bloby-bot 0.57.0 → 0.59.0

package/supervisor/index.ts

@@ -23,7 +23,7 @@ import {
 } from './bloby-agent.js';
 import { ensureFileDirs, saveAttachment, type SavedFile } from './file-saver.js';
 import { startViteDevServers, stopViteDevServers } from './vite-dev.js';
-import { startScheduler, stopScheduler } from './scheduler.js';
+import { startScheduler, stopScheduler, readPulseConfig, readCronsConfig, nextRunISO, describeCron } from './scheduler.js';
 import { execSync, spawn as cpSpawn } from 'child_process';
 import crypto from 'crypto';
 import { ChannelManager } from './channels/manager.js';
@@ -120,7 +120,7 @@ const SW_JS = `// Service worker — app-shell caching + push notifications
 // cached shell that masks a broken (or just-fixed) frontend and produces the confusing
 // "normal refresh is broken but hard refresh works" split. Cache is a pure offline fallback.
 
-var CACHE = 'bloby-v21';
+var CACHE = 'bloby-v23';
 var HASHED_RE = new RegExp('/assets/.+-[a-zA-Z0-9]{6,}[.](js|css)$');
 
 // Precache the HTML shell on install so the cache is never empty.
@@ -1503,6 +1503,152 @@ mint();
       return;
     }
 
