npm - codepiper - Versions diffs - 0.1.0 - Mend

codepiper 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (149) hide show

package/.env.example +28 -0
package/CHANGELOG.md +10 -0
package/LEGAL_NOTICE.md +39 -0
package/LICENSE +21 -0
package/README.md +524 -0
package/package.json +90 -0
package/packages/cli/package.json +13 -0
package/packages/cli/src/commands/analytics.ts +157 -0
package/packages/cli/src/commands/attach.ts +299 -0
package/packages/cli/src/commands/audit.ts +50 -0
package/packages/cli/src/commands/auth.ts +261 -0
package/packages/cli/src/commands/daemon.ts +162 -0
package/packages/cli/src/commands/doctor.ts +303 -0
package/packages/cli/src/commands/env-set.ts +162 -0
package/packages/cli/src/commands/hook-forward.ts +268 -0
package/packages/cli/src/commands/keys.ts +77 -0
package/packages/cli/src/commands/kill.ts +19 -0
package/packages/cli/src/commands/logs.ts +419 -0
package/packages/cli/src/commands/model.ts +172 -0
package/packages/cli/src/commands/policy-set.ts +185 -0
package/packages/cli/src/commands/policy.ts +227 -0
package/packages/cli/src/commands/providers.ts +114 -0
package/packages/cli/src/commands/resize.ts +34 -0
package/packages/cli/src/commands/send.ts +184 -0
package/packages/cli/src/commands/sessions.ts +202 -0
package/packages/cli/src/commands/slash.ts +92 -0
package/packages/cli/src/commands/start.ts +243 -0
package/packages/cli/src/commands/stop.ts +19 -0
package/packages/cli/src/commands/tail.ts +137 -0
package/packages/cli/src/commands/workflow.ts +786 -0
package/packages/cli/src/commands/workspace.ts +127 -0
package/packages/cli/src/lib/api.ts +78 -0
package/packages/cli/src/lib/args.ts +72 -0
package/packages/cli/src/lib/format.ts +93 -0
package/packages/cli/src/main.ts +563 -0
package/packages/core/package.json +7 -0
package/packages/core/src/config.ts +30 -0
package/packages/core/src/errors.ts +38 -0
package/packages/core/src/eventBus.ts +56 -0
package/packages/core/src/eventBusAdapter.ts +143 -0
package/packages/core/src/index.ts +10 -0
package/packages/core/src/sqliteEventBus.ts +336 -0
package/packages/core/src/types.ts +63 -0
package/packages/daemon/package.json +11 -0
package/packages/daemon/src/api/analyticsRoutes.ts +343 -0
package/packages/daemon/src/api/authRoutes.ts +344 -0
package/packages/daemon/src/api/bodyLimit.ts +133 -0
package/packages/daemon/src/api/envSetRoutes.ts +170 -0
package/packages/daemon/src/api/gitRoutes.ts +409 -0
package/packages/daemon/src/api/hooks.ts +588 -0
package/packages/daemon/src/api/inputPolicy.ts +249 -0
package/packages/daemon/src/api/notificationRoutes.ts +532 -0
package/packages/daemon/src/api/policyRoutes.ts +234 -0
package/packages/daemon/src/api/policySetRoutes.ts +445 -0
package/packages/daemon/src/api/routeUtils.ts +28 -0
package/packages/daemon/src/api/routes.ts +1004 -0
package/packages/daemon/src/api/server.ts +1388 -0
package/packages/daemon/src/api/settingsRoutes.ts +367 -0
package/packages/daemon/src/api/sqliteErrors.ts +47 -0
package/packages/daemon/src/api/stt.ts +143 -0
package/packages/daemon/src/api/terminalRoutes.ts +200 -0
package/packages/daemon/src/api/validation.ts +287 -0
package/packages/daemon/src/api/validationRoutes.ts +174 -0
package/packages/daemon/src/api/workflowRoutes.ts +567 -0
package/packages/daemon/src/api/workspaceRoutes.ts +151 -0
package/packages/daemon/src/api/ws.ts +1588 -0
package/packages/daemon/src/auth/apiRateLimiter.ts +73 -0
