haltija 1.2.3 → 1.2.5

package/apps/desktop/main.js

@@ -36,6 +36,10 @@ const HALTIJA_SERVER = `http://localhost:${HALTIJA_PORT}`
 // Combined with webContents.id to create globally unique tab identifiers
 const APP_INSTANCE_ID = `${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 6)}`
 
+// Pending session: when an agent opens a tab with a session, store it here
+// so injectWidget can include it in the widget config for the next new tab
+let pendingTabSession = null
+
 // ============================================
 // Preferences
 // ============================================
@@ -741,8 +745,16 @@ async function injectWidget(webContents) {
     // This is stable across navigations (even cross-origin) enabling cross-page recording
     const wsUrl = HALTIJA_SERVER.replace('http:', 'ws:') + '/ws/browser'
     const windowId = `hj-${APP_INSTANCE_ID}-${webContents.id}`
+    const configObj = { serverUrl: wsUrl, windowId }
+    // Session priority: pending session from agent's tabs/open > env var
+    if (pendingTabSession) {
+      configObj.session = pendingTabSession
+      pendingTabSession = null // Consume — only applies to the next tab
+    } else if (process.env.HALTIJA_SESSION) {
+      configObj.session = process.env.HALTIJA_SESSION
+    }
     await webContents.executeJavaScript(
-      `window.__haltija_config__ = { serverUrl: '${wsUrl}', windowId: '${windowId}' };`,
+      `window.__haltija_config__ = ${JSON.stringify(configObj)};`,
     )
     await webContents.executeJavaScript(componentCode)
 
@@ -882,9 +894,10 @@ function setupScreenCapture() {
   })
 
   // Tab management — forwarded to renderer
-  ipcMain.handle('open-tab', async (event, url) => {
+  ipcMain.handle('open-tab', async (event, url, session) => {
     if (!mainWindow) return false
-    mainWindow.webContents.send('open-tab', { url })
+    if (session) pendingTabSession = session
+    mainWindow.webContents.send('open-tab', { url, session })
     return true
   })
 

package/apps/desktop/package.json

@@ -1,6 +1,6 @@
 {
   "name": "haltija-desktop",
-  "version": "1.2.3",
+  "version": "1.2.5",
   "description": "Haltija Desktop - God Mode Browser for AI Agents",
   "homepage": "https://github.com/tonioloewald/haltija",
   "author": {

package/apps/desktop/renderer/tabs.js

@@ -150,13 +150,24 @@ export function renameTerminalTab(tab, name) {
   }
 }
 
+// Track the last active content (non-terminal) tab so it stays visible
+// behind terminal/agent overlays for screenshot/hj command support
+let lastContentTabId = null
+
 export function activateTab(tabId) {
   const tab = tabs.find((t) => t.id === tabId)
   if (!tab) return
 
+  const isTerminalTab = tab.isTerminal || tab.url === 'terminal'
+  if (!isTerminalTab) lastContentTabId = tabId
+
   tabs.forEach((t) => {
     t.element.classList.remove('active')
-    t.webview.classList.remove('active')
+    if (isTerminalTab && t.id === lastContentTabId) {
+      // Keep the last content webview visible behind the terminal iframe
+    } else {
+      t.webview.classList.remove('active')
+    }
   })
 
   tab.element.classList.add('active')

package/apps/desktop/renderer.js

@@ -130,7 +130,7 @@ document.addEventListener('keydown', (e) => {
 // ============================================
 
 // Tab management from widget (via main process IPC)
-window.haltija?.onOpenTab?.((data) => createTab(data.url))
+window.haltija?.onOpenTab?.((data) => createTab(data.url, { session: data.session }))
 window.haltija?.onCloseTab?.((data) => {
   const tab = findTabByWindowId(data.windowId)
   if (tab) closeTab(tab.id)

package/apps/desktop/resources/component.js

@@ -46,7 +46,7 @@
   });
 
   // src/version.ts
-  var VERSION = "1.2.3";
+  var VERSION = "1.2.5";
 