+    // ── Pulse & Cron schedule (Settings → Pulse & Crons) ──
+    // Reads/writes workspace PULSE.json + CRONS.json (+ tasks/{id}.md). Same privileged gate as
+    // /api/env — portal token when a password is set, x-internal for internal supervisor calls.
+    // These routes are intercepted before the /api worker gate, so the gate is load-bearing
+    // (CRONS.json + task files hold the agent's instructions). `id` is validated against a slug
+    // regex before any path.join to block path traversal (e.g. id=../../.env).
+    if (req.url === '/api/schedule' || req.url?.startsWith('/api/schedule?') ||
+        req.url === '/api/pulse' || req.url === '/api/crons/pause' ||
+        req.url === '/api/crons/delete' || req.url?.startsWith('/api/crons/task')) {
+      const scheduleAuthed = async (): Promise<boolean> => {
+        if (req.headers['x-internal'] === internalSecret) return true;
+        if (!(await isAuthRequired())) return true;
+        const authHeader = req.headers['authorization'];
+        const token = authHeader?.startsWith('Bearer ') ? authHeader.slice(7) : null;
+        return !!token && await validateToken(token);
+      };
+      if (!(await scheduleAuthed())) {
+        res.writeHead(401, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify({ error: 'Unauthorized' }));
+        return;
+      }
+
+      const CRON_ID_RE = /^[A-Za-z0-9_-]+$/;
+      const TIME_RE = /^([01]\d|2[0-3]):[0-5]\d$/;
+      const PULSE_PATH = path.join(WORKSPACE_DIR, 'PULSE.json');
+      const CRONS_PATH = path.join(WORKSPACE_DIR, 'CRONS.json');
+      const sendJson = (code: number, obj: any) => {
+        res.writeHead(code, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify(obj));
+      };
+      const readBody = () => new Promise<string>((resolve, reject) => {
+        let body = ''; let bytes = 0;
+        req.on('data', (chunk: Buffer) => {
+          bytes += chunk.length;
+          if (bytes > 200_000) { req.destroy(); reject(new Error('Body too large')); return; }
+          body += chunk.toString();
+        });
+        req.on('end', () => resolve(body));
+        req.on('error', reject);
+      });
+
+      // GET /api/schedule — pulse config + crons (humanized schedule, next run, hasTaskFile).
+      if (req.method === 'GET' && (req.url === '/api/schedule' || req.url.startsWith('/api/schedule?'))) {
+        try {
+          const pulse = readPulseConfig();
+          const crons = readCronsConfig().map((c) => ({
+            id: c.id,
+            schedule: c.schedule,
+            task: typeof c.task === 'string' ? c.task : '',
+            enabled: !!c.enabled, // mirror the scheduler's `!cron.enabled` skip (undefined → disabled)
+            oneShot: !!c.oneShot,
+            paused: c.paused === true,
+            hasTaskFile: CRON_ID_RE.test(c.id || '') && fs.existsSync(path.join(WORKSPACE_DIR, 'tasks', `${c.id}.md`)),
+            nextRun: nextRunISO(c.schedule),
+            description: describeCron(c.schedule),
+          }));
+          sendJson(200, { pulse, crons });
+        } catch (err: any) {
+          sendJson(500, { error: err.message });
+        }
+        return;
+      }
+
+      // POST /api/pulse — write PULSE.json (validated). Does NOT restart the backend; the
+      // scheduler re-reads PULSE.json on its next 60s tick.
+      if (req.method === 'POST' && req.url === '/api/pulse') {
+        try {
+          const { enabled, intervalMinutes, quietHours } = JSON.parse(await readBody());
+          const mins = Math.floor(Number(intervalMinutes));
+          // Reject NaN/out-of-range — a non-positive interval makes the pulse fire every tick.
+          if (!Number.isFinite(mins) || mins < 1 || mins > 1440) {
+            sendJson(400, { error: 'intervalMinutes must be a whole number between 1 and 1440' });
+            return;
+          }
+          // Reject malformed quiet hours — isInQuietHours can't validate, so a bad value would
+          // silently disable quiet hours entirely.
+          if (!quietHours || typeof quietHours !== 'object' || !TIME_RE.test(quietHours.start) || !TIME_RE.test(quietHours.end)) {
+            sendJson(400, { error: 'quietHours.start and .end must be HH:MM (00:00–23:59)' });
+            return;
+          }
+          const config = { enabled: !!enabled, intervalMinutes: mins, quietHours: { start: quietHours.start, end: quietHours.end } };
+          fs.writeFileSync(PULSE_PATH, JSON.stringify(config, null, 2) + '\n', 'utf-8');
+          sendJson(200, { ok: true });
+        } catch (err: any) {
+          sendJson(500, { error: err.message });
+        }
+        return;
+      }
+
+      // POST /api/crons/pause — read-modify-write the `paused` flag of one cron, preserving
+      // every other field (never reconstruct the entry — that would clobber enabled/oneShot/task).
+      if (req.method === 'POST' && req.url === '/api/crons/pause') {
+        try {
+          const { id, paused } = JSON.parse(await readBody());
+          if (typeof id !== 'string' || !CRON_ID_RE.test(id)) { sendJson(400, { error: 'Invalid cron id' }); return; }
+          const crons = readCronsConfig();
+          const idx = crons.findIndex((c) => c.id === id);
+          if (idx < 0) { sendJson(404, { error: 'Cron not found' }); return; }
+          crons[idx] = { ...crons[idx], paused: !!paused };
+          fs.writeFileSync(CRONS_PATH, JSON.stringify(crons, null, 2) + '\n', 'utf-8');
+          sendJson(200, { ok: true });
+        } catch (err: any) {
+          sendJson(500, { error: err.message });
+        }
+        return;
+      }
+
+      // POST /api/crons/delete — remove the cron and its task file (idempotent).
+      if (req.method === 'POST' && req.url === '/api/crons/delete') {
+        try {
+          const { id } = JSON.parse(await readBody());
+          if (typeof id !== 'string' || !CRON_ID_RE.test(id)) { sendJson(400, { error: 'Invalid cron id' }); return; }
+          const crons = readCronsConfig();
+          const remaining = crons.filter((c) => c.id !== id);
+          fs.writeFileSync(CRONS_PATH, JSON.stringify(remaining, null, 2) + '\n', 'utf-8');
+          try { fs.unlinkSync(path.join(WORKSPACE_DIR, 'tasks', `${id}.md`)); } catch {}
+          sendJson(200, { ok: true });
+        } catch (err: any) {
+          sendJson(500, { error: err.message });
+        }
+        return;
+      }
+
+      // GET /api/crons/task?id=<id> — download the cron's task file (authed → blob on the client).
+      if (req.method === 'GET' && req.url.startsWith('/api/crons/task')) {
+        try {
+          const id = new URL(req.url, `http://${req.headers.host}`).searchParams.get('id') || '';
+          if (!CRON_ID_RE.test(id)) { sendJson(400, { error: 'Invalid cron id' }); return; }
+          const taskPath = path.join(WORKSPACE_DIR, 'tasks', `${id}.md`);
+          if (!fs.existsSync(taskPath)) { sendJson(404, { error: 'Task file not found' }); return; }
+          const content = fs.readFileSync(taskPath, 'utf-8');
+          res.writeHead(200, {
+            'Content-Type': 'text/markdown; charset=utf-8',
+            'Content-Disposition': `attachment; filename="${id}.md"`,
+          });
+          res.end(content);
+        } catch (err: any) {
+          sendJson(500, { error: err.message });
+        }
+        return;
+      }
+
+      sendJson(404, { error: 'Not found' });
+      return;
+    }
+
     // ── Agent API — SDK gateway for workspace code ──
     if (req.url?.startsWith('/api/agent/')) {
       const agentPath = req.url.split('?')[0];

