/dist/cloud/api/coordinators.js.map +0 -1
package/dist/cloud/api/daemons.d.ts.map +0 -1
package/dist/cloud/api/daemons.js.map +0 -1
package/dist/cloud/api/generic-webhooks.d.ts.map +0 -1
package/dist/cloud/api/generic-webhooks.js.map +0 -1
package/dist/cloud/api/git.d.ts.map +0 -1
package/dist/cloud/api/git.js.map +0 -1
package/dist/cloud/api/github-app.d.ts.map +0 -1
package/dist/cloud/api/github-app.js.map +0 -1
package/dist/cloud/api/middleware/planLimits.d.ts.map +0 -1
package/dist/cloud/api/middleware/planLimits.js.map +0 -1
package/dist/cloud/api/monitoring.d.ts.map +0 -1
package/dist/cloud/api/monitoring.js.map +0 -1
package/dist/cloud/api/nango-auth.d.ts.map +0 -1
package/dist/cloud/api/nango-auth.js.map +0 -1
package/dist/cloud/api/onboarding.d.ts.map +0 -1
package/dist/cloud/api/onboarding.js.map +0 -1
package/dist/cloud/api/policy.d.ts.map +0 -1
package/dist/cloud/api/policy.js.map +0 -1
package/dist/cloud/api/providers.d.ts.map +0 -1
package/dist/cloud/api/providers.js.map +0 -1
package/dist/cloud/api/repos.d.ts.map +0 -1
package/dist/cloud/api/repos.js.map +0 -1
package/dist/cloud/api/teams.d.ts.map +0 -1
package/dist/cloud/api/teams.js.map +0 -1
package/dist/cloud/api/test-helpers.d.ts.map +0 -1
package/dist/cloud/api/test-helpers.js.map +0 -1
package/dist/cloud/api/usage.d.ts.map +0 -1
package/dist/cloud/api/usage.js.map +0 -1
package/dist/cloud/api/webhooks.d.ts.map +0 -1
package/dist/cloud/api/webhooks.js.map +0 -1
package/dist/cloud/api/workspaces.d.ts.map +0 -1
package/dist/cloud/api/workspaces.js.map +0 -1
package/dist/cloud/billing/index.d.ts.map +0 -1
package/dist/cloud/billing/index.js.map +0 -1
package/dist/cloud/billing/plans.d.ts.map +0 -1
package/dist/cloud/billing/plans.js.map +0 -1
package/dist/cloud/billing/service.d.ts.map +0 -1
package/dist/cloud/billing/service.js.map +0 -1
package/dist/cloud/billing/types.d.ts.map +0 -1
package/dist/cloud/billing/types.js.map +0 -1
package/dist/cloud/config.d.ts.map +0 -1
package/dist/cloud/config.js.map +0 -1
package/dist/cloud/db/drizzle.d.ts.map +0 -1
package/dist/cloud/db/drizzle.js.map +0 -1
package/dist/cloud/db/index.d.ts.map +0 -1
package/dist/cloud/db/index.js.map +0 -1
package/dist/cloud/db/schema.d.ts.map +0 -1
package/dist/cloud/db/schema.js.map +0 -1
package/dist/cloud/index.d.ts.map +0 -1
package/dist/cloud/index.js.map +0 -1
package/dist/cloud/provisioner/index.d.ts.map +0 -1
package/dist/cloud/provisioner/index.js.map +0 -1
package/dist/cloud/server.d.ts.map +0 -1
package/dist/cloud/server.js.map +0 -1
package/dist/cloud/services/auto-scaler.d.ts.map +0 -1
package/dist/cloud/services/auto-scaler.js.map +0 -1
package/dist/cloud/services/capacity-manager.d.ts.map +0 -1
package/dist/cloud/services/capacity-manager.js.map +0 -1
package/dist/cloud/services/ci-agent-spawner.d.ts.map +0 -1
package/dist/cloud/services/ci-agent-spawner.js.map +0 -1
package/dist/cloud/services/coordinator.d.ts.map +0 -1
package/dist/cloud/services/coordinator.js.map +0 -1
package/dist/cloud/services/index.d.ts.map +0 -1
package/dist/cloud/services/index.js.map +0 -1
package/dist/cloud/services/mention-handler.d.ts.map +0 -1
package/dist/cloud/services/mention-handler.js.map +0 -1
package/dist/cloud/services/nango.d.ts.map +0 -1
package/dist/cloud/services/nango.js.map +0 -1
package/dist/cloud/services/persistence.d.ts.map +0 -1
package/dist/cloud/services/persistence.js.map +0 -1
package/dist/cloud/services/planLimits.d.ts.map +0 -1
package/dist/cloud/services/planLimits.js.map +0 -1
package/dist/cloud/services/scaling-orchestrator.d.ts.map +0 -1
package/dist/cloud/services/scaling-orchestrator.js.map +0 -1
package/dist/cloud/services/scaling-policy.d.ts.map +0 -1
package/dist/cloud/services/scaling-policy.js.map +0 -1
package/dist/cloud/vault/index.d.ts +0 -76
package/dist/cloud/vault/index.d.ts.map +0 -1
package/dist/cloud/vault/index.js +0 -219
package/dist/cloud/vault/index.js.map +0 -1
package/dist/cloud/webhooks/index.d.ts.map +0 -1
package/dist/cloud/webhooks/index.js.map +0 -1
package/dist/cloud/webhooks/parsers/github.d.ts.map +0 -1
package/dist/cloud/webhooks/parsers/github.js.map +0 -1
package/dist/cloud/webhooks/parsers/index.d.ts.map +0 -1
package/dist/cloud/webhooks/parsers/index.js.map +0 -1
package/dist/cloud/webhooks/parsers/linear.d.ts.map +0 -1
package/dist/cloud/webhooks/parsers/linear.js.map +0 -1
package/dist/cloud/webhooks/parsers/slack.d.ts.map +0 -1
package/dist/cloud/webhooks/parsers/slack.js.map +0 -1
package/dist/cloud/webhooks/responders/github.d.ts.map +0 -1
package/dist/cloud/webhooks/responders/github.js.map +0 -1
package/dist/cloud/webhooks/responders/index.d.ts.map +0 -1
package/dist/cloud/webhooks/responders/index.js.map +0 -1
package/dist/cloud/webhooks/responders/linear.d.ts.map +0 -1
package/dist/cloud/webhooks/responders/linear.js.map +0 -1
package/dist/cloud/webhooks/responders/slack.d.ts.map +0 -1
package/dist/cloud/webhooks/responders/slack.js.map +0 -1
package/dist/cloud/webhooks/router.d.ts.map +0 -1
package/dist/cloud/webhooks/router.js.map +0 -1
package/dist/cloud/webhooks/rules-engine.d.ts.map +0 -1
package/dist/cloud/webhooks/rules-engine.js.map +0 -1
package/dist/cloud/webhooks/types.d.ts.map +0 -1
package/dist/cloud/webhooks/types.js.map +0 -1
package/dist/continuity/formatter.d.ts.map +0 -1
