github-router 0.3.31 → 0.3.33

package/dist/browser-ext/manifest.json

@@ -0,0 +1,24 @@
+{
+  "manifest_version": 3,
+  "name": "github-router browser bridge",
+  "short_name": "gh-router-browser",
+  "version": "0.0.1",
+  "description": "Bridge between Claude (via github-router /mcp) and the browser. Implements tab control, navigation, clicks, form fill, downloads, screenshots, devtools eval. Blocks navigation to chrome://settings.",
+  "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJElxuBlonBS3TVW9FJN0mGTtShB3L1hoaYf6k39SOr1ogGYmF90EjRxy1i21k9wQQjPf26bcBu/9X67KrQjQV0uB38CaNukgiSeoLjfptN811u+PJHx6BP+jx3Qa6/3VenNPxHC8WEU0GXql8QSjIHEyCwKb6fMASXOK94JyB5Ywov2x8mt/+9ncqBBBMVzf6r5Sagy4PL1XnryLsuADD/vOEkPet8wXgH/Oj7v5tTsQQZ7U1JT51PoDs2BFnXc5v3TkVgZwd32k3ONh+nkDw1Hof+4zwUGOyJE6eMrlYzRlKM4Qxdf9JpavQvqfieAbTRWcyKeclnHeoIfE7cDBQIDAQAB",
+  "background": {
+    "service_worker": "background.js",
+    "type": "module"
+  },
+  "permissions": [
+    "nativeMessaging",
+    "tabs",
+    "activeTab",
+    "scripting",
+    "downloads",
+    "webNavigation",
+    "debugger",
+    "storage",
+    "alarms"
+  ],
+  "host_permissions": ["<all_urls>"]
+}

package/dist/lifecycle-3OXRVrtQ.js

@@ -0,0 +1,292 @@
+import { c as writeRuntimeFileSecure, t as PATHS } from "./paths-Cr2gfGiA.js";
+import { randomBytes, randomUUID } from "node:crypto";
+import fs from "node:fs/promises";
+import path from "node:path";
+import process from "node:process";
+import { execFileSync } from "node:child_process";
+
+//#region src/lib/worker-agent/lifecycle.ts
+/**
+* Same regex worktree.ts uses for its per-call age sweep — kept in
+* sync intentionally. `<pid>-<uuid>-<8hex>` strictly.
+*/
+const WORKTREE_DIR_NAME_RE = /^(\d+)-([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})-([0-9a-f]{8})$/;
+/**
+* Cap on the ledger: how many repos we remember across boots, and how
+* old an entry may be before it's pruned. Both are belt-and-suspenders
+* — the per-call age sweep is the primary guard against accumulation
+* inside any single repo.
+*/
+const LEDGER_MAX_ENTRIES = 100;
+const LEDGER_MAX_AGE_MS = 720 * 60 * 60 * 1e3;
+/**
+* Set-like in-memory registry of worktrees this proxy created. Engine
+* passes it to `createWorktree` so per-call cleanup deletes the entry
+* on success; the signal handlers walk what's left at shutdown.
+*
+* Not a bare `Set` because we want to expose only the operations we
+* actually use, and we want a stable testable surface.
+*/
+var WorktreeRegistry = class {
+	entries = /* @__PURE__ */ new Set();
+	add(entry) {
+		this.entries.add(entry);
+	}
+	delete(entry) {
+		this.entries.delete(entry);
+	}
+	has(entry) {
+		return this.entries.has(entry);
+	}
+	values() {
+		return this.entries.values();
+	}
+	get size() {
+		return this.entries.size;
+	}
+	clear() {
+		this.entries.clear();
+	}
+};
+let _instanceUuid = null;
+/**
+* Stable UUID4 generated once per proxy process. Used in worktree
+* dir/branch names so the boot sweep can reliably distinguish "this
+* proxy's still-live worktrees" from "stranded dirs from a prior
+* proxy that happens to have a recycled PID" — Docker PID-1 across
+* container restarts is the classic case (peer-review HIGH finding).
+*/
+function getInstanceUuid() {
+	if (_instanceUuid === null) _instanceUuid = randomUUID();
+	return _instanceUuid;
+}
+let _registered = false;
+let _activeRegistry = null;
+let _exitHandler = null;
+let _sigintHandler = null;
+let _sigtermHandler = null;
+/**
+* Synchronous cleanup of every registry entry. Best-effort:
+* `execFileSync` failures are swallowed (the dir may have been
+* removed already, or git may not be on PATH any more in some
+* environments). After a successful removal we drop the entry from
+* the registry so a second call is a true no-op.
+*
+* Synchronous on purpose — exit handlers can't reliably await async
+* work; the process would die before the promise settled.