package/packages/daemon/src/auth/authMiddleware.ts +305 -0
package/packages/daemon/src/auth/authService.ts +496 -0
package/packages/daemon/src/auth/rateLimiter.ts +137 -0
package/packages/daemon/src/config/pricing.ts +79 -0
package/packages/daemon/src/crypto/encryption.ts +196 -0
package/packages/daemon/src/db/db.ts +2745 -0
package/packages/daemon/src/db/index.ts +16 -0
package/packages/daemon/src/db/migrations.ts +182 -0
package/packages/daemon/src/db/policyDb.ts +349 -0
package/packages/daemon/src/db/schema.sql +408 -0
package/packages/daemon/src/db/workflowDb.ts +464 -0
package/packages/daemon/src/git/gitUtils.ts +544 -0
package/packages/daemon/src/index.ts +6 -0
package/packages/daemon/src/main.ts +525 -0
package/packages/daemon/src/notifications/pushNotifier.ts +369 -0
package/packages/daemon/src/providers/codexAppServerScaffold.ts +49 -0
package/packages/daemon/src/providers/registry.ts +111 -0
package/packages/daemon/src/providers/types.ts +82 -0
package/packages/daemon/src/sessions/auditLogger.ts +103 -0
package/packages/daemon/src/sessions/policyEngine.ts +165 -0
package/packages/daemon/src/sessions/policyMatcher.ts +114 -0
package/packages/daemon/src/sessions/policyTypes.ts +94 -0
package/packages/daemon/src/sessions/ptyProcess.ts +141 -0
package/packages/daemon/src/sessions/sessionManager.ts +1770 -0
package/packages/daemon/src/sessions/tmuxSession.ts +1073 -0
package/packages/daemon/src/sessions/transcriptManager.ts +110 -0
package/packages/daemon/src/sessions/transcriptParser.ts +149 -0
package/packages/daemon/src/sessions/transcriptTailer.ts +214 -0
package/packages/daemon/src/tracking/tokenTracker.ts +168 -0
package/packages/daemon/src/workflows/contextManager.ts +83 -0
package/packages/daemon/src/workflows/index.ts +31 -0
package/packages/daemon/src/workflows/resultExtractor.ts +118 -0
package/packages/daemon/src/workflows/waitConditionPoller.ts +131 -0
package/packages/daemon/src/workflows/workflowParser.ts +217 -0
package/packages/daemon/src/workflows/workflowRunner.ts +969 -0
package/packages/daemon/src/workflows/workflowTypes.ts +188 -0
package/packages/daemon/src/workflows/workflowValidator.ts +533 -0
package/packages/providers/claude-code/package.json +11 -0
package/packages/providers/claude-code/src/index.ts +7 -0
package/packages/providers/claude-code/src/overlaySettings.ts +198 -0
package/packages/providers/claude-code/src/provider.ts +311 -0
package/packages/web/dist/android-chrome-192x192.png +0 -0
package/packages/web/dist/android-chrome-512x512.png +0 -0
package/packages/web/dist/apple-touch-icon.png +0 -0
package/packages/web/dist/assets/AnalyticsPage-BIopKWRf.js +17 -0
package/packages/web/dist/assets/PoliciesPage-CjdLN3dl.js +11 -0
package/packages/web/dist/assets/SessionDetailPage-BtSA0V0M.js +179 -0
package/packages/web/dist/assets/SettingsPage-Dbbz4Ca5.js +37 -0
package/packages/web/dist/assets/WorkflowsPage-Dv6f3GgU.js +1 -0
package/packages/web/dist/assets/chart-vendor-DlOHLaCG.js +49 -0
package/packages/web/dist/assets/codicon-ngg6Pgfi.ttf +0 -0
package/packages/web/dist/assets/css.worker-BvV5MPou.js +93 -0
package/packages/web/dist/assets/editor.worker-CKy7Pnvo.js +26 -0
package/packages/web/dist/assets/html.worker-BLJhxQJQ.js +470 -0
package/packages/web/dist/assets/index-BbdhRfr2.css +1 -0
package/packages/web/dist/assets/index-hgphORiw.js +204 -0
package/packages/web/dist/assets/json.worker-usMZ-FED.js +58 -0
package/packages/web/dist/assets/monaco-core-B_19GPAS.css +1 -0