package/supervisor/scheduler.ts

@@ -26,6 +26,7 @@ interface CronConfig {
   task: string;
   enabled: boolean;
   oneShot?: boolean;
+  paused?: boolean; // user-controlled via /api/crons/pause; scheduler skips when true.
 }
 
 interface SchedulerOpts {
@@ -41,7 +42,7 @@ const lastCronRuns = new Map<string, number>();
 let intervalHandle: ReturnType<typeof setInterval> | null = null;
 let schedulerOpts: SchedulerOpts | null = null;
 
-function readPulseConfig(): PulseConfig {
+export function readPulseConfig(): PulseConfig {
   try {
     const raw = fs.readFileSync(PULSE_FILE, 'utf-8');
     const parsed = JSON.parse(raw);
@@ -55,7 +56,7 @@ function readPulseConfig(): PulseConfig {
   }
 }
 
-function readCronsConfig(): CronConfig[] {
+export function readCronsConfig(): CronConfig[] {
   try {
     const raw = fs.readFileSync(CRONS_FILE, 'utf-8');
     const parsed = JSON.parse(raw);
@@ -257,7 +258,9 @@ function tick() {
   const crons = readCronsConfig();
 
   for (const cron of crons) {
-    if (!cron.enabled || !cron.id || !cron.schedule) continue;
+    // `paused === true` (strict) so a missing/false flag from pre-pause CRONS.json never skips.
+    // Checked before cronMatchesNow/lastCronRuns so a paused cron neither fires nor advances state.
+    if (!cron.enabled || cron.paused === true || !cron.id || !cron.schedule) continue;
 
     const matches = cronMatchesNow(cron.schedule);
     const nowDate = new Date();
@@ -312,6 +315,46 @@ function tick() {
   }
 }
 
