episoda 0.2.103 → 0.2.105

package/dist/daemon/daemon-process.js

@@ -2117,6 +2117,7 @@ var require_websocket_client = __commonJS({
         this.lastCommandTime = Date.now();
         this.isIntentionalDisconnect = false;
         this.lastConnectAttemptTime = 0;
+        this.consecutiveAuthFailures = 0;
       }
       /**
        * Connect to episoda.dev WebSocket gateway
@@ -2384,6 +2385,10 @@ var require_websocket_client = __commonJS({
             this.rateLimitBackoffUntil = Date.now() + retryAfterMs;
             console.log(`[EpisodaClient] ${errorMessage.code}: will retry after ${retryAfterMs / 1e3}s`);
           }
+          if (errorMessage.code === "AUTH_FAILED" || errorMessage.code === "UNAUTHORIZED" || errorMessage.code === "INVALID_TOKEN") {
+            this.consecutiveAuthFailures++;
+            console.warn(`[EpisodaClient] Auth failure (${this.consecutiveAuthFailures}): ${errorMessage.code}`);
+          }
         }
         const handlers = this.eventHandlers.get(message.type) || [];
         handlers.forEach((handler) => {
@@ -2442,7 +2447,19 @@ var require_websocket_client = __commonJS({
         }
         let delay;
         let shouldRetry = true;
-        if (this.isGracefulShutdown) {
+        const isCloudMode = this.environment === "cloud";
+        const MAX_CLOUD_AUTH_FAILURES = 3;
+        const MAX_CLOUD_RECONNECT_DELAY = 3e5;
+        if (isCloudMode) {
+          if (this.consecutiveAuthFailures >= MAX_CLOUD_AUTH_FAILURES) {
+            console.error(`[EpisodaClient] Cloud mode: ${MAX_CLOUD_AUTH_FAILURES} consecutive auth failures - token may be invalid. Giving up.`);
+            shouldRetry = false;
+          } else {
+            delay = Math.min(1e3 * Math.pow(2, this.reconnectAttempts), MAX_CLOUD_RECONNECT_DELAY);
+            const delayStr = delay >= 6e4 ? `${Math.round(delay / 6e4)}m` : `${Math.round(delay / 1e3)}s`;
+            console.log(`[EpisodaClient] Cloud mode: reconnecting in ${delayStr}... (attempt ${this.reconnectAttempts + 1}, never giving up)`);
+          }
+        } else if (this.isGracefulShutdown) {
           if (this.reconnectAttempts >= 7) {
             console.error('[EpisodaClient] Server restart reconnection failed after 7 attempts. Run "episoda dev" to reconnect.');
             shouldRetry = false;
@@ -2485,6 +2502,7 @@ var require_websocket_client = __commonJS({
             this.isGracefulShutdown = false;
             this.firstDisconnectTime = void 0;
             this.rateLimitBackoffUntil = void 0;
+            this.consecutiveAuthFailures = 0;
           }).catch((error) => {
             console.error("[EpisodaClient] Reconnection failed:", error.message);
           });
@@ -2786,7 +2804,7 @@ var require_package = __commonJS({
   "package.json"(exports2, module2) {
     module2.exports = {
       name: "episoda",
-      version: "0.2.103",
+      version: "0.2.105",
       description: "CLI tool for Episoda local development workflow orchestration",
       main: "dist/index.js",
       types: "dist/index.d.ts",
@@ -8374,7 +8392,7 @@ var AgentManager = class {
    * EP1173: Added autonomousMode parameter for permission-free execution
    */
   async startSession(options) {
-    const { sessionId, moduleId, moduleUid, projectPath, provider = "claude", autonomousMode = true, message, credentials, systemPrompt, onChunk, onComplete, onError } = options;
+    const { sessionId, moduleId, moduleUid, projectPath, provider = "claude", autonomousMode = true, canWrite = true, readOnlyReason, message, credentials, systemPrompt, onChunk, onComplete, onError } = options;
     if (this.sessions.has(sessionId)) {
       return { success: false, error: "Session already exists" };
     }
@@ -8413,6 +8431,10 @@ var AgentManager = class {
       // EP1133: Store provider in session
       autonomousMode,
       // EP1173: Store autonomous mode setting
+      canWrite,
+      // EP1205: Store write permission
+      readOnlyReason,
+      // EP1205: Store reason for read-only mode
       credentials,
       systemPrompt,
       status: "starting",
@@ -8437,16 +8459,50 @@ var AgentManager = class {
    * EP1133: Supports both Claude Code and Codex CLI with provider-specific handling.