+*/
+function sweepRegistry() {
+	if (!_activeRegistry) return;
+	const snapshot = [..._activeRegistry.values()];
+	for (const entry of snapshot) {
+		try {
+			execFileSync("git", [
+				"-C",
+				entry.repoRoot,
+				"worktree",
+				"remove",
+				"--force",
+				entry.dir
+			], {
+				stdio: "ignore",
+				timeout: 1e4,
+				windowsHide: true
+			});
+		} catch {}
+		try {
+			execFileSync("git", [
+				"-C",
+				entry.repoRoot,
+				"branch",
+				"-D",
+				entry.branch
+			], {
+				stdio: "ignore",
+				timeout: 5e3,
+				windowsHide: true
+			});
+		} catch {}
+		_activeRegistry.delete(entry);
+	}
+}
+/**
+* Wire up SIGINT/SIGTERM/exit handlers that walk the registry and
+* remove every entry. Idempotent: subsequent calls swap the registry
+* pointer but do NOT register additional process listeners (otherwise
+* we'd leak listeners on every `runWorkerAgent`).
+*
+* Signal handlers re-raise the signal after sweeping. Naively running
+* the sweep on SIGINT/SIGTERM and returning would *suppress* the
+* signal: Node defaults to terminating the process on these, but only
+* if no user listener is attached. Once we attach a listener, the
+* default action is cancelled and the process keeps running — which
+* means Ctrl-C would clean worktrees but not actually exit, leaving
+* orphan processes in dev. The `process.kill(pid, sig)` re-raise
+* after removing our own listener restores the default behaviour
+* (the second delivery now hits an empty listener list, so Node
+* terminates with the conventional `128 + signum` exit code).
+*/
+function registerExitHandlers(registry) {
+	_activeRegistry = registry;
+	if (_registered) return;
+	_registered = true;
+	_exitHandler = () => sweepRegistry();
+	_sigintHandler = () => {
+		sweepRegistry();
+		if (_sigintHandler) process.off("SIGINT", _sigintHandler);
+		process.kill(process.pid, "SIGINT");
+	};
+	_sigtermHandler = () => {
+		sweepRegistry();
+		if (_sigtermHandler) process.off("SIGTERM", _sigtermHandler);
+		process.kill(process.pid, "SIGTERM");
+	};
+	process.on("SIGINT", _sigintHandler);
+	process.on("SIGTERM", _sigtermHandler);
+	process.on("exit", _exitHandler);
+}
+function ledgerPath() {
+	return path.join(PATHS.APP_DIR, "worker-repos.json");
+}
+async function readLedger() {
+	let raw;
+	try {
+		raw = await fs.readFile(ledgerPath(), "utf8");
+	} catch (err) {
+		if (err.code === "ENOENT") return { entries: [] };
+		return { entries: [] };
+	}
+	try {
+		const parsed = JSON.parse(raw);
+		if (!parsed || !Array.isArray(parsed.entries)) return { entries: [] };
+		const cleaned = [];
+		for (const e of parsed.entries) if (e && typeof e === "object" && typeof e.repoRoot === "string" && typeof e.lastSeenMs === "number") cleaned.push({
+			repoRoot: e.repoRoot,
+			lastSeenMs: e.lastSeenMs
+		});
+		return { entries: cleaned };
+	} catch {
+		return { entries: [] };
+	}
+}
+/**
+* Per-process serializer for ledger writes. Multiple concurrent
+* `recordWorkerRepo` calls (legitimate: several workers may start at
+* once) would otherwise race read-modify-write on the JSON file. Each
+* call chains onto the previous so the on-disk sequence is
+* deterministic from this process's perspective.
+*
+* Cross-process safety is provided by the atomic temp+rename below,
+* which makes the final state of the file always be a well-formed
+* full snapshot from ONE writer — never a partial write or
+* interleaved JSON.
+*/
+let _ledgerChain = Promise.resolve();
+/**
+* Append `repoRoot` to the ledger (or update its `lastSeenMs`).
+* Atomic temp+rename per peer review.
+*/
+function recordWorkerRepo(repoRoot) {
+	const next = _ledgerChain.then(async () => {
+		await fs.mkdir(PATHS.APP_DIR, { recursive: true });
+		const filtered = (await readLedger()).entries.filter((e) => e.repoRoot !== repoRoot);
+		filtered.push({
+			repoRoot,
+			lastSeenMs: Date.now()
+		});
+		const now = Date.now();
+		const ledger = { entries: filtered.filter((e) => now - e.lastSeenMs < LEDGER_MAX_AGE_MS).slice(-LEDGER_MAX_ENTRIES) };
+		const tmp = `${ledgerPath()}.tmp.${process.pid}.${randomBytes(4).toString("hex")}`;
+		try {
+			await writeRuntimeFileSecure(tmp, JSON.stringify(ledger, null, 2));
+			await fs.rename(tmp, ledgerPath());
+		} catch (err) {
+			await fs.unlink(tmp).catch(() => {});
+			throw err;
+		}
+	});
+	_ledgerChain = next.catch(() => void 0);
+	return next;
+}
+function isPidAlive(pid) {
+	if (!Number.isInteger(pid) || pid <= 0) return false;
+	try {
+		process.kill(pid, 0);
+		return true;
+	} catch (err) {
+		if (err.code === "EPERM") return true;
+		return false;
+	}
+}
+/**
+* Boot-time sweep. For every repo we recorded in the ledger,
+* enumerate `<repoRoot>/.git/worker-worktrees/` (the conventional
+* location — for repos already inside a worktree, the actual
+* `git-common-dir` may differ, in which case we'll miss this batch
+* and the per-call age sweep will catch them within 7 days) and
+* remove dirs that aren't owned by THIS proxy.