package/dist/continuity/formatter.js.map +0 -1
package/dist/continuity/handoff-store.d.ts.map +0 -1
package/dist/continuity/handoff-store.js.map +0 -1
package/dist/continuity/index.d.ts.map +0 -1
package/dist/continuity/index.js.map +0 -1
package/dist/continuity/ledger-store.d.ts.map +0 -1
package/dist/continuity/ledger-store.js.map +0 -1
package/dist/continuity/manager.d.ts.map +0 -1
package/dist/continuity/manager.js.map +0 -1
package/dist/continuity/parser.d.ts.map +0 -1
package/dist/continuity/parser.js.map +0 -1
package/dist/continuity/types.d.ts.map +0 -1
package/dist/continuity/types.js.map +0 -1
package/dist/daemon/agent-manager.d.ts.map +0 -1
package/dist/daemon/agent-manager.js.map +0 -1
package/dist/daemon/agent-registry.d.ts.map +0 -1
package/dist/daemon/agent-registry.js.map +0 -1
package/dist/daemon/api.d.ts.map +0 -1
package/dist/daemon/api.js.map +0 -1
package/dist/daemon/auth.d.ts.map +0 -1
package/dist/daemon/auth.js.map +0 -1
package/dist/daemon/cli-auth.d.ts.map +0 -1
package/dist/daemon/cli-auth.js.map +0 -1
package/dist/daemon/cloud-sync.d.ts.map +0 -1
package/dist/daemon/cloud-sync.js.map +0 -1
package/dist/daemon/connection.d.ts.map +0 -1
package/dist/daemon/connection.js.map +0 -1
package/dist/daemon/index.d.ts.map +0 -1
package/dist/daemon/index.js.map +0 -1
package/dist/daemon/orchestrator.d.ts.map +0 -1
package/dist/daemon/orchestrator.js.map +0 -1
package/dist/daemon/registry.d.ts.map +0 -1
package/dist/daemon/registry.js.map +0 -1
package/dist/daemon/router.d.ts.map +0 -1
package/dist/daemon/router.js.map +0 -1
package/dist/daemon/server.d.ts.map +0 -1
package/dist/daemon/server.js.map +0 -1
package/dist/daemon/services/browser-testing.d.ts.map +0 -1
package/dist/daemon/services/browser-testing.js.map +0 -1
package/dist/daemon/services/container-spawner.d.ts.map +0 -1
package/dist/daemon/services/container-spawner.js.map +0 -1
package/dist/daemon/types.d.ts.map +0 -1
package/dist/daemon/types.js.map +0 -1
package/dist/daemon/workspace-manager.d.ts.map +0 -1
package/dist/daemon/workspace-manager.js.map +0 -1
package/dist/dashboard/out/_next/static/H5aWG0udPB4iOUIl_gytz/_ssgManifest.js +0 -1
package/dist/dashboard/out/_next/static/chunks/480-2d4111711d4e473c.js +0 -1
package/dist/dashboard/out/_next/static/chunks/724-73c1ee5f60abe860.js +0 -9
package/dist/dashboard/out/_next/static/chunks/766-c3a14283c88d815b.js +0 -1
package/dist/dashboard/out/_next/static/chunks/app/app/page-7120be68bea622f3.js +0 -1
package/dist/dashboard/out/_next/static/chunks/app/metrics/page-1081dd190a331a91.js +0 -1
package/dist/dashboard/out/_next/static/chunks/app/providers/page-b68a681526eb145e.js +0 -1
package/dist/dashboard/out/_next/static/css/29852f26181969a0.css +0 -1
package/dist/dashboard/out/_next/static/css/411ce23ffeae9f76.css +0 -1
package/dist/dashboard-server/metrics.d.ts.map +0 -1
package/dist/dashboard-server/metrics.js.map +0 -1
package/dist/dashboard-server/needs-attention.d.ts.map +0 -1
package/dist/dashboard-server/needs-attention.js.map +0 -1
package/dist/dashboard-server/server.d.ts.map +0 -1
package/dist/dashboard-server/server.js.map +0 -1
package/dist/dashboard-server/start.d.ts.map +0 -1
package/dist/dashboard-server/start.js.map +0 -1
package/dist/hooks/emitter.d.ts.map +0 -1
package/dist/hooks/emitter.js.map +0 -1
package/dist/hooks/inbox-check/hook.d.ts.map +0 -1
package/dist/hooks/inbox-check/hook.js.map +0 -1
package/dist/hooks/inbox-check/index.d.ts.map +0 -1
package/dist/hooks/inbox-check/index.js.map +0 -1
package/dist/hooks/inbox-check/types.d.ts.map +0 -1
package/dist/hooks/inbox-check/types.js.map +0 -1
package/dist/hooks/inbox-check/utils.d.ts.map +0 -1
package/dist/hooks/inbox-check/utils.js.map +0 -1
package/dist/hooks/index.d.ts.map +0 -1
package/dist/hooks/index.js.map +0 -1
package/dist/hooks/registry.d.ts.map +0 -1
package/dist/hooks/registry.js.map +0 -1
package/dist/hooks/trajectory-hooks.d.ts.map +0 -1
package/dist/hooks/trajectory-hooks.js.map +0 -1
package/dist/hooks/types.d.ts.map +0 -1
package/dist/hooks/types.js.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/index.js.map +0 -1
package/dist/memory/adapters/index.d.ts.map +0 -1
package/dist/memory/adapters/index.js.map +0 -1
package/dist/memory/adapters/inmemory.d.ts.map +0 -1
package/dist/memory/adapters/inmemory.js.map +0 -1
package/dist/memory/adapters/supermemory.d.ts.map +0 -1
package/dist/memory/adapters/supermemory.js.map +0 -1
package/dist/memory/factory.d.ts.map +0 -1
package/dist/memory/factory.js.map +0 -1
package/dist/memory/index.d.ts.map +0 -1
package/dist/memory/index.js.map +0 -1
package/dist/memory/memory-hooks.d.ts.map +0 -1
package/dist/memory/memory-hooks.js.map +0 -1
package/dist/memory/service.d.ts.map +0 -1
package/dist/memory/service.js.map +0 -1
package/dist/memory/types.d.ts.map +0 -1
package/dist/memory/types.js.map +0 -1
package/dist/policy/agent-policy.d.ts.map +0 -1
package/dist/policy/agent-policy.js.map +0 -1
package/dist/policy/cloud-policy-fetcher.d.ts.map +0 -1
package/dist/policy/cloud-policy-fetcher.js.map +0 -1
package/dist/protocol/framing.d.ts.map +0 -1
package/dist/protocol/framing.js.map +0 -1
package/dist/protocol/index.d.ts.map +0 -1
package/dist/protocol/index.js.map +0 -1
package/dist/protocol/types.d.ts.map +0 -1
