jettypod 4.2.11 → 4.4.0

package/lib/session-writer.js

@@ -19,6 +19,23 @@ function getSessionFilePath() {
   return path.join(process.cwd(), '.claude', 'session.md');
 }
 
+/**
+ * Validate that we're in a worktree, not the root directory
+ * @throws {Error} If in root directory
+ */
+function validateWorktreeLocation() {
+  const cwd = process.cwd();
+
+  // Check if current directory is inside .jettypod-work/
+  if (!cwd.includes('.jettypod-work')) {
+    throw new Error(
+      'Cannot create session.md in root directory.\n' +
+      'Session files should only be created in worktrees (.jettypod-work/).\n' +
+      'Use "jettypod work start <id>" to create a worktree for this work item.'
+    );
+  }
+}
+
 /**
  * Ensure .claude directory exists
  */
@@ -69,6 +86,9 @@ function writeSessionFile(workItem, mode, options = {}) {
     throw new Error('Work item must have a string status');
   }
 
+  // Validate we're in a worktree, not root directory
+  validateWorktreeLocation();
+
   ensureClaudeDir();
 
   const skillName = modeToSkillName(mode);

package/lib/worktree-facade.js

@@ -15,6 +15,29 @@
 const worktreeManager = require('./worktree-manager');
 const fs = require('fs');
 const path = require('path');
+const { getDb } = require('./database');
+
+/**
+ * Check if a worktree already exists for a work item
+ *
+ * @param {Object} db - Database connection
+ * @param {number} workItemId - Work item ID
+ * @returns {Promise<Object|null>} Existing worktree or null
+ */
+function checkExistingWorktree(db, workItemId) {
+  return new Promise((resolve, reject) => {
+    db.get(
+      `SELECT * FROM worktrees
+       WHERE work_item_id = ?
+       AND status = 'active'`,
+      [workItemId],
+      (err, row) => {
+        if (err) return reject(err);
+        resolve(row || null);
+      }
+    );
+  });
+}
 
 /**
  * Start work on a work item with graceful degradation
@@ -33,6 +56,7 @@ async function startWork(workItem, options = {}) {
   }
 
   const repoPath = options.repoPath || process.cwd();
+  const db = options.db || getDb();
   const result = {
     mode: null,           // 'worktree' or 'main'
     path: null,           // Working directory path
@@ -41,6 +65,25 @@ async function startWork(workItem, options = {}) {
     warnings: []          // Non-fatal warnings
   };
 
+  // Explicit check for existing worktree (defensive programming)
+  try {
+    const existingWorktree = await checkExistingWorktree(db, workItem.id);
+    if (existingWorktree) {
+      // Another instance is already working on this - fall back to main
+      result.mode = 'main';
+      result.path = repoPath;
+      result.error = {
+        message: `Work item #${workItem.id} already has active worktree at ${existingWorktree.worktree_path}`,
+        reason: 'duplicate_worktree_prevented'
+      };
+      result.warnings.push('Another instance may be working on this chore');
+      return result;
+    }
+  } catch (checkErr) {
+    // If check fails, continue anyway - database constraint will catch duplicates
+    result.warnings.push(`Warning: Could not check for existing worktree: ${checkErr.message}`);
+  }
+
   // Attempt to create worktree
   try {
     const worktree = await worktreeManager.createWorktree(workItem, options);

package/lib/worktree-manager.js

@@ -14,6 +14,9 @@
 // Database will be required lazily when implementing actual functions
 // const getDb = require('./database');
 
+// Safe delete module - ALWAYS use this for deletions
+const safeDelete = require('./safe-delete');
+
 /**
  * Valid worktree statuses
  */
@@ -44,9 +47,16 @@ async function createWorktree(workItem, options = {}) {
     return Promise.reject(new Error('SAFETY: repoPath must be explicitly provided to createWorktree'));
   }
 
+  // SAFETY CHECK 0: Verify we're not running from within a worktree
+  try {
+    safeDelete.ensureNotInWorktree();
+  } catch (err) {
+    return Promise.reject(err);
+  }
+
   const gitRoot = options.repoPath;
 