   // src/text-selector.ts
   var TEXT_PSEUDO_RE = /:(?:text-is|has-text|text)\(/;
@@ -1312,7 +1312,7 @@
   }
   function buildDomTree(el, options, currentDepth = 0) {
     const {
-      depth = 3,
+      depth = 5,
       includeText = true,
       allAttributes = false,
       includeStyles = false,
@@ -1703,6 +1703,7 @@
     windowId;
     isElectron = false;
     browserId = uid();
+    sessionToken = "";
     killed = false;
     isActive = true;
     homeLeft = 0;
@@ -1775,7 +1776,7 @@
     selectionBox = null;
     highlightedElements = [];
     static get observedAttributes() {
-      return ["server", "hidden"];
+      return ["server", "hidden", "session"];
     }
     static async runTests() {
       const el = document.querySelector(TAG_NAME);
@@ -1871,10 +1872,16 @@
         }
         this.windowId = storedWindowId;
       }
+      if (config?.session) {
+        this.sessionToken = config.session;
+      } else {
+        this.sessionToken = uid();
+      }
     }
     connectedCallback() {
       this.killed = false;
       this.serverUrl = this.getAttribute("server") || this.serverUrl;
+      this.sessionToken = this.getAttribute("session") || this.sessionToken;
       this.render();
       const rect = this.getBoundingClientRect();
       this.homeLeft = window.innerWidth - rect.width - 16;
@@ -1902,6 +1909,11 @@
           this.connect();
         }
       }
+      if (name === "session") {
+        this.sessionToken = value;
+        this.disconnect();
+        this.connect();
+      }
     }
     render() {
       if (this.shadowRoot.querySelector(".widget")) {
@@ -2087,6 +2099,25 @@
         .btn.info-btn:hover {
           background: #2563eb;
         }
+        .session-badge {
+          display: flex;
+          align-items: center;
+          gap: 2px;
+          font-size: 9px;
+          color: #666;
+          background: rgba(255,255,255,0.05);
+          padding: 2px 4px;
+          border-radius: 3px;
+          cursor: pointer;
+          user-select: none;
+        }
+        .session-badge:hover {
+          background: rgba(255,255,255,0.1);
+          color: #aaa;
+        }
+        .session-badge.copied {
+          color: #22c55e;
+        }
         @keyframes pulse {
           0%, 100% { opacity: 1; }
           50% { opacity: 0.5; }
@@ -2449,6 +2480,8 @@
             <span class="logo">\uD83E\uDDDD</span>
           </div>
           <div class="title">${PRODUCT_NAME}</div>
+          <span class="session-badge" data-action="copy-session" title="Session: ${this.sessionToken}
+Click to copy session command">${this.sessionToken.slice(0, 8)}</span>
           <div class="controls">
             <button class="btn" data-action="select" title="Select elements (drag to select area)" aria-label="Select elements">\uD83D\uDC46</button>
             <button class="btn" data-action="record" title="Record test (click to start/stop)" aria-label="Record test">REC</button>
@@ -2535,6 +2568,8 @@
             this.startSelection();
           if (action2 === "stats")
             this.copyStatsToClipboard();
+          if (action2 === "copy-session")
+            this.copySessionToken(e.currentTarget);
           if (action2 === "close-modal")
             this.closeTestModal();
           if (action2 === "copy-test")
@@ -3160,6 +3195,28 @@
         });
       }
     }
+    async copySessionToken(badge) {
+      const cmd = `export HALTIJA_SESSION=${this.sessionToken}`;
+      try {
+        await navigator.clipboard.writeText(cmd);
+        badge.textContent = "copied!";
+        badge.classList.add("copied");
+        setTimeout(() => {
+          badge.textContent = this.sessionToken.slice(0, 8);
+          badge.classList.remove("copied");
+        }, 1500);
+      } catch {
+        try {
+          await navigator.clipboard.writeText(this.sessionToken);
+          badge.textContent = "copied!";
+          badge.classList.add("copied");
+          setTimeout(() => {
+            badge.textContent = this.sessionToken.slice(0, 8);
+            badge.classList.remove("copied");
+          }, 1500);
+        } catch {}
+      }
+    }
     async copyStatsToClipboard() {
       const refStats = refRegistry.getStats();
       stats.refsStale = refStats.stale;
@@ -4926,6 +4983,7 @@ ${elementSummary}${moreText}`;
           this.send("system", "connected", {
             windowId: this.windowId,
             browserId: this.browserId,
+            session: this.sessionToken,
             version: VERSION2,
             serverSessionId: SERVER_SESSION_ID,
             url: location.href,
@@ -5351,7 +5409,7 @@ ${elementSummary}${moreText}`;
       const haltija = window.haltija;
       if (action2 === "open") {
         if (haltija?.openTab) {
-          haltija.openTab(payload2.url).then((opened) => {
+          haltija.openTab(payload2.url, payload2.session).then((opened) => {
             this.respond(msg2.id, true, { opened });
           }).catch((err) => {
             this.respond(msg2.id, false, null, err.message);
@@ -7207,7 +7265,7 @@ ${elementSummary}${moreText}`;
   }
   registerDevChannel();
   var WIDGET_ID = "haltija-widget";
-  function inject(serverUrl2 = "wss://localhost:8700/ws/browser") {
+  function inject(serverUrl2 = "wss://localhost:8700/ws/browser", options) {
     const existing = document.getElementById(WIDGET_ID);
     if (existing) {
       console.log(`${LOG_PREFIX} Already injected`);
@@ -7222,6 +7280,8 @@ ${elementSummary}${moreText}`;
     const el = DevChannel.elementCreator()();
     el.id = WIDGET_ID;
     el.setAttribute("server", serverUrl2);
+    if (options?.session)
+      el.setAttribute("session", options.session);
     el.setAttribute("data-version", VERSION2);
     document.body.appendChild(el);
     console.log(`${LOG_PREFIX} Injected`);
@@ -7233,7 +7293,7 @@ ${elementSummary}${moreText}`;
     const config = window.__haltija_config__;
     if (config?.autoInject !== false) {
       if (config) {
-        inject(config.serverUrl || config.wsUrl);
+        inject(config.serverUrl || config.wsUrl, { session: config.session });
         return;
       }
     }