package/dist/protocol/types.js.map +0 -1
package/dist/resiliency/context-persistence.d.ts.map +0 -1
package/dist/resiliency/context-persistence.js.map +0 -1
package/dist/resiliency/crash-insights.d.ts.map +0 -1
package/dist/resiliency/crash-insights.js.map +0 -1
package/dist/resiliency/gossip-health.d.ts.map +0 -1
package/dist/resiliency/gossip-health.js.map +0 -1
package/dist/resiliency/health-monitor.d.ts.map +0 -1
package/dist/resiliency/health-monitor.js.map +0 -1
package/dist/resiliency/index.d.ts.map +0 -1
package/dist/resiliency/index.js.map +0 -1
package/dist/resiliency/leader-watchdog.d.ts.map +0 -1
package/dist/resiliency/leader-watchdog.js.map +0 -1
package/dist/resiliency/logger.d.ts.map +0 -1
package/dist/resiliency/logger.js.map +0 -1
package/dist/resiliency/memory-monitor.d.ts.map +0 -1
package/dist/resiliency/memory-monitor.js.map +0 -1
package/dist/resiliency/metrics.d.ts.map +0 -1
package/dist/resiliency/metrics.js.map +0 -1
package/dist/resiliency/provider-context.d.ts.map +0 -1
package/dist/resiliency/provider-context.js.map +0 -1
package/dist/resiliency/stateless-lead.d.ts.map +0 -1
package/dist/resiliency/stateless-lead.js.map +0 -1
package/dist/resiliency/supervisor.d.ts.map +0 -1
package/dist/resiliency/supervisor.js.map +0 -1
package/dist/shared/cli-auth-config.d.ts.map +0 -1
package/dist/shared/cli-auth-config.js.map +0 -1
package/dist/state/agent-state.d.ts.map +0 -1
package/dist/state/agent-state.js.map +0 -1
package/dist/storage/adapter.d.ts.map +0 -1
package/dist/storage/adapter.js.map +0 -1
package/dist/storage/sqlite-adapter.d.ts.map +0 -1
package/dist/storage/sqlite-adapter.js.map +0 -1
package/dist/trajectory/config.d.ts.map +0 -1
package/dist/trajectory/config.js.map +0 -1
package/dist/trajectory/index.d.ts.map +0 -1
package/dist/trajectory/index.js.map +0 -1
package/dist/trajectory/integration.d.ts.map +0 -1
package/dist/trajectory/integration.js.map +0 -1
package/dist/utils/agent-config.d.ts.map +0 -1
package/dist/utils/agent-config.js.map +0 -1
package/dist/utils/command-resolver.d.ts.map +0 -1
package/dist/utils/command-resolver.js.map +0 -1
package/dist/utils/index.d.ts.map +0 -1
package/dist/utils/index.js.map +0 -1
package/dist/utils/logger.d.ts.map +0 -1
package/dist/utils/logger.js.map +0 -1
package/dist/utils/name-generator.d.ts.map +0 -1
package/dist/utils/name-generator.js.map +0 -1
package/dist/utils/project-namespace.d.ts.map +0 -1
package/dist/utils/project-namespace.js.map +0 -1
package/dist/utils/tmux-resolver.d.ts.map +0 -1
package/dist/utils/tmux-resolver.js.map +0 -1
package/dist/utils/update-checker.d.ts.map +0 -1
package/dist/utils/update-checker.js.map +0 -1
package/dist/wrapper/client.d.ts.map +0 -1
package/dist/wrapper/client.js.map +0 -1
package/dist/wrapper/inbox.d.ts.map +0 -1
package/dist/wrapper/inbox.js.map +0 -1
package/dist/wrapper/index.d.ts.map +0 -1
package/dist/wrapper/index.js.map +0 -1
package/dist/wrapper/parser.d.ts.map +0 -1
package/dist/wrapper/parser.js.map +0 -1
package/dist/wrapper/pty-wrapper.d.ts.map +0 -1
package/dist/wrapper/pty-wrapper.js.map +0 -1
package/dist/wrapper/shared.d.ts.map +0 -1
package/dist/wrapper/shared.js.map +0 -1
package/dist/wrapper/tmux-wrapper.d.ts.map +0 -1
package/dist/wrapper/tmux-wrapper.js.map +0 -1
package/docs/AGENTS.md +0 -513
package/docs/ARCHITECTURE_DECISIONS.md +0 -175
package/docs/CLOUD-ARCHITECTURE.md +0 -804
package/docs/CLOUD-ONBOARDING-DESIGN.md +0 -1983
package/docs/CONTRIBUTING.md +0 -151
package/docs/HOOKS_API.md +0 -394
package/docs/INTEGRATION-GUIDE.md +0 -926
package/docs/PROTOCOL.md +0 -325
package/docs/WRAPPER_EVENTS.md +0 -358
package/docs/agent-policy-snippet.md +0 -40
package/docs/agent-relay-protocol.md +0 -238
package/docs/agent-relay-snippet.md +0 -174
package/docs/archive/CHANGELOG.md +0 -11
package/docs/archive/CLI-SIMPLIFICATION-COMPLETE.md +0 -48
package/docs/archive/DESIGN_BRIDGE_STAFFING.md +0 -878
package/docs/archive/DESIGN_V2.md +0 -1079
package/docs/archive/EXECUTIVE_SUMMARY.md +0 -358
package/docs/archive/MONETIZATION.md +0 -1679
package/docs/archive/PROPOSAL-trajectories.md +0 -1582
package/docs/archive/ROADMAP.md +0 -329
package/docs/archive/SCALING_ANALYSIS.md +0 -280
package/docs/archive/TESTING_PRESENCE_FEATURES.md +0 -327
package/docs/archive/TMUX_IMPLEMENTATION_NOTES.md +0 -364
package/docs/archive/TMUX_IMPROVEMENTS.md +0 -968
package/docs/archive/dashboard-v2-plan.md +0 -179
package/docs/archive/removable-code-analysis.md +0 -24
package/docs/competitive/GASTOWN.md +0 -451
package/docs/competitive/MCP_AGENT_MAIL.md +0 -389
package/docs/competitive/OVERVIEW.md +0 -898
package/docs/competitive/README.md +0 -34
package/docs/competitive/TMUX_ORCHESTRATOR.md +0 -605
package/docs/dashboard.png +0 -0
package/docs/design/ci-failure-webhooks.md +0 -812
package/docs/design/comprehensive-integrations.md +0 -238
package/docs/design/e2b-sandbox-integration.md +0 -504
package/docs/design/github-app-permissions.md +0 -264
package/docs/guides/CLOUD.md +0 -236
package/docs/guides/LOCAL.md +0 -535
package/docs/guides/SELF-HOSTED.md +0 -494
package/docs/local-testing.md +0 -428
package/docs/proposals/continuous-claude-integration.md +0 -622
package/docs/proposals/custom-commands.md +0 -368
package/docs/proposals/shadow-as-subagent.md +0 -765