+*
+* Ownership rule: dir is "ours" iff its embedded PID is alive AND
+* its embedded UUID equals `getInstanceUuid()`. Either condition
+* failing → remove.
+*/
+async function sweepStaleWorktreesAtBoot() {
+	const ledger = await readLedger();
+	if (ledger.entries.length === 0) return;
+	const currentUuid = getInstanceUuid();
+	for (const entry of ledger.entries) {
+		const parent = path.join(entry.repoRoot, ".git", "worker-worktrees");
+		let names;
+		try {
+			names = await fs.readdir(parent);
+		} catch {
+			continue;
+		}
+		for (const name of names) {
+			const m = WORKTREE_DIR_NAME_RE.exec(name);
+			if (!m) continue;
+			const pid = Number.parseInt(m[1], 10);
+			const uuid = m[2];
+			if (isPidAlive(pid) && uuid === currentUuid) continue;
+			const fullDir = path.join(parent, name);
+			const branch = `worker/${pid}-${uuid}-${m[3]}`;
+			try {
+				execFileSync("git", [
+					"-C",
+					entry.repoRoot,
+					"worktree",
+					"remove",
+					"--force",
+					fullDir
+				], {
+					stdio: "ignore",
+					timeout: 1e4,
+					windowsHide: true
+				});
+			} catch {}
+			try {
+				execFileSync("git", [
+					"-C",
+					entry.repoRoot,
+					"branch",
+					"-D",
+					branch
+				], {
+					stdio: "ignore",
+					timeout: 5e3,
+					windowsHide: true
+				});
+			} catch {}
+			try {
+				await fs.rm(fullDir, {
+					recursive: true,
+					force: true
+				});
+			} catch {}
+		}
+	}
+}
+
+//#endregion
+export { sweepRegistry as a, registerExitHandlers as i, getInstanceUuid as n, sweepStaleWorktreesAtBoot as o, recordWorkerRepo as r, WorktreeRegistry as t };
+//# sourceMappingURL=lifecycle-3OXRVrtQ.js.map

package/dist/lifecycle-3OXRVrtQ.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"lifecycle-3OXRVrtQ.js","names":["_instanceUuid: string | null","_activeRegistry: WorktreeRegistry | null","_exitHandler: (() => void) | null","_sigintHandler: (() => void) | null","_sigtermHandler: (() => void) | null","raw: string","cleaned: Array<LedgerEntry>","_ledgerChain: Promise<void>","ledger: LedgerFile","names: Array<string>"],"sources":["../src/lib/worker-agent/lifecycle.ts"],"sourcesContent":["/**\n * Lifecycle plumbing for worker worktrees: in-memory registry, signal\n * handlers, ledger of repos touched, and the boot-time PID+instance\n * safety net.\n *\n * Plan: see `plans/we-have-added-a-dreamy-tide.md` (\"Worktree mode\" →\n * \"Cleanup paths\"). Three layers cooperate, none of them sufficient\n * alone:\n *\n *   1. Per-call cleanup (`engine.ts` finally block invoking\n *      `WorktreeHandle.remove()`) — covers the happy path.\n *\n *   2. Session-end signal sweep (this file, registered via\n *      `registerExitHandlers`) — covers Ctrl+C, service-manager stop,\n *      and (in `github-router claude` mode) the spawned child's exit.\n *      Synchronous `execFileSync` is intentional: exit handlers can't\n *      reliably await async work.\n *\n *   3. Boot-time PID+instance sweep (`sweepStaleWorktreesAtBoot`) —\n *      covers SIGKILL, OOM, container restart. Walks the ledger of\n *      repos this proxy has touched and removes worktree dirs whose\n *      `<pid>` is dead OR whose `<instance>` UUID doesn't match the\n *      current proxy's UUID.\n *\n * Ledger writes are ATOMIC (temp + rename) per peer review — a\n * concurrent-RMW corruption would silently strand worktrees because\n * the boot sweep can't find their repo roots.\n */\n\nimport { execFileSync } from \"node:child_process\"\nimport { randomBytes, randomUUID } from \"node:crypto\"\nimport fs from \"node:fs/promises\"\nimport path from \"node:path\"\nimport process from \"node:process\"\n\nimport { PATHS, writeRuntimeFileSecure } from \"../paths\"\n\n/**\n * Same regex worktree.ts uses for its per-call age sweep — kept in\n * sync intentionally. `<pid>-<uuid>-<8hex>` strictly.