-  // SAFETY CHECK: Verify gitRoot is actually the main repository
+  // SAFETY CHECK 1: Verify gitRoot is actually the main repository
   try {
     const gitRootCheck = execSync('git rev-parse --show-toplevel', {
       cwd: gitRoot,
@@ -205,7 +215,11 @@ async function createWorktree(workItem, options = {}) {
           }
         } else {
           // It's a directory - remove it and create symlink
-          fs.rmSync(jettypodLink, { recursive: true, force: true });
+          // SAFETY: Use safe delete with gitRoot validation
+          const deleteResult = safeDelete.safeRmRecursive(jettypodLink, { gitRoot, force: true });
+          if (!deleteResult.success) {
+            throw new Error(`Failed to remove .jettypod directory: ${deleteResult.error}`);
+          }
           fs.symlinkSync(jettypodTarget, jettypodLink, 'dir');
         }
       } else {
@@ -324,10 +338,10 @@ async function createWorktree(workItem, options = {}) {
 
     // Cleanup directory
     if (fs.existsSync(worktreePath)) {
-      try {
-        fs.rmSync(worktreePath, { recursive: true, force: true });
-      } catch (fsErr) {
-        console.error(`Failed to cleanup worktree directory: ${fsErr.message}`);
+      // SAFETY: Use safe delete with gitRoot validation
+      const deleteResult = safeDelete.safeRmRecursive(worktreePath, { gitRoot, force: true });
+      if (!deleteResult.success) {
+        console.error(`Failed to cleanup worktree directory: ${deleteResult.error}`);
       }
     }
 
@@ -478,12 +492,27 @@ async function removeDirectoryResilient(dirPath, gitRoot) {
   const fs = require('fs');
   const { execSync } = require('child_process');
 
+  // CRITICAL SAFETY: Validate path before ANY deletion attempt
+  const validation = safeDelete.validatePath(dirPath, gitRoot);
+  if (!validation.safe) {
+    throw new Error(`SAFETY: Cannot remove directory - ${validation.reason}`);
+  }
+
+  // Additional safety: Ensure dirPath is within .jettypod-work
+  const path = require('path');
+  const resolvedDir = path.resolve(dirPath);
+  const worktreeBase = path.resolve(gitRoot, '.jettypod-work');
+  if (!resolvedDir.startsWith(worktreeBase)) {
+    throw new Error(`SAFETY: Can only remove directories within .jettypod-work/. Got: ${dirPath}`);
+  }
+
   // Stage 1: Try standard git worktree remove (silent)
   try {
     execSync(`git worktree remove "${dirPath}"`, {
       cwd: gitRoot,
       stdio: 'pipe'
     });
+    safeDelete.logDeletion(dirPath, 'git-worktree-remove', true);
     return; // Success - exit silently
   } catch (stage1Err) {
     // Stage 1 failed - escalate with logging
@@ -497,16 +526,18 @@ async function removeDirectoryResilient(dirPath, gitRoot) {
       stdio: 'pipe'
     });
     console.log(`✓ Forced git removal succeeded`);
+    safeDelete.logDeletion(dirPath, 'git-worktree-remove-force', true);
     return;
   } catch (stage2Err) {
-    console.log(`⚠️  Forced git removal failed, escalating to filesystem removal...`);
+    console.log(`⚠️  Forced git removal failed, escalating to safe filesystem removal...`);
   }
 
-  // Stage 3: Try filesystem removal with force
+  // Stage 3: Try SAFE filesystem removal (validates path again)
   if (fs.existsSync(dirPath)) {
-    try {
-      fs.rmSync(dirPath, { recursive: true, force: true });
-      console.log(`✓ Filesystem removal succeeded`);
+    const deleteResult = safeDelete.safeRmRecursive(dirPath, { gitRoot, force: true });
+
+    if (deleteResult.success) {
+      console.log(`✓ Safe filesystem removal succeeded`);
 
       // Clean up git metadata
       try {
@@ -515,25 +546,14 @@ async function removeDirectoryResilient(dirPath, gitRoot) {
         // Non-fatal
       }
       return;
-    } catch (stage3Err) {
-      console.log(`⚠️  Filesystem removal failed, escalating to manual deletion...`);
+    } else {
+      console.log(`⚠️  Safe filesystem removal failed: ${deleteResult.error}`);
+      throw new Error(`Directory removal failed: ${deleteResult.error}`);
     }
   }
 
-  // Stage 4: Manual recursive deletion (last resort)
-  try {
-    await manualRecursiveDelete(dirPath);
-    console.log(`✓ Manual recursive deletion succeeded`);
-
-    // Clean up git metadata
-    try {
-      execSync('git worktree prune', { cwd: gitRoot, stdio: 'pipe' });
-    } catch (pruneErr) {
-      // Non-fatal
-    }
-  } catch (stage4Err) {
-    throw new Error(`All removal strategies failed: ${stage4Err.message}`);
-  }
+  // If we get here, directory doesn't exist - that's fine
+  console.log(`✓ Directory already removed or doesn't exist`);
 }
 