package/docs/proposals/slack-bot-integration.md +0 -1457
package/docs/tasks/global-skills-system.tasks.md +0 -230
package/docs/tasks/webhook-integrations.tasks.md +0 -184
package/docs/tasks/workspace-capabilities.tasks.md +0 -121
package/docs/testing/RESILIENCY-TEST-PLAN-2026-01-01.md +0 -366
package/scripts/cloud-setup.sh +0 -96
package/scripts/dev/PUBLIC_RELEASE_PLAN.md +0 -88
package/scripts/dev/dev-team-setup.sh +0 -431
package/scripts/e2e-test.sh +0 -119
package/scripts/games/game-protocol.md +0 -79
package/scripts/games/hearts-setup.sh +0 -264
package/scripts/manual-qa.sh +0 -293
package/scripts/run-cloud-qa.sh +0 -220
package/scripts/test-cli-auth/Dockerfile +0 -44
package/scripts/test-cli-auth/Dockerfile.real +0 -79
package/scripts/test-cli-auth/README.md +0 -286
package/scripts/test-cli-auth/ci-test-real-clis.ts +0 -251
package/scripts/test-cli-auth/ci-test-runner.ts +0 -263
package/scripts/test-cli-auth/mock-cli.sh +0 -147
package/scripts/test-cli-auth/package.json +0 -14
package/scripts/test-cli-auth/test-oauth-flow.ts +0 -220
package/scripts/test-pty-input-auto.js +0 -222
package/scripts/test-pty-input.js +0 -150
package/scripts/tictactoe-setup.sh +0 -181
/package/dist/dashboard/out/_next/static/{H5aWG0udPB4iOUIl_gytz → T1tgCqVWHFIkV7ClEtzD7}/_buildManifest.js +0 -0
/package/dist/dashboard/out/_next/static/chunks/{117-b100311aff8d5c61.js → 117-f7b8ab0809342e77.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/{648-a13d3c2b1be45466.js → 648-5cc6e1921389a58a.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/_not-found/{page-a4973f3e3c82fb67.js → page-53b8a69f76db17d0.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/connect-repos/{page-dc2e3a1a22478efc.js → page-f45ecbc3e06134fc.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/history/{page-56a8b4616a90dc43.js → page-8c8bed33beb2bf1c.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/login/{page-3eac37ea6f5dd153.js → page-16f3b49e55b1e0ed.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/pricing/{page-4d72d5a5d8a9b618.js → page-982a7000fee44014.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/signup/{page-fee4ed1709070bcd.js → page-547dd0ca55ecd0ba.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/{fd9d1056-bf46c09eb57e019c.js → fd9d1056-609918ca7b6280bb.js} +0 -0

package/deploy/workspace/entrypoint.sh ADDED Viewed

@@ -0,0 +1,508 @@
+#!/usr/bin/env bash
+set -euo pipefail
+log() {
+  echo "[workspace] $*"
+}
+# Fix volume permissions and drop to workspace user if running as root
+if [[ "$(id -u)" == "0" ]]; then
+  # Fix /data and /workspace permissions before dropping privileges
+  # Fresh Fly.io volumes are root-owned, need to chown for workspace user
+  log "Fixing volume permissions..."
+  chown -R workspace:workspace /data /workspace 2>/dev/null || true
+  # ============================================================================
+  # SSH Server Setup (for CLI tunneling - Codex OAuth callback forwarding)
+  # When ENABLE_SSH=true, start SSH server on port 2222 for secure tunneling
+  # ============================================================================
+  if [[ "${ENABLE_SSH:-false}" == "true" ]]; then
+    log "Starting SSH server on port 2222..."
+    # Set SSH password for workspace user
+    SSH_PASS="${SSH_PASSWORD:-devpassword}"
+    echo "workspace:${SSH_PASS}" | chpasswd
+    # Configure SSH server for tunneling
+    # - Allow password auth (for CLI simplicity)
+    # - Listen on port 2222 (non-privileged)
+    # - Allow TCP forwarding (for port tunneling)
+    cat > /etc/ssh/sshd_config.d/workspace.conf <<SSHEOF
+Port 2222
+PasswordAuthentication yes
+PermitRootLogin no
+AllowUsers workspace
+AllowTcpForwarding yes
+GatewayPorts no
+X11Forwarding no
+SSHEOF
+    # Start SSH server in background
+    /usr/sbin/sshd -e
+    log "SSH server started (port 2222, user: workspace)"
+  fi
+  # ============================================================================
+  # Persist workspace environment for SSH sessions (must be done as root)
+  # SSH sessions don't inherit the container's runtime environment, so we write
+  # critical variables to /etc/profile.d/ which gets sourced by login shells
+  # ============================================================================
+  if [[ -n "${CLOUD_API_URL:-}" || -n "${WORKSPACE_ID:-}" ]]; then
+    log "Persisting workspace environment for SSH sessions"
+    # Compute HOME path for the env file
+    _DATA_DIR="${AGENT_RELAY_DATA_DIR:-/data}"
+    if [[ -n "${WORKSPACE_OWNER_USER_ID:-}" ]]; then
+      _USER_HOME="${_DATA_DIR}/users/${WORKSPACE_OWNER_USER_ID}"
+    else
+      _USER_HOME="/home/workspace"
+    fi
+    cat > /etc/profile.d/workspace-env.sh <<ENVEOF
+# Workspace environment variables (auto-generated by entrypoint.sh)
+export WORKSPACE_ID="${WORKSPACE_ID:-}"
+export WORKSPACE_OWNER_USER_ID="${WORKSPACE_OWNER_USER_ID:-}"
+export CLOUD_API_URL="${CLOUD_API_URL:-}"
+export WORKSPACE_TOKEN="${WORKSPACE_TOKEN:-}"
+export WORKSPACE_DIR="${WORKSPACE_DIR:-/workspace}"
+export HOME="${_USER_HOME}"
+export AGENT_RELAY_USER_ID="${WORKSPACE_OWNER_USER_ID:-}"
+export AGENT_RELAY_DATA_DIR="${_DATA_DIR}"
+ENVEOF
+    chmod 644 /etc/profile.d/workspace-env.sh
+  fi
+  log "Dropping privileges to workspace user..."