package/apps/desktop/styles.css

@@ -640,9 +640,15 @@ body {
   display: none;
 }
 
-#webview-container webview.active,
+#webview-container webview.active {
+  display: flex;
+  z-index: 0;
+}
+
 #webview-container .terminal-frame.active {
   display: flex;
+  z-index: 1;
+  opacity: 0.88;
 }
 
 #webview-container .terminal-frame {

package/apps/desktop/terminal.html

@@ -1192,7 +1192,12 @@
         outputPreview.className = 'tool-output-preview'
         const lines = (output || '').split('\n')
         const previewText = lines.slice(0, 3).join('\n')
-        outputPreview.textContent = previewText + (lines.length > 3 ? `\n... (${lines.length} lines)` : '')
+        const previewFull = previewText + (lines.length > 3 ? `\n... (${lines.length} lines)` : '')
+        if (/\x1b\[/.test(previewFull)) {
+          outputPreview.innerHTML = ansiToHtml(previewFull)
+        } else {
+          outputPreview.textContent = previewFull
+        }
         card.appendChild(outputPreview)
         
         // Add full output to expandable body
@@ -1205,10 +1210,13 @@
         outputDiv.appendChild(outputLabel)
         const outputPre = document.createElement('pre')
         outputPre.style.cssText = 'margin: 0; white-space: pre-wrap;'
-        if (lines.length > 20) {
-          outputPre.textContent = lines.slice(0, 20).join('\n') + `\n... (${lines.length} lines total)`
+        const fullText = lines.length > 20
+          ? lines.slice(0, 20).join('\n') + `\n... (${lines.length} lines total)`
+          : (output || '')
+        if (/\x1b\[/.test(fullText)) {
+          outputPre.innerHTML = ansiToHtml(fullText)
         } else {
-          outputPre.textContent = output || ''
+          outputPre.textContent = fullText
         }
         outputDiv.appendChild(outputPre)
         body.appendChild(outputDiv)
@@ -1277,6 +1285,8 @@
         div.textContent = text
       } else if (type === 'summary') {
         div.textContent = text
+      } else if (/\x1b\[/.test(text)) {
+        div.innerHTML = ansiToHtml(text)
       } else {
         div.textContent = text
       }
@@ -1296,6 +1306,30 @@
       return String(str).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;')
     }
 