package/packages/web/dist/assets/monaco-core-DQ5Mk8AK.js +1234 -0
package/packages/web/dist/assets/monaco-react-DfZNWvtW.js +11 -0
package/packages/web/dist/assets/monacoSetup-DvBj52bT.js +1 -0
package/packages/web/dist/assets/pencil-Dbczxz59.js +11 -0
package/packages/web/dist/assets/react-vendor-B5MgMUHH.js +136 -0
package/packages/web/dist/assets/refresh-cw-B0MGsYPL.js +6 -0
package/packages/web/dist/assets/tabs-C8LsWiR5.js +1 -0
package/packages/web/dist/assets/terminal-vendor-Cs8KPbV3.js +9 -0
package/packages/web/dist/assets/terminal-vendor-LcAfv9l9.css +32 -0
package/packages/web/dist/assets/trash-2-Btlg0d4l.js +6 -0
package/packages/web/dist/assets/ts.worker-DGHjMaqB.js +67731 -0
package/packages/web/dist/favicon.ico +0 -0
package/packages/web/dist/icon.svg +1 -0
package/packages/web/dist/index.html +29 -0
package/packages/web/dist/manifest.json +29 -0
package/packages/web/dist/og-image.png +0 -0
package/packages/web/dist/originals/android-chrome-192x192.png +0 -0
package/packages/web/dist/originals/android-chrome-512x512.png +0 -0
package/packages/web/dist/originals/apple-touch-icon.png +0 -0
package/packages/web/dist/originals/favicon.ico +0 -0
package/packages/web/dist/piper.svg +1 -0
package/packages/web/dist/sounds/codepiper-soft-chime.wav +0 -0
package/packages/web/dist/sw.js +257 -0
package/scripts/postinstall-link-workspaces.mjs +58 -0

package/packages/daemon/src/api/bodyLimit.ts ADDED Viewed

@@ -0,0 +1,133 @@
+import {
+  isBodyTooLarge,
+  isImageBodyTooLarge,
+  MAX_BODY_SIZE,
+  MAX_IMAGE_BODY_SIZE,
+} from "../auth/authMiddleware";
+const BODY_METHODS = new Set(["POST", "PUT", "PATCH"]);
+const IMAGE_UPLOAD_PATH = /^\/(?:api\/)?sessions\/[a-zA-Z0-9-]+\/upload-image$/;
+const AUDIO_TRANSCRIBE_PATH = /^\/(?:api\/)?sessions\/[a-zA-Z0-9-]+\/terminal\/transcribe$/;
+class BodyTooLargeError extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = "BodyTooLargeError";
+  }
+}
+function isImageUploadPath(pathname: string): boolean {
+  return IMAGE_UPLOAD_PATH.test(pathname);
+}
+function isAudioTranscribePath(pathname: string): boolean {
+  return AUDIO_TRANSCRIBE_PATH.test(pathname);
+}
+function toArrayBuffer(bytes: Uint8Array): ArrayBuffer {
+  return bytes.buffer.slice(bytes.byteOffset, bytes.byteOffset + bytes.byteLength) as ArrayBuffer;
+}
+async function readBodyWithLimit(req: Request, maxBytes: number): Promise<Uint8Array | null> {
+  if (!req.body) {
+    return null;
+  }
+  const reader = req.body.getReader();
+  const chunks: Uint8Array[] = [];
+  let total = 0;
+  try {
+    while (true) {
+      const { done, value } = await reader.read();
+      if (done) {
+        break;
+      }
+      if (!value) {
+        continue;
+      }
+      total += value.byteLength;
+      if (total > maxBytes) {
+        try {
+          await reader.cancel();
+        } catch {
+          // best-effort cancellation
+        }
+        throw new BodyTooLargeError(`Request body exceeds ${maxBytes} bytes`);
+      }
+      chunks.push(value);
+    }
+  } finally {
+    reader.releaseLock();
+  }
+  const body = new Uint8Array(total);
+  let offset = 0;
+  for (const chunk of chunks) {
+    body.set(chunk, offset);
+    offset += chunk.byteLength;
+  }
+  return body;
+}
+/**
+ * Enforce request body limits:
+ * - image/audio upload routes: 10MB limit
+ * - all other write routes: 1MB limit, including chunked bodies without Content-Length.