+/** ISO of the next occurrence, or null if the schedule is unparseable / has no future occurrence. */
+export function nextRunISO(schedule: string): string | null {
+  try {
+    // .next() throws both on a parse error and when there is no future occurrence — single parse.
+    return CronExpressionParser.parse(schedule).next().toISOString();
+  } catch {
+    return null;
+  }
+}
+
+/** Humanize a cron expression for the settings UI; falls back to the raw expression when a field
+ *  is out of range or the pattern isn't one we can describe accurately (so the label never lies). */
+export function describeCron(schedule: string): string {
+  const parts = schedule.trim().split(/\s+/);
+  if (parts.length !== 5) return schedule; // 6-field / @macro — show raw, don't lie
+  const [min, hr, dom, mon, dow] = parts;
+  const star = (s: string) => s === '*';
+  const two = (s: string) => String(s).padStart(2, '0');
+  const inRange = (s: string, lo: number, hi: number) => /^\d+$/.test(s) && Number(s) >= lo && Number(s) <= hi;
+  const at = (inRange(hr, 0, 23) && inRange(min, 0, 59)) ? `${two(hr)}:${two(min)}` : null;
+
+  // `*/N` only yields an even interval when N divides the field's range (60 min / 24 hr); otherwise
+  // it wraps at the top of the range and the "every N" label would be wrong — fall through to raw.
+  const everyMin = min.match(/^\*\/(\d+)$/);
+  if (everyMin && Number(everyMin[1]) >= 1 && 60 % Number(everyMin[1]) === 0 && star(hr) && star(dom) && star(mon) && star(dow)) {
+    return `Every ${everyMin[1]} minute${everyMin[1] === '1' ? '' : 's'}`;
+  }
+  const everyHr = hr.match(/^\*\/(\d+)$/);
+  if (everyHr && Number(everyHr[1]) >= 1 && 24 % Number(everyHr[1]) === 0 && inRange(min, 0, 59) && star(dom) && star(mon) && star(dow)) {
+    return `Every ${everyHr[1]} hour${everyHr[1] === '1' ? '' : 's'}${min === '0' ? '' : ` at :${two(min)}`}`;
+  }
+  if (at && star(dom) && star(mon) && star(dow)) return `Every day at ${at}`;
+  const DOW = ['Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday'];
+  if (at && star(dom) && star(mon) && /^[0-7]$/.test(dow)) return `Every ${DOW[Number(dow) % 7]} at ${at}`; // 7 = Sunday alias
+  if (at && inRange(dom, 1, 31) && star(mon) && star(dow)) return `Monthly on day ${dom} at ${at}`;
+  const MON = ['', 'January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December'];
+  if (at && inRange(dom, 1, 31) && inRange(mon, 1, 12) && star(dow)) return `On ${MON[Number(mon)]} ${dom} at ${at}`;
+  return schedule;
+}
+
 export function startScheduler(opts: SchedulerOpts) {
   schedulerOpts = opts;
   lastPulseTime = Date.now();

package/worker/prompts/bloby-system-prompt-codex.txt

@@ -151,7 +151,9 @@ Your human can ask you to:
 - List active crons ("what's scheduled?")
 - Set a one-time reminder ("remind me at 3pm to call the dentist")
 
-Just edit `CRONS.json` with the Write or Edit tool when asked. Each cron needs: `id` (unique slug), `schedule` (cron expression), `task` (what to do), `enabled` (boolean). Optionally add `"oneShot": true` for tasks that should run once and auto-delete — the scheduler removes them after they fire. Use `oneShot` for reminders, one-time alerts, and any task that doesn't repeat.
+Just edit `CRONS.json` with the Write or Edit tool when asked. Each cron needs: `id` (unique slug), `schedule` (cron expression), `task` (what to do), `enabled` (boolean). Optionally add `"oneShot": true` for tasks that should run once and auto-delete — the scheduler removes them after they fire. Use `oneShot` for reminders, one-time alerts, and any task that doesn't repeat. The `paused` field is user-controlled — leave it alone (see below).
+
+The `paused` field is **user-controlled** — it appears when your human pauses a cron from the Settings → Pulse & Crons screen. A paused cron has `"paused": true` and the scheduler skips it (it will not fire) while keeping the entry and its task file intact. Treat `paused` as read-only: **never set, change, or remove it yourself.** When you edit a cron with the Write or Edit tool (changing its schedule, task, or `enabled`), preserve whatever `paused` value is already there. If your human asks you to "resume" or "unpause" a cron in chat, set `"paused": false` (or delete the field). To disable a cron yourself, use `enabled: false` — leave `paused` for the user. `enabled` is the agent's switch; `paused` is the human's switch; the scheduler skips a cron when EITHER `enabled` is false OR `paused` is true.
 