\n */\nconst WORKTREE_DIR_NAME_RE =\n  /^(\\d+)-([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})-([0-9a-f]{8})$/\n\n/**\n * Cap on the ledger: how many repos we remember across boots, and how\n * old an entry may be before it's pruned. Both are belt-and-suspenders\n * — the per-call age sweep is the primary guard against accumulation\n * inside any single repo.\n */\nconst LEDGER_MAX_ENTRIES = 100\nconst LEDGER_MAX_AGE_MS = 30 * 24 * 60 * 60 * 1000\n\nexport interface WorktreeRegistryEntry {\n  repoRoot: string\n  dir: string\n  branch: string\n}\n\n/**\n * Set-like in-memory registry of worktrees this proxy created. Engine\n * passes it to `createWorktree` so per-call cleanup deletes the entry\n * on success; the signal handlers walk what's left at shutdown.\n *\n * Not a bare `Set` because we want to expose only the operations we\n * actually use, and we want a stable testable surface.\n */\nexport class WorktreeRegistry {\n  private readonly entries = new Set<WorktreeRegistryEntry>()\n\n  add(entry: WorktreeRegistryEntry): void {\n    this.entries.add(entry)\n  }\n  delete(entry: WorktreeRegistryEntry): void {\n    this.entries.delete(entry)\n  }\n  has(entry: WorktreeRegistryEntry): boolean {\n    return this.entries.has(entry)\n  }\n  values(): IterableIterator<WorktreeRegistryEntry> {\n    return this.entries.values()\n  }\n  get size(): number {\n    return this.entries.size\n  }\n  clear(): void {\n    this.entries.clear()\n  }\n}\n\n// ---------------------------------------------------------------------\n// Per-launch instance UUID\n// ---------------------------------------------------------------------\n\nlet _instanceUuid: string | null = null\n\n/**\n * Stable UUID4 generated once per proxy process. Used in worktree\n * dir/branch names so the boot sweep can reliably distinguish \"this\n * proxy's still-live worktrees\" from \"stranded dirs from a prior\n * proxy that happens to have a recycled PID\" — Docker PID-1 across\n * container restarts is the classic case (peer-review HIGH finding).\n */\nexport function getInstanceUuid(): string {\n  if (_instanceUuid === null) {\n    _instanceUuid = randomUUID()\n  }\n  return _instanceUuid\n}\n\n/** Test-only: reset the cached UUID. */\nexport function __resetInstanceUuidForTests(): void {\n  _instanceUuid = null\n}\n\n// ---------------------------------------------------------------------\n// Signal handlers + sweepRegistry\n// ---------------------------------------------------------------------\n\nlet _registered = false\nlet _activeRegistry: WorktreeRegistry | null = null\nlet _exitHandler: (() => void) | null = null\nlet _sigintHandler: (() => void) | null = null\nlet _sigtermHandler: (() => void) | null = null\n\n/**\n * Synchronous cleanup of every registry entry. Best-effort:\n * `execFileSync` failures are swallowed (the dir may have been\n * removed already, or git may not be on PATH any more in some\n * environments). After a successful removal we drop the entry from\n * the registry so a second call is a true no-op.\n *\n * Synchronous on purpose — exit handlers can't reliably await async\n * work; the process would die before the promise settled.\n */\nexport function sweepRegistry(): void {\n  if (!_activeRegistry) return\n  // Snapshot the values first so we can mutate the underlying set\n  // during iteration without skipping entries.