+ *
+ * Returns either the original/rebuilt Request, or a 413 Response.
+ */
+export async function enforceRequestBodyLimit(
+  req: Request,
+  pathname: string
+): Promise<Request | Response> {
+  if (!BODY_METHODS.has(req.method.toUpperCase())) {
+    return req;
+  }
+  if (isImageUploadPath(pathname) || isAudioTranscribePath(pathname)) {
+    if (isImageBodyTooLarge(req)) {
+      return Response.json({ error: "Upload too large (max 10MB)" }, { status: 413 });
+    }
+    if (!req.headers.has("content-length")) {
+      try {
+        const body = await readBodyWithLimit(req, MAX_IMAGE_BODY_SIZE);
+        if (!body) {
+          return req;
+        }
+        return new Request(req, { body: toArrayBuffer(body) });
+      } catch (error) {
+        if (error instanceof BodyTooLargeError) {
+          return Response.json({ error: "Upload too large (max 10MB)" }, { status: 413 });
+        }
+        throw error;
+      }
+    }
+    return req;
+  }
+  if (isBodyTooLarge(req)) {
+    return Response.json({ error: "Request too large" }, { status: 413 });
+  }
+  // If Content-Length is present and already validated, no additional read is needed.
+  if (req.headers.has("content-length")) {
+    return req;
+  }
+  // No Content-Length (e.g. chunked): stream and enforce the same limit.
+  try {
+    const body = await readBodyWithLimit(req, MAX_BODY_SIZE);
+    if (!body) {
+      return req;
+    }
+    return new Request(req, { body: toArrayBuffer(body) });
+  } catch (error) {
+    if (error instanceof BodyTooLargeError) {
+      return Response.json({ error: "Request too large" }, { status: 413 });
+    }
+    throw error;
+  }
+}

package/packages/daemon/src/api/envSetRoutes.ts ADDED Viewed

@@ -0,0 +1,170 @@
+/**
+ * Environment Variable Set API route handlers
+ */
+import type { RouteContext } from "./routes";
+import { hasAnyDefinedField, jsonError, parseJsonBody } from "./routeUtils";
+import { getErrorMessage, isSqliteUniqueConstraintError } from "./sqliteErrors";
+/**
+ * GET /env-sets - List all env sets (with masked values)
+ */
+export async function handleListEnvSets(_req: Request, ctx: RouteContext): Promise<Response> {
+  const envSets = ctx.db.listEnvSets();
+  return Response.json({ envSets });
+}
+/**
+ * POST /env-sets - Create a new env set
+ */
+export async function handleCreateEnvSet(req: Request, ctx: RouteContext): Promise<Response> {
+  const parsed = await parseJsonBody(req);
+  if (!parsed.ok) {
+    return parsed.response;
+  }
+  const body = parsed.body as any;
+  if (!body.name || typeof body.name !== "string") {
+    return jsonError(400, "Missing required field: name");
+  }
+  if (body.name.trim().length === 0) {
+    return jsonError(400, "Field 'name' must not be empty");
+  }
+  if (body.name.length > 100) {
+    return jsonError(400, "Name too long (max 100 chars)");
+  }
+  if (
+    body.description !== undefined &&
+    body.description !== null &&
+    typeof body.description !== "string"
+  ) {
+    return jsonError(400, "Field 'description' must be a string or null");
+  }
+  if (!body.vars || typeof body.vars !== "object" || Array.isArray(body.vars)) {
+    return jsonError(400, "Missing required field: vars (must be an object)");
+  }
+  // Validate all keys and values are strings
+  for (const [key, value] of Object.entries(body.vars)) {
+    if (typeof key !== "string" || typeof value !== "string") {
+      return jsonError(400, `All env var keys and values must be strings. Invalid: ${key}`);
+    }
+  }
+  const id = crypto.randomUUID();