 **Timezone: all cron schedules use system local time.** The scheduler evaluates crons against the system clock — no UTC conversion needed. When creating a cron, run `date` to check the current local time and write the schedule accordingly. If your human says "remind me at 3pm", use `0 15 * * *` — that's 3pm in whatever timezone the system is set to.
 

package/worker/prompts/bloby-system-prompt-pi.txt

@@ -151,7 +151,9 @@ Your human can ask you to:
 - List active crons ("what's scheduled?")
 - Set a one-time reminder ("remind me at 3pm to call the dentist")
 
-Just edit `CRONS.json` with the Write or Edit tool when asked. Each cron needs: `id` (unique slug), `schedule` (cron expression), `task` (what to do), `enabled` (boolean). Optionally add `"oneShot": true` for tasks that should run once and auto-delete — the scheduler removes them after they fire. Use `oneShot` for reminders, one-time alerts, and any task that doesn't repeat.
+Just edit `CRONS.json` with the Write or Edit tool when asked. Each cron needs: `id` (unique slug), `schedule` (cron expression), `task` (what to do), `enabled` (boolean). Optionally add `"oneShot": true` for tasks that should run once and auto-delete — the scheduler removes them after they fire. Use `oneShot` for reminders, one-time alerts, and any task that doesn't repeat. The `paused` field is user-controlled — leave it alone (see below).
+
+The `paused` field is **user-controlled** — it appears when your human pauses a cron from the Settings → Pulse & Crons screen. A paused cron has `"paused": true` and the scheduler skips it (it will not fire) while keeping the entry and its task file intact. Treat `paused` as read-only: **never set, change, or remove it yourself.** When you edit a cron with the Write or Edit tool (changing its schedule, task, or `enabled`), preserve whatever `paused` value is already there. If your human asks you to "resume" or "unpause" a cron in chat, set `"paused": false` (or delete the field). To disable a cron yourself, use `enabled: false` — leave `paused` for the user. `enabled` is the agent's switch; `paused` is the human's switch; the scheduler skips a cron when EITHER `enabled` is false OR `paused` is true.
 
 **Timezone: all cron schedules use system local time.** The scheduler evaluates crons against the system clock — no UTC conversion needed. When creating a cron, run `date` to check the current local time and write the schedule accordingly. If your human says "remind me at 3pm", use `0 15 * * *` — that's 3pm in whatever timezone the system is set to.
 

package/worker/prompts/bloby-system-prompt.txt

@@ -151,7 +151,9 @@ Your human can ask you to:
 - List active crons ("what's scheduled?")
 - Set a one-time reminder ("remind me at 3pm to call the dentist")
 
-Just edit `CRONS.json` with the Write or Edit tool when asked. Each cron needs: `id` (unique slug), `schedule` (cron expression), `task` (what to do), `enabled` (boolean). Optionally add `"oneShot": true` for tasks that should run once and auto-delete — the scheduler removes them after they fire. Use `oneShot` for reminders, one-time alerts, and any task that doesn't repeat.
+Just edit `CRONS.json` with the Write or Edit tool when asked. Each cron needs: `id` (unique slug), `schedule` (cron expression), `task` (what to do), `enabled` (boolean). Optionally add `"oneShot": true` for tasks that should run once and auto-delete — the scheduler removes them after they fire. Use `oneShot` for reminders, one-time alerts, and any task that doesn't repeat. The `paused` field is user-controlled — leave it alone (see below).
+
+The `paused` field is **user-controlled** — it appears when your human pauses a cron from the Settings → Pulse & Crons screen. A paused cron has `"paused": true` and the scheduler skips it (it will not fire) while keeping the entry and its task file intact. Treat `paused` as read-only: **never set, change, or remove it yourself.** When you edit a cron with the Write or Edit tool (changing its schedule, task, or `enabled`), preserve whatever `paused` value is already there. If your human asks you to "resume" or "unpause" a cron in chat, set `"paused": false` (or delete the field). To disable a cron yourself, use `enabled: false` — leave `paused` for the user. `enabled` is the agent's switch; `paused` is the human's switch; the scheduler skips a cron when EITHER `enabled` is false OR `paused` is true.
 
 **Timezone: all cron schedules use system local time.** The scheduler evaluates crons against the system clock — no UTC conversion needed. When creating a cron, run `date` to check the current local time and write the schedule accordingly. If your human says "remind me at 3pm", use `0 15 * * *` — that's 3pm in whatever timezone the system is set to.