\n  const snapshot = [..._activeRegistry.values()]\n  for (const entry of snapshot) {\n    try {\n      // `-C entry.repoRoot` is load-bearing: without it git resolves\n      // the worktree path relative to the proxy's cwd (which is the\n      // user's launch dir, typically NOT inside the target repo), and\n      // fails with `fatal: '<path>' is not a working tree`. The E2E\n      // boot-sweep test (worker-agent-boot-sweep.test.ts) is what\n      // caught the missing flag.\n      execFileSync(\n        \"git\",\n        [\"-C\", entry.repoRoot, \"worktree\", \"remove\", \"--force\", entry.dir],\n        { stdio: \"ignore\", timeout: 10_000, windowsHide: true },\n      )\n    } catch {\n      // Already gone, EBUSY, or git not on PATH — best effort.\n    }\n    try {\n      execFileSync(\"git\", [\"-C\", entry.repoRoot, \"branch\", \"-D\", entry.branch], {\n        stdio: \"ignore\",\n        timeout: 5_000,\n        windowsHide: true,\n      })\n    } catch {\n      // Same as above.\n    }\n    _activeRegistry.delete(entry)\n  }\n}\n\n/**\n * Wire up SIGINT/SIGTERM/exit handlers that walk the registry and\n * remove every entry. Idempotent: subsequent calls swap the registry\n * pointer but do NOT register additional process listeners (otherwise\n * we'd leak listeners on every `runWorkerAgent`).\n *\n * Signal handlers re-raise the signal after sweeping. Naively running\n * the sweep on SIGINT/SIGTERM and returning would *suppress* the\n * signal: Node defaults to terminating the process on these, but only\n * if no user listener is attached. Once we attach a listener, the\n * default action is cancelled and the process keeps running — which\n * means Ctrl-C would clean worktrees but not actually exit, leaving\n * orphan processes in dev. The `process.kill(pid, sig)` re-raise\n * after removing our own listener restores the default behaviour\n * (the second delivery now hits an empty listener list, so Node\n * terminates with the conventional `128 + signum` exit code).\n */\nexport function registerExitHandlers(registry: WorktreeRegistry): void {\n  _activeRegistry = registry\n  if (_registered) return\n  _registered = true\n  _exitHandler = () => sweepRegistry()\n  _sigintHandler = () => {\n    sweepRegistry()\n    if (_sigintHandler) process.off(\"SIGINT\", _sigintHandler)\n    process.kill(process.pid, \"SIGINT\")\n  }\n  _sigtermHandler = () => {\n    sweepRegistry()\n    if (_sigtermHandler) process.off(\"SIGTERM\", _sigtermHandler)\n    process.kill(process.pid, \"SIGTERM\")\n  }\n  process.on(\"SIGINT\", _sigintHandler)\n  process.on(\"SIGTERM\", _sigtermHandler)\n  // `exit` handlers can only run synchronous code — exactly what\n  // sweepRegistry does. Async work here would never complete.\n  process.on(\"exit\", _exitHandler)\n}\n\n/**\n * Test-only: unregister the handlers and reset module state. Tests\n * that want to verify `registerExitHandlers` semantics must clean up\n * after themselves or future tests in the same process inherit the\n * (now stale) registry pointer.\n */\nexport function __unregisterExitHandlersForTests(): void {\n  if (_sigintHandler) {\n    process.off(\"SIGINT\", _sigintHandler)\n    _sigintHandler = null\n  }\n  if (_sigtermHandler) {\n    process.off(\"SIGTERM\", _sigtermHandler)\n    _sigtermHandler = null\n  }\n  if (_exitHandler) {\n    process.off(\"exit\", _exitHandler)\n    _exitHandler = null\n  }\n  _registered = false\n  _activeRegistry = null\n}\n\n// ---------------------------------------------------------------------\n// Ledger: which repos has this proxy touched?