+  exec gosu workspace "$0" "$@"
+fi
+PORT="${AGENT_RELAY_DASHBOARD_PORT:-${PORT:-3888}}"
+export AGENT_RELAY_DASHBOARD_PORT="${PORT}"
+export PORT="${PORT}"
+# Disable auto-updates for AI CLIs in container environments
+# Prevents permission errors when CLIs try to self-update with npm/pip
+export DISABLE_AUTOUPDATER=1
+# Belt-and-suspenders flags to block Codex/OpenAI update checks
+export CODEX_CHECK_FOR_UPDATES=false
+export CODEX_DISABLE_AUTOUPDATE=1
+export OPENAI_CLI_NO_UPDATE=1
+export NO_UPDATE_NOTIFIER=1
+export NPM_CONFIG_UPDATE_NOTIFIER=false
+log "Auto-updates disabled for AI CLIs (container environment)"
+# ============================================================================
+# Per-user credential storage setup
+# Create user-specific HOME on persistent volume (/data)
+# This enables multi-user workspaces where each user has their own credentials
+# ============================================================================
+DATA_DIR="${AGENT_RELAY_DATA_DIR:-/data}"
+if [[ -n "${WORKSPACE_OWNER_USER_ID:-}" ]]; then
+  USER_HOME="${DATA_DIR}/users/${WORKSPACE_OWNER_USER_ID}"
+  log "Setting up per-user HOME at ${USER_HOME}"
+  mkdir -p "${USER_HOME}"
+  mkdir -p "${USER_HOME}/.claude"
+  mkdir -p "${USER_HOME}/.codex"
+  mkdir -p "${USER_HOME}/.config/gcloud"
+  mkdir -p "${USER_HOME}/.config/gh"
+  export HOME="${USER_HOME}"
+  # Ensure user-local bin is on PATH for per-user shims/wrappers
+  export PATH="${HOME}/.local/bin:${PATH}"
+  export XDG_CONFIG_HOME="${USER_HOME}/.config"
+  export AGENT_RELAY_USER_ID="${WORKSPACE_OWNER_USER_ID}"
+  log "HOME set to ${HOME} (user: ${WORKSPACE_OWNER_USER_ID})"
+else
+  log "No WORKSPACE_OWNER_USER_ID set, using default HOME: ${HOME}"
+fi
+WORKSPACE_DIR="${WORKSPACE_DIR:-/workspace}"
+REPO_LIST="${REPOSITORIES:-}"
+mkdir -p "${WORKSPACE_DIR}"
+cd "${WORKSPACE_DIR}"
+# Configure Git credentials via the gateway (tokens auto-refresh via Nango)
+# The credential helper fetches fresh tokens from the cloud API on each git operation
+if [[ -n "${CLOUD_API_URL:-}" && -n "${WORKSPACE_ID:-}" && -n "${WORKSPACE_TOKEN:-}" ]]; then
+  log "Configuring git credential helper (gateway mode)"
+  git config --global credential.helper "/usr/local/bin/git-credential-relay"
+  git config --global credential.useHttpPath true
+  export GIT_TERMINAL_PROMPT=0
+  # Configure git identity for commits
+  # Use env vars if set, otherwise default to "Agent Relay" / "agent@agent-relay.com"
+  DEFAULT_GIT_EMAIL="${AGENT_NAME:-agent}@agent-relay.com"
+  git config --global user.name "${GIT_USER_NAME:-Agent Relay}"
+  git config --global user.email "${GIT_USER_EMAIL:-${DEFAULT_GIT_EMAIL}}"
+  log "Git identity configured: ${GIT_USER_NAME:-Agent Relay} <${GIT_USER_EMAIL:-${DEFAULT_GIT_EMAIL}}>"
+  # Configure gh CLI to use the same token mechanism
+  # gh auth login expects a token via stdin or GH_TOKEN env var
+  # We'll set up a wrapper that fetches fresh tokens
+  mkdir -p "${HOME}/.config/gh"
+  cat > "${HOME}/.config/gh/hosts.yml" <<EOF
+github.com:
+  oauth_token: placeholder
+  git_protocol: https
+EOF
+  # Create gh token wrapper script
+  # Uses userToken (OAuth) for gh CLI, not installation token
+  cat > "/tmp/gh-token-helper.sh" <<'GHEOF'
+#!/usr/bin/env bash
+# Fetch fresh user OAuth token for gh CLI
+response=$(curl -sf \
+  -H "Authorization: Bearer ${WORKSPACE_TOKEN}" \
+  "${CLOUD_API_URL}/api/git/token?workspaceId=${WORKSPACE_ID}" 2>/dev/null)
+if [[ -n "$response" ]]; then
+  # Prefer userToken (OAuth) for gh CLI, fall back to installation token
+  user_token=$(echo "$response" | jq -r '.userToken // empty')
+  if [[ -n "$user_token" && "$user_token" != "null" ]]; then
+    echo "$user_token"
+  else
+    echo "$response" | jq -r '.token // empty'
+  fi
+fi
+GHEOF
+  chmod +x "/tmp/gh-token-helper.sh"
+  # Create gh wrapper that auto-refreshes token on each invocation
+  # This ensures gh always has a valid token without agents needing to do anything
+  GH_REAL=$(which gh 2>/dev/null || echo "/usr/bin/gh")
+  if [[ -x "${GH_REAL}" ]]; then
+    cat > "/tmp/gh-wrapper" <<GHWRAPPER
+#!/usr/bin/env bash
+# Auto-refreshing gh wrapper - fetches fresh token on each invocation
+export GH_TOKEN=\$(/tmp/gh-token-helper.sh 2>/dev/null)
+if [[ -z "\${GH_TOKEN}" ]]; then
+  echo "gh-wrapper: Failed to fetch GitHub token" >&2
+  echo "gh-wrapper: Check CLOUD_API_URL, WORKSPACE_ID, and WORKSPACE_TOKEN are set" >&2