+    /** Convert ANSI escape codes to HTML spans */
+    function ansiToHtml(str) {
+      if (str == null) return ''
+      const escaped = escapeHtml(str)
+      // Map SGR codes to CSS styles
+      const styles = {
+        '1': 'font-weight:bold',
+        '2': 'opacity:0.6',
+        '3': 'font-style:italic',
+        '4': 'text-decoration:underline',
+        '31': 'color:#f87171', '32': 'color:#4ade80', '33': 'color:#fbbf24',
+        '34': 'color:#60a5fa', '35': 'color:#c084fc', '36': 'color:#22d3ee',
+        '90': 'color:#6b7280', '91': 'color:#f87171', '92': 'color:#4ade80',
+        '93': 'color:#fbbf24', '94': 'color:#60a5fa', '95': 'color:#c084fc',
+        '96': 'color:#22d3ee',
+      }
+      // Replace \e[...m sequences with styled spans
+      return escaped.replace(/\x1b\[([0-9;]*)m/g, (_, codes) => {
+        if (!codes || codes === '0') return '</span>'
+        const css = codes.split(';').map(c => styles[c] || '').filter(Boolean).join(';')
+        return css ? `<span style="${css}">` : ''
+      })
+    }
+
     // ==========================================
     // Init
     // ==========================================

package/apps/desktop/webview-preload.js

@@ -25,7 +25,7 @@ contextBridge.exposeInMainWorld('haltija', {
     return ipcRenderer.invoke('navigate-url', url)
   },
   // Tab management — routed through main process to renderer
-  openTab: (url) => ipcRenderer.invoke('open-tab', url),
+  openTab: (url, session) => ipcRenderer.invoke('open-tab', url, session),
   closeTab: (windowId) => ipcRenderer.invoke('close-tab', windowId),
   focusTab: (windowId) => ipcRenderer.invoke('focus-tab', windowId),
   openAgentTab: () => {

package/bin/cli-subcommand.mjs

@@ -95,9 +95,19 @@ export const ARG_MAPS = {
   call: (args) => ({ ...parseTargetArgs(args.slice(0, 1)), method: args[1], args: args.slice(2).map(tryParseJSON) }),
   fetch: (args) => ({ url: args[0], prompt: args.slice(1).join(' ') || undefined }),
   screenshot: (args) => {
-    const dataUrl = args.includes('--data-url')
-    const filtered = args.filter(a => a !== '--data-url')
-    return { ...parseTargetArgs(filtered), file: !dataUrl }
+    const body = { file: true }
+    const positional = []
+    for (let i = 0; i < args.length; i++) {
+      const a = args[i]
+      if (a === '--data-url') { body.file = false; continue }
+      if (a === '--scale') { body.scale = num(args[++i]); continue }
+      if (a === '--maxWidth' || a === '--max-width') { body.maxWidth = num(args[++i]); continue }
+      if (a === '--maxHeight' || a === '--max-height') { body.maxHeight = num(args[++i]); continue }
+      if (a === '--delay') { body.delay = num(args[++i]); continue }
+      if (a === '--no-chyron') { body.chyron = false; continue }
+      if (!a.startsWith('-')) { positional.push(a) }
+    }
+    return { ...body, ...parseTargetArgs(positional) }
   },
   snapshot: (args) => ({ context: args.join(' ') || undefined }),
   select: (args) => ({ action: args[0] }),
@@ -192,6 +202,7 @@ export function parseTreeArgs(args) {
   for (let i = 0; i < args.length; i++) {
     const a = args[i]
     if (a === '--depth' || a === '-d') { body.depth = num(args[++i]); continue }
+    if (a === '--all' || a === '-a') { body.depth = -1; continue }
     if (a === '--selector' || a === '-s') { body.selector = args[++i]; continue }
     if (a === '--compact' || a === '-c') { body.compact = true; continue }
     if (a === '--visible') { body.visibleOnly = true; continue }
@@ -422,6 +433,18 @@ export function clean(obj) {
   return Object.keys(result).length ? result : undefined
 }
 
+// ============================================
+// Session ID for multi-agent isolation
+// ============================================
+
+export function getSessionId() {
+  if (process.env.HALTIJA_SESSION) return process.env.HALTIJA_SESSION
+  // Auto-generate a session ID for this shell — persisted in env for subsequent calls
+  const id = `hj_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 8)}`
+  process.env.HALTIJA_SESSION = id
+  return id
+}
+
 // ============================================
 // Server auto-start
 // ============================================
@@ -499,14 +522,92 @@ async function startServerInBackground(port) {
   return false
 }
 