\n// ---------------------------------------------------------------------\n\ninterface LedgerEntry {\n  repoRoot: string\n  lastSeenMs: number\n}\n\ninterface LedgerFile {\n  entries: Array<LedgerEntry>\n}\n\nfunction ledgerPath(): string {\n  return path.join(PATHS.APP_DIR, \"worker-repos.json\")\n}\n\nasync function readLedger(): Promise<LedgerFile> {\n  let raw: string\n  try {\n    raw = await fs.readFile(ledgerPath(), \"utf8\")\n  } catch (err) {\n    if ((err as NodeJS.ErrnoException).code === \"ENOENT\") {\n      return { entries: [] }\n    }\n    return { entries: [] }\n  }\n  try {\n    const parsed = JSON.parse(raw) as Partial<LedgerFile>\n    if (!parsed || !Array.isArray(parsed.entries)) return { entries: [] }\n    const cleaned: Array<LedgerEntry> = []\n    for (const e of parsed.entries) {\n      if (\n        e &&\n        typeof e === \"object\" &&\n        typeof (e as LedgerEntry).repoRoot === \"string\" &&\n        typeof (e as LedgerEntry).lastSeenMs === \"number\"\n      ) {\n        cleaned.push({\n          repoRoot: (e as LedgerEntry).repoRoot,\n          lastSeenMs: (e as LedgerEntry).lastSeenMs,\n        })\n      }\n    }\n    return { entries: cleaned }\n  } catch {\n    // Corrupted JSON — start fresh rather than crashing the proxy.\n    return { entries: [] }\n  }\n}\n\n/**\n * Per-process serializer for ledger writes. Multiple concurrent\n * `recordWorkerRepo` calls (legitimate: several workers may start at\n * once) would otherwise race read-modify-write on the JSON file. Each\n * call chains onto the previous so the on-disk sequence is\n * deterministic from this process's perspective.\n *\n * Cross-process safety is provided by the atomic temp+rename below,\n * which makes the final state of the file always be a well-formed\n * full snapshot from ONE writer — never a partial write or\n * interleaved JSON.\n */\nlet _ledgerChain: Promise<void> = Promise.resolve()\n\n/**\n * Append `repoRoot` to the ledger (or update its `lastSeenMs`).\n * Atomic temp+rename per peer review.\n */\nexport function recordWorkerRepo(repoRoot: string): Promise<void> {\n  const next = _ledgerChain.then(async () => {\n    await fs.mkdir(PATHS.APP_DIR, { recursive: true })\n    const current = await readLedger()\n    // Dedup: drop any existing entry for this root before appending\n    // the fresh one so the array doesn't grow unbounded with repeats.\n    const filtered = current.entries.filter((e) => e.repoRoot !== repoRoot)\n    filtered.push({ repoRoot, lastSeenMs: Date.now() })\n    // Prune by age and cap entry count (newest wins).\n    const now = Date.now()\n    const pruned = filtered\n      .filter((e) => now - e.lastSeenMs < LEDGER_MAX_AGE_MS)\n      .slice(-LEDGER_MAX_ENTRIES)\n    const ledger: LedgerFile = { entries: pruned }\n\n    // Atomic temp+rename. The temp filename is unique per call\n    // (PID + 8 random hex chars) so concurrent processes don't\n    // collide on the temp name; the final `rename` is atomic on\n    // POSIX and on Windows (both with same filesystem).\n    const tmp = `${ledgerPath()}.tmp.${process.pid}.${randomBytes(4).toString(\n      \"hex\",\n    )}`\n    try {\n      await writeRuntimeFileSecure(tmp, JSON.stringify(ledger, null, 2))\n      await fs.rename(tmp, ledgerPath())\n    } catch (err) {\n      // Clean up the temp file if rename failed midway.\n      await fs.unlink(tmp).catch(() => {})\n      throw err\n    }\n  })\n  // Swallow chain-internal errors so one failed write doesn't poison\n  // the chain for every subsequent caller. Each call still sees its\n  // own rejection (we return `next`, not the catch-handler chain).