    */
   async sendMessage(options) {
-    const { sessionId, message, isFirstMessage, agentSessionId, claudeSessionId, onChunk, onComplete, onError } = options;
+    const { sessionId, message, isFirstMessage, canWrite, readOnlyReason, agentSessionId, claudeSessionId, onChunk, onComplete, onError } = options;
     const session = this.sessions.get(sessionId);
     if (!session) {
       return { success: false, error: "Session not found" };
     }
     session.lastActivityAt = /* @__PURE__ */ new Date();
     session.status = "running";
+    if (canWrite !== void 0) {
+      session.canWrite = canWrite;
+      session.readOnlyReason = readOnlyReason;
+    }
     const resumeSessionId = agentSessionId || claudeSessionId;
     try {
       const provider = session.provider || "claude";
+      let effectiveSystemPrompt = session.systemPrompt || "";
+      if (session.canWrite === false) {
+        const readOnlyNotice = `
+\u26A0\uFE0F READ-ONLY SESSION - STRICT ENFORCEMENT
+
+You are operating in READ-ONLY mode. You MUST NOT perform ANY write operations:
+
+FORBIDDEN ACTIONS:
+- Create, modify, or delete any files (Write/Edit tools are blocked)
+- Run Bash commands that modify files (rm, mv, cp, touch, echo >, sed -i, etc.)
+- Run Bash commands that modify git state (git commit, git push, git checkout --, etc.)
+- Make any changes to the filesystem whatsoever
+
+Reason: ${session.readOnlyReason || "You do not have write access to this module."}
+
+ALLOWED ACTIONS:
+- Read files (using Read tool)
+- Run read-only Bash commands (ls, cat, git status, git log, git diff, grep, find, etc.)
+- Analyze code and provide recommendations
+- Explain architecture and suggest changes (but not implement them)
+
+If the user requests changes, explain what would need to be done but DO NOT execute any write operations.
+Violations will result in errors and may affect your ability to assist.
+
+---
+
+`;
+        effectiveSystemPrompt = readOnlyNotice + effectiveSystemPrompt;
+        console.log(`[AgentManager] EP1205: Read-only mode enabled for session ${sessionId}: ${session.readOnlyReason}`);
+      }
       let binaryPath;
       let args;
       if (provider === "codex") {
@@ -8461,21 +8517,39 @@ var AgentManager = class {
           session.projectPath
           // Working directory
         ];
-        if (session.autonomousMode) {
+        if (session.autonomousMode && session.canWrite !== false) {
           args.push("--full-auto");
           console.log(`[AgentManager] EP1173: Codex autonomous mode enabled - using --full-auto`);
         }
+        if (session.canWrite === false) {
+          args.push("--sandbox", "read-only");
+          console.log(`[AgentManager] EP1205: Codex read-only mode - using --sandbox read-only`);
+        }
         if (resumeSessionId) {
           args.push("resume", resumeSessionId);
         }
         let fullMessage = message;
-        if (isFirstMessage && session.systemPrompt) {
-          fullMessage = `${session.systemPrompt}
+        if (isFirstMessage && effectiveSystemPrompt) {
+          fullMessage = `${effectiveSystemPrompt}
 
 ---
 
 ${message}`;
         }
+        if (session.canWrite === false && !isFirstMessage) {
+          const readOnlyReminder = `
+[SYSTEM REMINDER - READ-ONLY MODE]
+You are in READ-ONLY mode. Do NOT:
+- Create, modify, or delete any files
+- Run commands that write to the filesystem
+- Make git commits or changes
+Reason: ${session.readOnlyReason || "No write access to this module."}
+If changes are needed, explain what needs to be done but do not execute.