+  exit 1
+fi
+exec "${GH_REAL}" "\$@"
+GHWRAPPER
+    chmod +x "/tmp/gh-wrapper"
+    # Create symlink or copy to override the real gh
+    # We use /usr/local/bin which comes before /usr/bin in PATH
+    if [[ -w "/usr/local/bin" ]]; then
+      cp "/tmp/gh-wrapper" "/usr/local/bin/gh"
+      log "Installed auto-refreshing gh wrapper to /usr/local/bin/gh"
+    else
+      # If we can't write to /usr/local/bin, add /tmp to PATH
+      export PATH="/tmp:${PATH}"
+      mv "/tmp/gh-wrapper" "/tmp/gh"
+      log "Added auto-refreshing gh wrapper to PATH"
+    fi
+  fi
+  # Also set GH_TOKEN at startup for any tools that read it directly
+  # (The wrapper handles runtime refresh, this is just for initialization)
+  export GH_TOKEN=""
+  for attempt in 1 2 3; do
+    GH_TOKEN=$(/tmp/gh-token-helper.sh 2>/dev/null || echo "")
+    if [[ -n "${GH_TOKEN}" ]]; then
+      break
+    fi
+    sleep 1
+  done
+  if [[ -n "${GH_TOKEN}" ]]; then
+    log "GitHub CLI configured with fresh token"
+  else
+    log "WARN: Could not fetch initial GitHub token for gh CLI"
+  fi
+# Fallback: Use static GITHUB_TOKEN if provided (legacy mode)
+elif [[ -n "${GITHUB_TOKEN:-}" ]]; then
+  log "Configuring git credentials (legacy static token mode)"
+  GIT_ASKPASS_SCRIPT="/tmp/git-askpass.sh"
+  cat > "${GIT_ASKPASS_SCRIPT}" <<'EOF'
+#!/usr/bin/env bash
+prompt="${1:-}"
+if [[ "${prompt}" == *"Username"* ]]; then
+  echo "x-access-token"
+else
+  echo "${GITHUB_TOKEN}"
+fi
+EOF
+  chmod +x "${GIT_ASKPASS_SCRIPT}"
+  export GIT_ASKPASS="${GIT_ASKPASS_SCRIPT}"
+  export GIT_TERMINAL_PROMPT=0
+  export GH_TOKEN="${GITHUB_TOKEN}"
+  # Configure git identity for commits
+  DEFAULT_GIT_EMAIL="${AGENT_NAME:-agent}@agent-relay.com"
+  git config --global user.name "${GIT_USER_NAME:-Agent Relay}"
+  git config --global user.email "${GIT_USER_EMAIL:-${DEFAULT_GIT_EMAIL}}"
+  log "Git identity configured: ${GIT_USER_NAME:-Agent Relay} <${GIT_USER_EMAIL:-${DEFAULT_GIT_EMAIL}}>"
+fi
+clone_or_update_repo() {
+  local repo="$1"
+  repo="${repo// /}"
+  if [[ -z "${repo}" ]]; then
+    return
+  fi
+  local repo_name
+  repo_name="$(basename "${repo}")"
+  local target="${WORKSPACE_DIR}/${repo_name}"
+  local url="https://github.com/${repo}.git"
+  if [[ -d "${target}/.git" ]]; then
+    log "Updating ${repo}..."
+    git -C "${target}" remote set-url origin "${url}" >/dev/null 2>&1 || true
+    git -C "${target}" fetch --all --prune >/dev/null 2>&1 || true
+    git -C "${target}" pull --ff-only >/dev/null 2>&1 || true
+  else
+    log "Cloning ${repo}..."
+    git clone "${url}" "${target}" >/dev/null 2>&1 || {
+      log "WARN: Failed to clone ${repo}"
+    }
+  fi
+  # Mark directory as safe to prevent "dubious ownership" errors
+  # This is needed when git runs as a different user (e.g., root via SSH)
+  if [[ -d "${target}/.git" ]]; then
+    git config --global --add safe.directory "${target}" 2>/dev/null || true
+  fi
+}
+if [[ -n "${REPO_LIST}" ]]; then
+  # Check if we have credentials configured (gateway mode or static token)
+  if [[ -z "${GITHUB_TOKEN:-}" && -z "${CLOUD_API_URL:-}" ]]; then
+    log "WARN: REPOSITORIES set but no credentials configured; clones may fail."
+  fi
+  IFS=',' read -ra repos <<< "${REPO_LIST}"
+  for repo in "${repos[@]}"; do
+    clone_or_update_repo "${repo}"
+  done
+fi
+# ============================================================================
+# Configure agent policy enforcement for cloud workspaces
+# Policy is fetched from cloud API and enforced at runtime
+# ============================================================================
+if [[ -n "${CLOUD_API_URL:-}" && -n "${WORKSPACE_ID:-}" ]]; then
+  log "Enabling agent policy enforcement"
+  export AGENT_POLICY_ENFORCEMENT=1
+  # Policy is fetched from ${CLOUD_API_URL}/api/policy/${WORKSPACE_ID}/internal
+fi
+# ============================================================================
+# Configure AI provider credentials
+# Create credential files that CLIs expect from ENV vars passed by provisioner
+# ============================================================================
+# Claude CLI expects ~/.claude/.credentials.json (note the dot prefix on filename)
+# Format: { claudeAiOauth: { accessToken: "...", refreshToken: "...", expiresAt: ... } }
+if [[ -n "${ANTHROPIC_TOKEN:-}" ]]; then
+  log "Configuring Claude credentials..."