+  try {
+    ctx.db.createEnvSet({
+      id,
+      name: body.name,
+      description: body.description,
+      vars: body.vars,
+    });
+    const envSet = ctx.db.getEnvSet(id);
+    return Response.json({ envSet }, { status: 201 });
+  } catch (error) {
+    const msg = getErrorMessage(error);
+    if (isSqliteUniqueConstraintError(error)) {
+      return jsonError(409, `Env set name already exists: ${body.name}`);
+    }
+    return jsonError(500, msg);
+  }
+}
+/**
+ * GET /env-sets/:id - Get a specific env set (with masked values)
+ */
+export async function handleGetEnvSet(
+  _req: Request,
+  ctx: RouteContext,
+  envSetId: string
+): Promise<Response> {
+  const envSet = ctx.db.getEnvSet(envSetId);
+  if (!envSet) {
+    return jsonError(404, `Env set not found: ${envSetId}`);
+  }
+  return Response.json({ envSet });
+}
+/**
+ * PUT /env-sets/:id - Update an env set
+ */
+export async function handleUpdateEnvSet(
+  req: Request,
+  ctx: RouteContext,
+  envSetId: string
+): Promise<Response> {
+  const parsed = await parseJsonBody(req);
+  if (!parsed.ok) {
+    return parsed.response;
+  }
+  const body = parsed.body as any;
+  const existing = ctx.db.getEnvSet(envSetId);
+  if (!existing) {
+    return jsonError(404, `Env set not found: ${envSetId}`);
+  }
+  if (body.name !== undefined && typeof body.name !== "string") {
+    return jsonError(400, "name must be a string");
+  }
+  if (body.name !== undefined && body.name.trim().length === 0) {
+    return jsonError(400, "name must not be empty");
+  }
+  if (body.name !== undefined && body.name.length > 100) {
+    return jsonError(400, "Name too long (max 100 chars)");
+  }
+  if (
+    body.description !== undefined &&
+    body.description !== null &&
+    typeof body.description !== "string"
+  ) {
+    return jsonError(400, "description must be a string or null");
+  }
+  if (body.vars !== undefined) {
+    if (typeof body.vars !== "object" || Array.isArray(body.vars)) {
+      return jsonError(400, "vars must be an object");
+    }
+    for (const [key, value] of Object.entries(body.vars)) {
+      if (typeof key !== "string" || typeof value !== "string") {
+        return jsonError(400, `All env var keys and values must be strings. Invalid: ${key}`);
+      }
+    }
+  }
+  if (!hasAnyDefinedField(body, ["name", "description", "vars"])) {
+    return jsonError(422, "At least one field must be provided: name, description, or vars");
+  }
+  try {
+    ctx.db.updateEnvSet(envSetId, {
+      name: body.name,
+      description: body.description,
+      vars: body.vars,
+    });
+    const envSet = ctx.db.getEnvSet(envSetId);
+    return Response.json({ envSet });
+  } catch (error) {
+    const msg = getErrorMessage(error);
+    if (isSqliteUniqueConstraintError(error)) {
+      return jsonError(409, `Env set name already exists: ${body.name}`);
+    }
+    return jsonError(500, msg);
+  }
+}
+/**
+ * DELETE /env-sets/:id - Delete an env set
+ */
+export async function handleDeleteEnvSet(
+  _req: Request,
+  ctx: RouteContext,
+  envSetId: string
+): Promise<Response> {
+  const existing = ctx.db.getEnvSet(envSetId);
+  if (!existing) {
+    return jsonError(404, `Env set not found: ${envSetId}`);
+  }
+  ctx.db.deleteEnvSet(envSetId);
+  return Response.json({ success: true });
+}

package/packages/daemon/src/api/gitRoutes.ts ADDED Viewed

@@ -0,0 +1,409 @@
+/**
+ * Git API route handlers
+ *
+ * Provides git status, log, diff, file content, and staging operations
+ * scoped to a session's working directory.