+[END SYSTEM REMINDER]
+
+`;
+          fullMessage = readOnlyReminder + fullMessage;
+        }
         args.push(fullMessage);
       } else {
         binaryPath = await ensureClaudeBinary();
@@ -8494,12 +8568,26 @@ ${message}`;
           args.push("--model", session.credentials.preferredModel);
           console.log(`[AgentManager] EP1152: Using user preferred model: ${session.credentials.preferredModel}`);
         }
-        if (session.autonomousMode) {
+        if (session.autonomousMode && session.canWrite !== false) {
           args.push("--dangerously-skip-permissions");
           console.log(`[AgentManager] EP1173: Autonomous mode enabled - skipping permission prompts`);
+        } else if (session.autonomousMode && session.canWrite === false) {
+          console.log(`[AgentManager] EP1205: Autonomous mode with read-only - NOT skipping permissions (safety net)`);
         }
-        if (isFirstMessage && session.systemPrompt) {
-          args.push("--system-prompt", session.systemPrompt);
+        if (isFirstMessage && effectiveSystemPrompt) {
+          args.push("--system-prompt", effectiveSystemPrompt);
+        }
+        if (session.canWrite === false) {
+          args.push("--disallowed-tools", "Write,Edit,MultiEdit,NotebookEdit");
+          console.log("[AgentManager] EP1205: Read-only enforcement - disallowed Write/Edit tools");
+          if (!isFirstMessage) {
+            const readOnlyReminder = `
+REMINDER: You are in READ-ONLY mode. You cannot create, modify, or delete files.
+Reason: ${session.readOnlyReason || "No write access to this module."}
+If changes are needed, explain what needs to be done.`;
+            args.push("--append-system-prompt", readOnlyReminder);
+            console.log("[AgentManager] EP1205: Appended read-only reminder to subsequent message");
+          }
         }
         if (resumeSessionId) {
           args.push("--resume", resumeSessionId);
@@ -9396,6 +9484,7 @@ function getInstallCommand(cwd) {
 
 // src/daemon/daemon-process.ts
 var fs21 = __toESM(require("fs"));
+var http2 = __toESM(require("http"));
 var os8 = __toESM(require("os"));
 var path22 = __toESM(require("path"));
 var packageJson = require_package();
@@ -9530,6 +9619,8 @@ var Daemon = class _Daemon {
     // 60 seconds
     // EP1190: Worktree cleanup runs every N health checks (5 * 60s = 5 minutes)
     this.healthCheckCounter = 0;
+    // EP1210-7: Health HTTP endpoint for external monitoring
+    this.healthServer = null;
     this.ipcServer = new IPCServer();
   }
   static {
@@ -9549,6 +9640,9 @@ var Daemon = class _Daemon {
   static {
     this.WORKTREE_CLEANUP_EVERY_N_CHECKS = 5;
   }
+  static {
+    this.HEALTH_PORT = 9999;
+  }
   /**
    * Start the daemon
    */
@@ -9570,6 +9664,7 @@ var Daemon = class _Daemon {
     await this.auditWorktreesOnStartup();
     this.startHealthCheckPolling();
     this.setupShutdownHandlers();
+    this.startHealthEndpoint();
     console.log("[Daemon] Daemon started successfully");
     const modeConfig = getDaemonModeConfig();
     console.log("[Daemon] EP1115: Mode config:", {
@@ -9599,6 +9694,55 @@ var Daemon = class _Daemon {
     }
   }
   // EP738: Removed startHttpServer - device info now flows through WebSocket broadcast + database
+  /**
+   * EP1210-7: Start health HTTP endpoint for external monitoring
+   *
+   * Provides a simple HTTP endpoint that external systems can use to check daemon status.
+   * Returns 200 when daemon has at least one live connection, 503 when disconnected.
+   *
+   * Only binds to localhost (127.0.0.1) for security.