\n  _ledgerChain = next.catch(() => undefined)\n  return next\n}\n\nfunction isPidAlive(pid: number): boolean {\n  if (!Number.isInteger(pid) || pid <= 0) return false\n  try {\n    process.kill(pid, 0)\n    return true\n  } catch (err) {\n    const code = (err as NodeJS.ErrnoException).code\n    // EPERM = process exists but we can't signal it — still alive\n    // for our purposes (we just need to know whether to clean up).\n    if (code === \"EPERM\") return true\n    return false\n  }\n}\n\n/**\n * Boot-time sweep. For every repo we recorded in the ledger,\n * enumerate `<repoRoot>/.git/worker-worktrees/` (the conventional\n * location — for repos already inside a worktree, the actual\n * `git-common-dir` may differ, in which case we'll miss this batch\n * and the per-call age sweep will catch them within 7 days) and\n * remove dirs that aren't owned by THIS proxy.\n *\n * Ownership rule: dir is \"ours\" iff its embedded PID is alive AND\n * its embedded UUID equals `getInstanceUuid()`. Either condition\n * failing → remove.\n */\nexport async function sweepStaleWorktreesAtBoot(): Promise<void> {\n  const ledger = await readLedger()\n  if (ledger.entries.length === 0) return\n  const currentUuid = getInstanceUuid()\n  for (const entry of ledger.entries) {\n    const parent = path.join(entry.repoRoot, \".git\", \"worker-worktrees\")\n    let names: Array<string>\n    try {\n      names = await fs.readdir(parent)\n    } catch {\n      continue\n    }\n    for (const name of names) {\n      const m = WORKTREE_DIR_NAME_RE.exec(name)\n      if (!m) continue\n      const pid = Number.parseInt(m[1], 10)\n      const uuid = m[2]\n      const isOurs = isPidAlive(pid) && uuid === currentUuid\n      if (isOurs) continue\n\n      const fullDir = path.join(parent, name)\n      const branch = `worker/${pid}-${uuid}-${m[3]}`\n      try {\n        // `-C entry.repoRoot` is load-bearing here too — see the\n        // matching comment in `sweepRegistry`. The boot sweep runs\n        // BEFORE any worker tool has set cwd, so the proxy's cwd is\n        // the user's launch dir, which is almost never inside the\n        // target repo.\n        execFileSync(\n          \"git\",\n          [\"-C\", entry.repoRoot, \"worktree\", \"remove\", \"--force\", fullDir],\n          { stdio: \"ignore\", timeout: 10_000, windowsHide: true },\n        )\n      } catch {\n        // ignore\n      }\n      try {\n        execFileSync(\n          \"git\",\n          [\"-C\", entry.repoRoot, \"branch\", \"-D\", branch],\n          { stdio: \"ignore\", timeout: 5_000, windowsHide: true },\n        )\n      } catch {\n        // ignore\n      }\n      try {\n        await fs.rm(fullDir, { recursive: true, force: true })\n      } catch {\n        // ignore — git may have removed it already\n      }\n    }\n  }\n}\n\n/** Test-only: clear the ledger file (does NOT remove on-disk worktrees). */\nexport async function __clearLedgerForTests(): Promise<void> {\n  await fs.unlink(ledgerPath()).catch(() => {})\n}\n\n/** Test-only: read the ledger as a plain array (no side effects). */\nexport async function __readLedgerForTests(): Promise<Array<LedgerEntry>> {\n  return (await readLedger()).entries\n}\n"],"mappings":";;;;;;;;;;;;AAyCA,MAAM,uBACJ;;;;;;;AAQF,MAAM,qBAAqB;AAC3B,MAAM,oBAAoB,MAAU,KAAK,KAAK;;;;;;;;;AAgB9C,IAAa,mBAAb,MAA8B;CAC5B,AAAiB,0BAAU,IAAI,KAA4B;CAE3D,IAAI,OAAoC;AACtC,OAAK,QAAQ,IAAI,MAAM;;CAEzB,OAAO,OAAoC;AACzC,OAAK,QAAQ,OAAO,MAAM;;CAE5B,IAAI,OAAuC;AACzC,SAAO,KAAK,QAAQ,IAAI,MAAM;;CAEhC,SAAkD;AAChD,SAAO,KAAK,QAAQ,QAAQ;;CAE9B,IAAI,OAAe;AACjB,SAAO,KAAK,QAAQ;;CAEtB,QAAc;AACZ,OAAK,QAAQ,OAAO;;;AAQxB,IAAIA,gBAA+B;;;;;;;;AASnC,SAAgB,kBAA0B;AACxC,KAAI,kBAAkB,KACpB,iBAAgB,YAAY;AAE9B,QAAO;;AAYT,IAAI,cAAc;AAClB,IAAIC,kBAA2C;AAC/C,IAAIC,eAAoC;AACxC,IAAIC,iBAAsC;AAC1C,IAAIC,kBAAuC;;;;;;;;;;;AAY3C,SAAgB,gBAAsB;AACpC,KAAI,CAAC,gBAAiB;CAGtB,MAAM,WAAW,CAAC,GAAG,gBAAgB,QAAQ,CAAC;AAC9C,MAAK,MAAM,SAAS,UAAU;AAC5B,MAAI;AAOF,gBACE,OACA;IAAC;IAAM,MAAM;IAAU;IAAY;IAAU;IAAW,MAAM;IAAI,EAClE;IAAE,OAAO;IAAU,SAAS;IAAQ,aAAa;IAAM,CACxD;UACK;AAGR,MAAI;AACF,gBAAa,OAAO;IAAC;IAAM,MAAM;IAAU;IAAU;IAAM,MAAM;IAAO,EAAE;IACxE,OAAO;IACP,SAAS;IACT,aAAa;IACd,CAAC;UACI;AAGR,kBAAgB,OAAO,MAAM;;;;;;;;;;;;;;;;;;;;AAqBjC,SAAgB,qBAAqB,UAAkC;AACrE,mBAAkB;AAClB,KAAI,YAAa;AACjB,eAAc;AACd,sBAAqB,eAAe;AACpC,wBAAuB;AACrB,iBAAe;AACf,MAAI,eAAgB,SAAQ,IAAI,UAAU,eAAe;AACzD,UAAQ,KAAK,QAAQ,KAAK,SAAS;;AAErC,yBAAwB;AACtB,iBAAe;AACf,MAAI,gBAAiB,SAAQ,IAAI,WAAW,gBAAgB;AAC5D,UAAQ,KAAK,QAAQ,KAAK,UAAU;;AAEtC,SAAQ,GAAG,UAAU,eAAe;AACpC,SAAQ,GAAG,WAAW,gBAAgB;AAGtC,SAAQ,GAAG,QAAQ,aAAa;;AAuClC,SAAS,aAAqB;AAC5B,QAAO,KAAK,KAAK,MAAM,SAAS,oBAAoB;;AAGtD,eAAe,aAAkC;CAC/C,IAAIC;AACJ,KAAI;AACF,QAAM,MAAM,GAAG,SAAS,YAAY,EAAE,OAAO;UACtC,KAAK;AACZ,MAAK,IAA8B,SAAS,SAC1C,QAAO,EAAE,SAAS,EAAE,EAAE;AAExB,SAAO,EAAE,SAAS,EAAE,EAAE;;AAExB,KAAI;EACF,MAAM,SAAS,KAAK,MAAM,IAAI;AAC9B,MAAI,CAAC,UAAU,CAAC,MAAM,QAAQ,OAAO,QAAQ,CAAE,QAAO,EAAE,SAAS,EAAE,EAAE;EACrE,MAAMC,UAA8B,EAAE;AACtC,OAAK,MAAM,KAAK,OAAO,QACrB,KACE,KACA,OAAO,MAAM,YACb,OAAQ,EAAkB,aAAa,YACvC,OAAQ,EAAkB,eAAe,SAEzC,SAAQ,KAAK;GACX,UAAW,EAAkB;GAC7B,YAAa,EAAkB;GAChC,CAAC;AAGN,SAAO,EAAE,SAAS,SAAS;SACrB;AAEN,SAAO,EAAE,SAAS,EAAE,EAAE;;;;;;;;;;;;;;;AAgB1B,IAAIC,eAA8B,QAAQ,SAAS;;;;;AAMnD,SAAgB,iBAAiB,UAAiC;CAChE,MAAM,OAAO,aAAa,KAAK,YAAY;AACzC,QAAM,GAAG,MAAM,MAAM,SAAS,EAAE,WAAW,MAAM,CAAC;EAIlD,MAAM,YAHU,MAAM,YAAY,EAGT,QAAQ,QAAQ,MAAM,EAAE,aAAa,SAAS;AACvE,WAAS,KAAK;GAAE;GAAU,YAAY,KAAK,KAAK;GAAE,CAAC;EAEnD,MAAM,MAAM,KAAK,KAAK;EAItB,MAAMC,SAAqB,EAAE,SAHd,SACZ,QAAQ,MAAM,MAAM,EAAE,aAAa,kBAAkB,CACrD,MAAM,CAAC,mBAAmB,EACiB;EAM9C,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,QAAQ,IAAI,GAAG,YAAY,EAAE,CAAC,SAC/D,MACD;AACD,MAAI;AACF,SAAM,uBAAuB,KAAK,KAAK,UAAU,QAAQ,MAAM,EAAE,CAAC;AAClE,SAAM,GAAG,OAAO,KAAK,YAAY,CAAC;WAC3B,KAAK;AAEZ,SAAM,GAAG,OAAO,IAAI,CAAC,YAAY,GAAG;AACpC,SAAM;;GAER;AAIF,gBAAe,KAAK,YAAY,OAAU;AAC1C,QAAO;;AAGT,SAAS,WAAW,KAAsB;AACxC,KAAI,CAAC,OAAO,UAAU,IAAI,IAAI,OAAO,EAAG,QAAO;AAC/C,KAAI;AACF,UAAQ,KAAK,KAAK,EAAE;AACpB,SAAO;UACA,KAAK;AAIZ,MAHc,IAA8B,SAG/B,QAAS,QAAO;AAC7B,SAAO;;;;;;;;;;;;;;;AAgBX,eAAsB,4BAA2C;CAC/D,MAAM,SAAS,MAAM,YAAY;AACjC,KAAI,OAAO,QAAQ,WAAW,EAAG;CACjC,MAAM,cAAc,iBAAiB;AACrC,MAAK,MAAM,SAAS,OAAO,SAAS;EAClC,MAAM,SAAS,KAAK,KAAK,MAAM,UAAU,QAAQ,mBAAmB;EACpE,IAAIC;AACJ,MAAI;AACF,WAAQ,MAAM,GAAG,QAAQ,OAAO;UAC1B;AACN;;AAEF,OAAK,MAAM,QAAQ,OAAO;GACxB,MAAM,IAAI,qBAAqB,KAAK,KAAK;AACzC,OAAI,CAAC,EAAG;GACR,MAAM,MAAM,OAAO,SAAS,EAAE,IAAI,GAAG;GACrC,MAAM,OAAO,EAAE;AAEf,OADe,WAAW,IAAI,IAAI,SAAS,YAC/B;GAEZ,MAAM,UAAU,KAAK,KAAK,QAAQ,KAAK;GACvC,MAAM,SAAS,UAAU,IAAI,GAAG,KAAK,GAAG,EAAE;AAC1C,OAAI;AAMF,iBACE,OACA;KAAC;KAAM,MAAM;KAAU;KAAY;KAAU;KAAW;KAAQ,EAChE;KAAE,OAAO;KAAU,SAAS;KAAQ,aAAa;KAAM,CACxD;WACK;AAGR,OAAI;AACF,iBACE,OACA;KAAC;KAAM,MAAM;KAAU;KAAU;KAAM;KAAO,EAC9C;KAAE,OAAO;KAAU,SAAS;KAAO,aAAa;KAAM,CACvD;WACK;AAGR,OAAI;AACF,UAAM,GAAG,GAAG,SAAS;KAAE,WAAW;KAAM,OAAO;KAAM,CAAC;WAChD"}

package/dist/{lifecycle-De6QsSv8.js → lifecycle-DxRKANCV.js}

@@ -1,3 +1,4 @@
-import { a as sweepRegistry, i as registerExitHandlers, n as getInstanceUuid, o as sweepStaleWorktreesAtBoot, r as recordWorkerRepo, t as WorktreeRegistry } from "./lifecycle-BrNqqJZH.js";
+import "./paths-Cr2gfGiA.js";
+import { a as sweepRegistry, i as registerExitHandlers, n as getInstanceUuid, o as sweepStaleWorktreesAtBoot, r as recordWorkerRepo, t as WorktreeRegistry } from "./lifecycle-3OXRVrtQ.js";
 
 export { WorktreeRegistry, getInstanceUuid, recordWorkerRepo, registerExitHandlers, sweepRegistry, sweepStaleWorktreesAtBoot };