+// ============================================
+// Auto-launch Electron app when no browser windows connected
+// ============================================
+
+async function launchElectronApp() {
+  const { execSync, spawn: spawnChild } = await import('child_process')
+  
+  if (process.platform === 'darwin') {
+    // Check common locations for Haltija.app
+    const appPaths = [
+      '/Applications/Haltija.app',
+      `${process.env.HOME}/Applications/Haltija.app`,
+    ]
+    for (const p of appPaths) {
+      if (existsSync(p)) {
+        spawnChild('open', ['-a', p], { stdio: 'ignore', detached: true }).unref()
+        return true
+      }
+    }
+    // Try spotlight search as fallback
+    try {
+      const result = execSync('mdfind "kMDItemCFBundleIdentifier == com.electron.haltija" | head -1', { encoding: 'utf-8', stdio: ['pipe', 'pipe', 'ignore'] }).trim()
+      if (result) {
+        spawnChild('open', ['-a', result], { stdio: 'ignore', detached: true }).unref()
+        return true
+      }
+    } catch {}
+    return false
+  }
+  
+  // Linux/Windows: not yet supported
+  return false
+}
+
+async function ensureBrowserConnected(port) {
+  try {
+    const resp = await fetch(`http://localhost:${port}/status`, {
+      signal: AbortSignal.timeout(2000)
+    })
+    const status = await resp.json()
+    // Use status.ok (global, not session-filtered) to check if any browser is connected
+    if (status.ok) return true
+  } catch { return false }
+  
+  // No windows connected — try to launch Electron app (macOS only)
+  if (process.platform !== 'darwin') return false
+  
+  process.stderr.write('\x1b[2mLaunching Haltija browser...\x1b[0m')
+  const launched = await launchElectronApp()
+  if (!launched) {
+    process.stderr.write('\x1b[2m not found\x1b[0m\n')
+    return false
+  }
+  
+  // Wait for a window to connect (up to 10s)
+  const maxWait = 10000
+  const start = Date.now()
+  while (Date.now() - start < maxWait) {
+    try {
+      const resp = await fetch(`http://localhost:${port}/status`, {
+        signal: AbortSignal.timeout(1000)
+      })
+      const status = await resp.json()
+      if (status.ok) {
+        process.stderr.write('\x1b[2m ready\x1b[0m\n')
+        return true
+      }
+    } catch {}
+    await new Promise(r => setTimeout(r, 500))
+  }
+  process.stderr.write('\x1b[2m timeout\x1b[0m\n')
+  return false
+}
+
+// Commands that don't need a browser window to be connected
+const INFO_COMMANDS = new Set(['status', 'windows', 'version', 'help'])
+
 // ============================================
 // Main subcommand execution
 // ============================================
 
-export async function runSubcommand(subcommand, subArgs, port = '8700') {
+export async function runSubcommand(subcommand, subArgs, port = '8700', options = {}) {
   const baseUrl = `http://localhost:${port}`
   const jsonOutput = subArgs.includes('--json')
-  // Remove --json and extract --window before processing
+  const noLaunch = options.noLaunch || false
+  // Remove --json and extract --window/--session before processing
   let filteredArgs = subArgs.filter(a => a !== '--json')
   let targetWindowId = undefined
   const windowIdx = filteredArgs.indexOf('--window')
@@ -514,6 +615,11 @@ export async function runSubcommand(subcommand, subArgs, port = '8700') {
     targetWindowId = filteredArgs[windowIdx + 1]
     filteredArgs = [...filteredArgs.slice(0, windowIdx), ...filteredArgs.slice(windowIdx + 2)]
   }
+  const sessionIdx = filteredArgs.indexOf('--session')
+  if (sessionIdx !== -1) {
+    process.env.HALTIJA_SESSION = filteredArgs[sessionIdx + 1]
+    filteredArgs = [...filteredArgs.slice(0, sessionIdx), ...filteredArgs.slice(sessionIdx + 2)]
+  }
 
   // Check if server is running, auto-start if not
   if (!(await isServerRunning(port))) {
@@ -528,6 +634,11 @@ export async function runSubcommand(subcommand, subArgs, port = '8700') {
     }
   }
 