+ */
+import { GitUtils, validateFilePath, validateGitRef } from "../git/gitUtils";
+import type { RouteContext } from "./routes";
+const IMAGE_MIME_TYPES: Record<string, string> = {
+  png: "image/png",
+  jpg: "image/jpeg",
+  jpeg: "image/jpeg",
+  gif: "image/gif",
+  webp: "image/webp",
+  ico: "image/x-icon",
+  bmp: "image/bmp",
+  avif: "image/avif",
+  // SVG intentionally excluded — serving as image/svg+xml enables XSS via inline scripts
+};
+function toArrayBuffer(bytes: Uint8Array): ArrayBuffer {
+  return bytes.buffer.slice(bytes.byteOffset, bytes.byteOffset + bytes.byteLength) as ArrayBuffer;
+}
+async function getSessionCwd(
+  ctx: RouteContext,
+  sessionId: string
+): Promise<{ cwd: string } | Response> {
+  const session = ctx.sessionManager.getSession(sessionId) ?? ctx.db.getSession(sessionId);
+  if (!session) {
+    return Response.json({ error: `Session not found: ${sessionId}` }, { status: 404 });
+  }
+  return { cwd: session.cwd };
+}
+async function requireGitRepo(cwd: string): Promise<Response | null> {
+  const isRepo = await GitUtils.isGitRepo(cwd);
+  if (!isRepo) {
+    return Response.json({ error: "Session directory is not a git repository" }, { status: 400 });
+  }
+  return null;
+}
+/**
+ * Shared setup for git file endpoints: resolves session cwd, checks git repo,
+ * and extracts/validates ref + path query params.
+ */
+async function resolveGitFileParams(
+  req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<{ cwd: string; ref: string; filePath: string } | Response> {
+  const result = await getSessionCwd(ctx, sessionId);
+  if (result instanceof Response) return result;
+  const repoCheck = await requireGitRepo(result.cwd);
+  if (repoCheck) return repoCheck;
+  const url = new URL(req.url);
+  const ref = url.searchParams.get("ref");
+  const filePath = url.searchParams.get("path");
+  if (!(ref && filePath)) {
+    return Response.json({ error: "Missing required query params: ref and path" }, { status: 400 });
+  }
+  try {
+    validateGitRef(ref);
+    validateFilePath(filePath);
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Invalid input";
+    return Response.json({ error: msg }, { status: 400 });
+  }
+  return { cwd: result.cwd, ref, filePath };
+}
+/**
+ * GET /sessions/:id/git/status
+ */
+export async function handleGitStatus(
+  _req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<Response> {
+  const result = await getSessionCwd(ctx, sessionId);
+  if (result instanceof Response) return result;
+  const repoCheck = await requireGitRepo(result.cwd);
+  if (repoCheck) return repoCheck;
+  try {
+    const [status, branch] = await Promise.all([
+      GitUtils.getStatus(result.cwd),
+      GitUtils.getCurrentBranch(result.cwd),
+    ]);
+    return Response.json({ status, branch });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    return Response.json({ error: msg }, { status: 500 });
+  }
+}
+/**
+ * GET /sessions/:id/git/branches
+ */
+export async function handleGitBranches(
+  _req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<Response> {
+  const result = await getSessionCwd(ctx, sessionId);
+  if (result instanceof Response) return result;
+  const repoCheck = await requireGitRepo(result.cwd);
+  if (repoCheck) return repoCheck;
+  try {
+    const [branches, currentBranch] = await Promise.all([
+      GitUtils.listBranches(result.cwd),
+      GitUtils.getCurrentBranch(result.cwd),
+    ]);
+    return Response.json({ branches, currentBranch });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    return Response.json({ error: msg }, { status: 500 });
+  }
+}
+/**
+ * GET /sessions/:id/git/log?limit=50
+ */
+export async function handleGitLog(
+  req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<Response> {
+  const result = await getSessionCwd(ctx, sessionId);
+  if (result instanceof Response) return result;
+  const repoCheck = await requireGitRepo(result.cwd);
+  if (repoCheck) return repoCheck;
+  const url = new URL(req.url);
+  const limit = Number.parseInt(url.searchParams.get("limit") || "50", 10);
+  try {
+    const log = await GitUtils.getLog(result.cwd, { limit });