+   */
+  startHealthEndpoint() {
+    try {
+      this.healthServer = http2.createServer((req, res) => {
+        if (req.url === "/health" || req.url === "/") {
+          const isConnected = this.liveConnections.size > 0;
+          const projects = Array.from(this.connections.entries()).map(([path23, conn]) => ({
+            path: path23,
+            connected: this.liveConnections.has(path23)
+          }));
+          const status = {
+            status: isConnected ? "healthy" : "degraded",
+            connected: isConnected,
+            machineId: this.machineId,
+            uptime: process.uptime(),
+            liveConnections: this.liveConnections.size,
+            totalConnections: this.connections.size,
+            projects
+          };
+          res.writeHead(isConnected ? 200 : 503, { "Content-Type": "application/json" });
+          res.end(JSON.stringify(status));
+        } else {
+          res.writeHead(404);
+          res.end("Not found");
+        }
+      });
+      this.healthServer.listen(_Daemon.HEALTH_PORT, "127.0.0.1", () => {
+        console.log(`[Daemon] EP1210-7: Health endpoint listening on http://127.0.0.1:${_Daemon.HEALTH_PORT}/health`);
+      });
+      this.healthServer.on("error", (err) => {
+        if (err.code === "EADDRINUSE") {
+          console.warn(`[Daemon] EP1210-7: Health port ${_Daemon.HEALTH_PORT} already in use, skipping health endpoint`);
+        } else {
+          console.warn("[Daemon] EP1210-7: Health endpoint failed to start:", err.message);
+        }
+        this.healthServer = null;
+      });
+    } catch (err) {
+      console.warn("[Daemon] EP1210-7: Failed to create health server:", err.message);
+      this.healthServer = null;
+    }
+  }
   /**
    * Register IPC command handlers
    */
@@ -10217,11 +10361,23 @@ var Daemon = class _Daemon {
           if (cmd.action === "start") {
             const callbacks = createStreamingCallbacks(cmd.sessionId, message.id);
             let agentWorkingDir = projectPath;
-            if (cmd.moduleUid) {
+            if (cmd.moduleUid && cmd.sessionContext === "worktree") {
               const worktreeInfo = await getWorktreeInfoForModule(cmd.moduleUid);
               if (worktreeInfo?.exists) {
                 agentWorkingDir = worktreeInfo.path;
-                console.log(`[Daemon] EP959: Agent for ${cmd.moduleUid} in worktree: ${agentWorkingDir}`);
+                console.log(`[Daemon] EP1205: Agent for ${cmd.moduleUid} in worktree: ${agentWorkingDir}`);
+              } else {
+                console.log(`[Daemon] EP1205: Worktree requested but not found for ${cmd.moduleUid}, using project root`);
+              }
+            } else if (cmd.sessionContext === "project_root") {
+              console.log(`[Daemon] EP1205: Agent for ${cmd.moduleUid || "project"} in project root (sessionContext=project_root)`);
+            } else {
+              if (cmd.moduleUid) {
+                const worktreeInfo = await getWorktreeInfoForModule(cmd.moduleUid);
+                if (worktreeInfo?.exists) {
+                  agentWorkingDir = worktreeInfo.path;
+                  console.log(`[Daemon] EP959: Agent for ${cmd.moduleUid} in worktree (legacy, no sessionContext): ${agentWorkingDir}`);
+                }
               }
             }
             const startResult = await agentManager.startSession({
@@ -10233,6 +10389,10 @@ var Daemon = class _Daemon {
               // EP1133: Multi-provider support
               autonomousMode: cmd.autonomousMode ?? true,
               // EP1173: Default to autonomous
+              canWrite: cmd.canWrite ?? true,
+              // EP1205: Default to writable
+              readOnlyReason: cmd.readOnlyReason,
+              // EP1205: Pass reason for UI
               message: cmd.message,
               credentials: cmd.credentials,
               systemPrompt: cmd.systemPrompt,
@@ -10250,6 +10410,10 @@ var Daemon = class _Daemon {
               sessionId: cmd.sessionId,
               message: cmd.message,
               isFirstMessage: false,
+              canWrite: cmd.canWrite,
+              // EP1205: Update write permission if changed
+              readOnlyReason: cmd.readOnlyReason,
+              // EP1205: Update reason if changed
               agentSessionId: cmd.agentSessionId || cmd.claudeSessionId,
               claudeSessionId: cmd.claudeSessionId,
               // Backward compat
@@ -11660,6 +11824,10 @@ var Daemon = class _Daemon {
     if (this.shuttingDown) return;
     this.shuttingDown = true;
     console.log("[Daemon] Shutting down...");
+    if (this.healthServer) {
+      this.healthServer.close();
+      this.healthServer = null;
+    }
     this.stopTunnelPolling();
     this.stopHealthCheckPolling();
     for (const [projectPath, connection] of this.connections) {