+  mkdir -p "${HOME}/.claude"
+  cat > "${HOME}/.claude/.credentials.json" <<EOF
+{
+  "claudeAiOauth": {
+    "accessToken": "${ANTHROPIC_TOKEN}",
+    "refreshToken": "${ANTHROPIC_REFRESH_TOKEN:-}",
+    "expiresAt": ${ANTHROPIC_TOKEN_EXPIRES_AT:-null}
+  }
+}
+EOF
+  chmod 600 "${HOME}/.claude/.credentials.json"
+fi
+# Configure Claude Code for cloud workspaces
+# Create both settings and instructions files
+log "Configuring Claude Code for cloud workspace..."
+mkdir -p "${HOME}/.claude"
+# Create settings.json to auto-accept permissions (required for cloud workspaces)
+# This tells Claude Code to skip the "Ready to code here?" permission prompt
+# Reference: Claude Code uses this for headless/automated environments
+cat > "${HOME}/.claude/settings.json" <<'SETTINGSEOF'
+{
+  "permissions": {
+    "allow": [
+      "Read",
+      "Edit",
+      "Write",
+      "Bash",
+      "Glob",
+      "Grep",
+      "Task",
+      "WebFetch",
+      "WebSearch",
+      "NotebookEdit",
+      "TodoWrite"
+    ],
+    "deny": []
+  },
+  "autoApproveApiRequest": true
+}
+SETTINGSEOF
+chmod 600 "${HOME}/.claude/settings.json"
+log "Created Claude Code settings (auto-approve enabled)"
+# Create CLAUDE.md with agent relay protocol instructions
+# This is loaded automatically by Claude Code and provides the relay protocol
+if [[ -f "/app/docs/agent-relay-snippet.md" ]]; then
+  cp "/app/docs/agent-relay-snippet.md" "${HOME}/.claude/CLAUDE.md"
+  log "Copied relay protocol from /app/docs/agent-relay-snippet.md"
+else
+  # Fallback: create minimal instructions
+  log "WARN: /app/docs/agent-relay-snippet.md not found, creating minimal instructions"
+  cat > "${HOME}/.claude/CLAUDE.md" <<'RELAYEOF'
+# Agent Relay
+Real-time agent-to-agent messaging. Output `->relay:` patterns to communicate.
+## Sending Messages
+Use fenced format for reliable delivery:
+```
+->relay:AgentName <<<
+Your message here.>>>
+```
+Broadcast to all: `->relay:* <<<message>>>`
+## Protocol
+1. ACK immediately when you receive a task
+2. Do the work
+3. Send DONE: summary when complete
+## Session Persistence
+Output periodically to checkpoint progress:
+```
+[[SUMMARY]]{"currentTask":"...","completedTasks":[...],"context":"..."}[[/SUMMARY]]
+```
+When session is complete:
+```
+[[SESSION_END]]{"summary":"...","completedTasks":[...]}[[/SESSION_END]]
+```
+RELAYEOF
+fi
+log "Claude Code configuration complete"
+# Codex CLI settings (always install config to disable auto-updates)
+mkdir -p "${HOME}/.codex"
+if [[ -f "/app/deploy/workspace/codex.config.toml" ]]; then
+  cp "/app/deploy/workspace/codex.config.toml" "${HOME}/.codex/config.toml"
+  chmod 600 "${HOME}/.codex/config.toml"
+  log "Codex configuration applied from codex.config.toml"
+else
+  # Fallback: create minimal config (should not happen in production)
+  log "WARN: codex.config.toml not found, creating minimal config"
+  cat > "${HOME}/.codex/config.toml" <<CODEXCONFIGEOF
+check_for_updates = false
+CODEXCONFIGEOF
+  chmod 600 "${HOME}/.codex/config.toml"
+fi
+# Also create JSON config for Codex (some versions read config.json instead of config.toml)
+cat > "${HOME}/.codex/config.json" <<'CODEXJSON'
+{
+  "check_for_updates": false
+}
+CODEXJSON
+chmod 600 "${HOME}/.codex/config.json"
+# NPM wrapper to block Codex self-updates (no-op when Codex tries npm install -g @openai/codex)
+mkdir -p "${HOME}/.local/bin"
+cat > "${HOME}/.local/bin/npm" <<'NPMWRAPPER'
+#!/usr/bin/env bash
+if [[ "$1" == "install" && "$2" == "-g" && "$3" == @openai/codex* ]]; then
+  echo "npm wrapper: skipping Codex self-update (auto-update disabled)" >&2
+  exit 0
+fi
+exec /usr/local/bin/npm "$@"
+NPMWRAPPER
+chmod +x "${HOME}/.local/bin/npm"
+# Codex CLI expects ~/.codex/auth.json for credentials
+# Format: { tokens: { access_token: "...", refresh_token: "...", ... } }
+if [[ -n "${OPENAI_TOKEN:-}" ]]; then
+  log "Configuring Codex credentials..."
+  cat > "${HOME}/.codex/auth.json" <<EOF
+{
+  "tokens": {
+    "access_token": "${OPENAI_TOKEN}",
+    "refresh_token": "${OPENAI_REFRESH_TOKEN:-}"
+  }
+}
+EOF
+  chmod 600 "${HOME}/.codex/auth.json"
+fi
+# Google/Gemini - uses application default credentials
+if [[ -n "${GOOGLE_TOKEN:-}" ]]; then
+  log "Configuring Google credentials..."