+    return Response.json({ log });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    return Response.json({ error: msg }, { status: 500 });
+  }
+}
+/**
+ * GET /sessions/:id/git/diff?staged=true&commit=abc&commitA=x&commitB=y&path=file.ts
+ */
+export async function handleGitDiff(
+  req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<Response> {
+  const result = await getSessionCwd(ctx, sessionId);
+  if (result instanceof Response) return result;
+  const repoCheck = await requireGitRepo(result.cwd);
+  if (repoCheck) return repoCheck;
+  const url = new URL(req.url);
+  const staged = url.searchParams.get("staged") === "true";
+  const commit = url.searchParams.get("commit");
+  const commitA = url.searchParams.get("commitA");
+  const commitB = url.searchParams.get("commitB");
+  const filePath = url.searchParams.get("path") || undefined;
+  try {
+    // Validate refs and paths
+    if (commit) validateGitRef(commit);
+    if (commitA) validateGitRef(commitA);
+    if (commitB) validateGitRef(commitB);
+    if (filePath) validateFilePath(filePath);
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Invalid input";
+    return Response.json({ error: msg }, { status: 400 });
+  }
+  try {
+    let diff: string;
+    if (commit) {
+      diff = await GitUtils.getCommitDiff(result.cwd, commit, filePath);
+    } else {
+      diff = await GitUtils.getDiff(result.cwd, {
+        staged,
+        commitA: commitA || undefined,
+        commitB: commitB || undefined,
+        path: filePath,
+      });
+    }
+    return Response.json({ diff });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    return Response.json({ error: msg }, { status: 500 });
+  }
+}
+/**
+ * GET /sessions/:id/git/file?ref=HEAD&path=src/foo.ts
+ * Use ref=WORKING_TREE to read the file from the on-disk working tree.
+ */
+export async function handleGitFile(
+  req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<Response> {
+  const params = await resolveGitFileParams(req, ctx, sessionId);
+  if (params instanceof Response) return params;
+  try {
+    const content =
+      params.ref === "WORKING_TREE"
+        ? await GitUtils.getFileFromWorkingTree(params.cwd, params.filePath)
+        : await GitUtils.getFileAtRef(params.cwd, params.ref, params.filePath);
+    return Response.json({ content });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    return Response.json({ error: msg }, { status: 500 });
+  }
+}
+/**
+ * GET /sessions/:id/git/diff-stat?ref=abc123[&base=main]
+ */
+export async function handleGitDiffStat(
+  req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<Response> {
+  const result = await getSessionCwd(ctx, sessionId);
+  if (result instanceof Response) return result;
+  const repoCheck = await requireGitRepo(result.cwd);
+  if (repoCheck) return repoCheck;
+  const url = new URL(req.url);
+  const ref = url.searchParams.get("ref");
+  const base = url.searchParams.get("base");
+  // Branch comparison mode: base...ref
+  if (base) {
+    try {
+      validateGitRef(base);
+      if (ref) validateGitRef(ref);
+    } catch (error) {
+      const msg = error instanceof Error ? error.message : "Invalid input";
+      return Response.json({ error: msg }, { status: 400 });
+    }
+    try {
+      const files = await GitUtils.getDiffStatBetweenRefs(result.cwd, base, ref || "HEAD");
+      return Response.json({ files });
+    } catch (error) {
+      const msg = error instanceof Error ? error.message : "Unknown error";
+      return Response.json({ error: msg }, { status: 500 });
+    }
+  }
+  // Single-ref mode (commit vs parent)
+  if (!ref) {
+    return Response.json({ error: "Missing required query param: ref" }, { status: 400 });
+  }
+  try {
+    validateGitRef(ref);
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Invalid input";
+    return Response.json({ error: msg }, { status: 400 });
+  }
+  try {
+    const files = await GitUtils.getDiffStat(result.cwd, ref);
+    return Response.json({ files });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    return Response.json({ error: msg }, { status: 500 });
+  }
+}
+/**
+ * GET /sessions/:id/git/file-raw?ref=HEAD&path=src/image.png
+ * Returns raw file bytes with appropriate Content-Type.