+  // Auto-launch browser if no windows connected (skip for info commands and --no-launch)
+  if (!noLaunch && !INFO_COMMANDS.has(subcommand)) {
+    await ensureBrowserConnected(port)
+  }
+
   // Special handling for 'send' command - route to appropriate endpoint
   // hj send selection [agent]      → /send/selection
   // hj send recording [agent]      → /send/recording  
@@ -586,9 +697,10 @@ export async function runSubcommand(subcommand, subArgs, port = '8700') {
 async function doRequest(url, method, body, context = {}) {
   const { subcommand, jsonOutput } = context
   try {
-    const opts = { method }
+    const sessionId = getSessionId()
+    const opts = { method, headers: { 'X-Haltija-Session': sessionId } }
     if (body) {
-      opts.headers = { 'Content-Type': 'application/json' }
+      opts.headers['Content-Type'] = 'application/json'
       opts.body = JSON.stringify(body)
     }
 
@@ -600,7 +712,7 @@ async function doRequest(url, method, body, context = {}) {
 
       // Text format for supported subcommands (unless --json)
       if (!jsonOutput && subcommand === 'tree' && json.success && json.data) {
-        console.log(formatTree(json.data))
+        console.log(formatTree(json.data, 0, { depth: body?.depth }))
       } else if (!jsonOutput && subcommand === 'events' && (json.events || Array.isArray(json))) {
         console.log(formatEvents(json))
       } else if (!jsonOutput && subcommand === 'test-run' && json.test) {
@@ -720,7 +832,7 @@ export function listSubcommands() {
   return `
 Subcommands (replace curl with simple commands):
   ${bold('Inspect')}
-    tree [selector] [-d depth]     DOM tree with ref IDs
+    tree [selector] [-d N] [-a]    DOM tree with ref IDs (default depth 5, -a = all)
     query <selector>               Find elements matching selector
     inspect <@ref|selector>        Detailed element info
     inspectAll <selector>          Deep inspect all matches

package/bin/format-tree.mjs

@@ -27,15 +27,17 @@ const MAX_TEXT_LEN = 80
  * @param {number} indent - current indentation level (internal)
  * @returns {string} formatted text output with footer
  */
-export function formatTree(node, indent = 0) {
+export function formatTree(node, indent = 0, { depth } = {}) {
   if (!node) return ''
 
   const lines = []
   formatNode(node, indent, lines)
 
-  // Footer: JSON escape hatch
+  // Footer: depth and options hint
+  const d = depth ?? 5
+  const isDefault = depth === undefined || depth === null
   lines.push('---')
-  lines.push('hj tree --json')
+  lines.push(`depth=${d}${isDefault ? ' (default)' : d === -1 ? ' (unlimited)' : ''} | -d N | --all | --json`)
 
   return lines.join('\n')
 }

package/bin/hj.mjs

@@ -36,6 +36,21 @@ if (portIdx !== -1 && args[portIdx + 1]) {
   args.splice(portIdx, 2)
 }
 
+// Parse --session option (set session token)
+const sessionIdx = args.indexOf('--session')
+if (sessionIdx !== -1 && args[sessionIdx + 1]) {
+  process.env.HALTIJA_SESSION = args[sessionIdx + 1]
+  args.splice(sessionIdx, 2)
+}
+
+// Parse --no-launch option (skip auto-launching Electron app)
+let noLaunch = false
+const noLaunchIdx = args.indexOf('--no-launch')
+if (noLaunchIdx !== -1) {
+  noLaunch = true
+  args.splice(noLaunchIdx, 1)
+}
+
 const subcommand = args[0]
 const subArgs = args.slice(1).filter(a => a !== '--window' || true) // keep all args
 
@@ -61,7 +76,7 @@ if (!isSubcommand(subcommand)) {
   console.error(`Run 'hj' for docs.`)
   process.exit(1)
 } else {
-  runSubcommand(subcommand, subArgs, port)
+  runSubcommand(subcommand, subArgs, port, { noLaunch })
 }
 
 function filterHelp(topic) {

package/bin/tosijs-dev.mjs

@@ -362,6 +362,8 @@ if (docsDirIdx !== -1 && args[docsDirIdx + 1]) {
 // ============================================
 
 const ciMode = args.includes('--ci')
+const secureMode = args.includes('--secure')
+if (secureMode) process.env.HALTIJA_SECURE = '1'
 const headlessMode = args.includes('--headless')  // Playwright headless (separate from CI)
 const headlessUrlIdx = args.indexOf('--headless-url')
 const headlessUrl = headlessUrlIdx !== -1 ? args[headlessUrlIdx + 1] : null