+  mkdir -p "${HOME}/.config/gcloud"
+  cat > "${HOME}/.config/gcloud/application_default_credentials.json" <<EOF
+{
+  "type": "authorized_user",
+  "access_token": "${GOOGLE_TOKEN}"
+}
+EOF
+  chmod 600 "${HOME}/.config/gcloud/application_default_credentials.json"
+fi
+# ============================================================================
+# Detect workspace path and start daemon
+# The daemon must start from the same directory that spawned agents will use
+# to ensure consistent socket paths
+# ============================================================================
+# Function to detect the actual workspace path (same logic as project-namespace.ts)
+detect_workspace_path() {
+  local base_dir="${1}"
+  # 1. Explicit override via env var
+  if [[ -n "${WORKSPACE_CWD:-}" ]]; then
+    echo "${WORKSPACE_CWD}"
+    return
+  fi
+  # 2. Check if base_dir itself is a git repo
+  if [[ -d "${base_dir}/.git" ]]; then
+    echo "${base_dir}"
+    return
+  fi
+  # 3. Scan for cloned repos (directories with .git)
+  local first_repo=""
+  for dir in "${base_dir}"/*/; do
+    if [[ -d "${dir}.git" ]]; then
+      # Use first repo found (alphabetically sorted by bash glob)
+      first_repo="${dir%/}"
+      break
+    fi
+  done
+  if [[ -n "${first_repo}" ]]; then
+    echo "${first_repo}"
+    return
+  fi
+  # 4. Fall back to base_dir
+  echo "${base_dir}"
+}
+# Detect the actual workspace path
+ACTUAL_WORKSPACE=$(detect_workspace_path "${WORKSPACE_DIR}")
+log "Detected workspace path: ${ACTUAL_WORKSPACE}"
+# Change to the detected workspace before starting daemon
+cd "${ACTUAL_WORKSPACE}"
+log "Starting agent-relay daemon on port ${PORT} from ${ACTUAL_WORKSPACE}"
+args=(/app/dist/cli/index.js up --port "${PORT}")
+if [[ "${SUPERVISOR_ENABLED:-true}" == "true" ]]; then
+  args+=("--watch")
+fi
+exec node "${args[@]}"

package/deploy/workspace/git-credential-relay ADDED Viewed

@@ -0,0 +1,126 @@
+#!/usr/bin/env bash
+#
+# Git Credential Helper for Agent Relay Workspaces
+#
+# This script fetches fresh GitHub tokens from the cloud API gateway.
+# Nango handles token refresh, so tokens are always valid.
+#
+# Usage: git config --global credential.helper /usr/local/bin/git-credential-relay
+#
+# Environment variables:
+#   WORKSPACE_ID      - Required: The workspace ID for token lookup
+#   CLOUD_API_URL     - Required: The cloud API base URL
+#   WORKSPACE_TOKEN   - Required: Bearer token for API auth
+#
+set -euo pipefail
+# Debug logging (enable with GIT_CREDENTIAL_DEBUG=1)
+debug() {
+  if [[ "${GIT_CREDENTIAL_DEBUG:-}" == "1" ]]; then
+    echo "git-credential-relay: $*" >&2
+  fi
+}
+debug "Called with args: $*"
+# Only handle 'get' operation
+if [[ "${1:-}" != "get" ]]; then
+  debug "Ignoring non-get operation"
+  exit 0
+fi
+# Read input from git (protocol=https, host=github.com, etc.)
+declare -A input
+while IFS='=' read -r key value; do
+  [[ -z "$key" ]] && break
+  input["$key"]="$value"
+done
+# Only provide credentials for github.com
+host="${input[host]:-}"
+debug "Host: $host"
+if [[ "$host" != "github.com" ]]; then
+  debug "Not github.com, skipping"
+  exit 0
+fi
+# Check required environment variables
+if [[ -z "${WORKSPACE_ID:-}" ]]; then
+  echo "git-credential-relay: WORKSPACE_ID not set" >&2
+  echo "git-credential-relay: Hint - check if env vars are passed to agent process" >&2
+  exit 1
+fi
+if [[ -z "${CLOUD_API_URL:-}" ]]; then
+  echo "git-credential-relay: CLOUD_API_URL not set" >&2
+  exit 1
+fi
+if [[ -z "${WORKSPACE_TOKEN:-}" ]]; then
+  echo "git-credential-relay: WORKSPACE_TOKEN not set" >&2
+  exit 1
+fi
+debug "Fetching token from ${CLOUD_API_URL}/api/git/token?workspaceId=${WORKSPACE_ID}"
+# Fetch fresh token from gateway (capture stderr for debugging)
+http_code=""
+response=""
+if [[ "${GIT_CREDENTIAL_DEBUG:-}" == "1" ]]; then
+  # With debug, show full curl output
+  response=$(curl -sf -w "\n%{http_code}" \
+    -H "Authorization: Bearer ${WORKSPACE_TOKEN}" \
+    "${CLOUD_API_URL}/api/git/token?workspaceId=${WORKSPACE_ID}" \
+    2>&1) || true
+  http_code="${response##*$'\n'}"
+  response="${response%$'\n'*}"
+  debug "HTTP response code: $http_code"
+  debug "Response: ${response:0:200}"
+else
+  response=$(curl -sf \
+    -H "Authorization: Bearer ${WORKSPACE_TOKEN}" \
+    "${CLOUD_API_URL}/api/git/token?workspaceId=${WORKSPACE_ID}" \
+    2>/dev/null) || true
+fi
+if [[ -z "$response" ]]; then
+  echo "git-credential-relay: Failed to fetch token from gateway" >&2
+  echo "git-credential-relay: Check that CLOUD_API_URL is accessible: ${CLOUD_API_URL}" >&2
+  exit 1
+fi
+# Parse JSON response using jq (more robust than grep)
+token=$(echo "$response" | jq -r '.token // empty')
+username=$(echo "$response" | jq -r '.username // "x-access-token"')
+if [[ -z "$token" ]]; then
+  # Check if there's an error message with details
+  error=$(echo "$response" | jq -r '.error // empty')
+  code=$(echo "$response" | jq -r '.code // empty')
+  hint=$(echo "$response" | jq -r '.hint // empty')
+  details=$(echo "$response" | jq -r '.details // empty')
+  if [[ -n "$error" ]]; then
+    echo "git-credential-relay: ERROR: $error" >&2
+    if [[ -n "$code" ]]; then
+      echo "git-credential-relay: Code: $code" >&2
+    fi
+    if [[ -n "$hint" ]]; then
+      echo "git-credential-relay: Hint: $hint" >&2
+    fi
+    if [[ -n "$details" ]]; then
+      echo "git-credential-relay: Details: $details" >&2
+    fi
+  else
+    echo "git-credential-relay: No token in response" >&2
+    debug "Raw response: $response"
+  fi
+  exit 1
+fi
+# Output credentials in git credential format
+echo "protocol=https"
+echo "host=github.com"
+echo "username=${username:-x-access-token}"
+echo "password=${token}"

package/dist/bridge/spawner.d.ts CHANGED Viewed

@@ -128,6 +128,13 @@ export declare class AgentSpawner {
      * Get raw output from a worker
      */
     getWorkerRawOutput(name: string): string | null;
+    /**
+     * Send input to a worker's PTY (for interactive terminal support)
+     * @param name - Worker name
+     * @param data - Input data to send (keystrokes, text, etc.)
+     * @returns true if input was sent, false if worker not found
+     */
+    sendWorkerInput(name: string, data: string): boolean;
     /**
      * Wait for an agent to appear in the registry (agents.json)
      */