+ */
+export async function handleGitFileRaw(
+  req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<Response> {
+  const params = await resolveGitFileParams(req, ctx, sessionId);
+  if (params instanceof Response) return params;
+  try {
+    const data = await GitUtils.getFileAtRefRaw(params.cwd, params.ref, params.filePath);
+    const ext = params.filePath.split(".").pop()?.toLowerCase() || "";
+    const contentType = IMAGE_MIME_TYPES[ext] || "application/octet-stream";
+    return new Response(toArrayBuffer(data), {
+      headers: { "Content-Type": contentType, "Cache-Control": "no-cache" },
+    });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    return Response.json({ error: msg }, { status: 500 });
+  }
+}
+/**
+ * POST /sessions/:id/git/stage — body: { paths: string[] }
+ */
+export async function handleGitStage(
+  req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<Response> {
+  const result = await getSessionCwd(ctx, sessionId);
+  if (result instanceof Response) return result;
+  const repoCheck = await requireGitRepo(result.cwd);
+  if (repoCheck) return repoCheck;
+  let body: any;
+  try {
+    body = await req.json();
+  } catch {
+    return Response.json({ error: "Invalid JSON in request body" }, { status: 400 });
+  }
+  if (!Array.isArray(body.paths) || body.paths.length === 0) {
+    return Response.json(
+      { error: "Missing required field: paths (non-empty array)" },
+      { status: 400 }
+    );
+  }
+  try {
+    for (const p of body.paths) {
+      if (typeof p !== "string") throw new Error("Each path must be a string");
+      validateFilePath(p);
+    }
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Invalid input";
+    return Response.json({ error: msg }, { status: 400 });
+  }
+  try {
+    await GitUtils.stageFiles(result.cwd, body.paths);
+    return Response.json({ success: true });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    return Response.json({ error: msg }, { status: 500 });
+  }
+}
+/**
+ * POST /sessions/:id/git/unstage — body: { paths: string[] }
+ */
+export async function handleGitUnstage(
+  req: Request,
+  ctx: RouteContext,
+  sessionId: string
+): Promise<Response> {
+  const result = await getSessionCwd(ctx, sessionId);
+  if (result instanceof Response) return result;
+  const repoCheck = await requireGitRepo(result.cwd);
+  if (repoCheck) return repoCheck;
+  let body: any;
+  try {
+    body = await req.json();
+  } catch {
+    return Response.json({ error: "Invalid JSON in request body" }, { status: 400 });
+  }
+  if (!Array.isArray(body.paths) || body.paths.length === 0) {
+    return Response.json(
+      { error: "Missing required field: paths (non-empty array)" },
+      { status: 400 }
+    );
+  }
+  try {
+    for (const p of body.paths) {
+      if (typeof p !== "string") throw new Error("Each path must be a string");
+      validateFilePath(p);
+    }
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Invalid input";
+    return Response.json({ error: msg }, { status: 400 });
+  }
+  try {
+    await GitUtils.unstageFiles(result.cwd, body.paths);
+    return Response.json({ success: true });
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    return Response.json({ error: msg }, { status: 500 });
+  }
+}