 /**
@@ -566,21 +586,14 @@ async function cleanupWorktree(worktreeId, options = {}) {
   const db = options.db || getDb();
   const deleteBranch = options.deleteBranch || false;
 
-  // SAFETY CHECK 1: Verify we're not running from within a worktree
-  try {
-    const currentGitDir = execSync('git rev-parse --git-dir', {
-      cwd: process.cwd(),
-      encoding: 'utf8'
-    }).trim();
-
-    if (currentGitDir.includes('.jettypod-work') || currentGitDir !== '.git') {
-      return Promise.reject(new Error('SAFETY: Cannot run cleanup from within a worktree'));
-    }
-  } catch (err) {
-    // Ignore - might not be in a git repo
-  }
+  // NOTE: We intentionally do NOT check ensureNotInWorktree() here.
+  // The merge workflow (jettypod work merge) is designed to be run from
+  // within the worktree being merged. Safety comes from:
+  // 1. Requiring explicit repoPath (not relying on process.cwd())
+  // 2. Verifying repoPath is the main repo (check below)
+  // 3. Path validation in removeDirectoryResilient()
 
-  // SAFETY CHECK 2: Verify gitRoot is actually the main repository
+  // SAFETY CHECK: Verify gitRoot is actually the main repository
   try {
     const gitRootCheck = execSync('git rev-parse --show-toplevel', {
       cwd: gitRoot,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "jettypod",
-  "version": "4.2.11",
+  "version": "4.4.0",
   "description": "AI-powered development workflow manager with TDD, BDD, and automatic test generation",
   "main": "jettypod.js",
   "bin": {

package/lib/migrations/016-worktree-sessions-table.js

@@ -1,84 +0,0 @@
-/**
- * Migration: Create worktree_sessions table
- *
- * Purpose: Track which work item is active in each worktree to support multiple
- * concurrent Claude Code instances working on different features simultaneously.
- *
- * Why this is critical:
- * - Enable true concurrent development with multiple worktrees
- * - Prevent confusion when Claude switches between worktrees
- * - Provide centralized visibility of what's active where
- * - Support automatic cleanup when work items are completed
- */
-
-module.exports = {
-  id: '016-worktree-sessions-table',
-  description: 'Create worktree_sessions table for multi-worktree current work tracking',
-
-  async up(db) {
-    return new Promise((resolve, reject) => {
-      db.run(`
-        CREATE TABLE IF NOT EXISTS worktree_sessions (
-          id INTEGER PRIMARY KEY AUTOINCREMENT,
-          worktree_path TEXT UNIQUE NOT NULL,
-          work_item_id INTEGER NOT NULL,
-          branch_name TEXT NOT NULL,
-          last_activity DATETIME DEFAULT CURRENT_TIMESTAMP,
-          FOREIGN KEY (work_item_id) REFERENCES work_items(id)
-        )
-      `, (err) => {
-        if (err) {
-          return reject(err);
-        }
-
-        // Create index on worktree_path for fast lookups
-        db.run(`
-          CREATE INDEX IF NOT EXISTS idx_worktree_sessions_path
-          ON worktree_sessions(worktree_path)
-        `, (err) => {
-          if (err) {
-            return reject(err);
-          }
-
-          // Create index on work_item_id for reverse lookups
-          db.run(`
-            CREATE INDEX IF NOT EXISTS idx_worktree_sessions_work_item
-            ON worktree_sessions(work_item_id)
-          `, (err) => {
-            if (err) {
-              return reject(err);
-            }
-
-            resolve();
-          });
-        });
-      });
-    });
-  },
-
-  async down(db) {
-    return new Promise((resolve, reject) => {
-      // Drop indexes first
-      db.run('DROP INDEX IF EXISTS idx_worktree_sessions_work_item', (err) => {
-        if (err) {
-          return reject(err);
-        }
-
-        db.run('DROP INDEX IF EXISTS idx_worktree_sessions_path', (err) => {
-          if (err) {
-            return reject(err);
-          }
-
-          // Drop table
-          db.run('DROP TABLE IF EXISTS worktree_sessions', (err) => {
-            if (err) {
-              return reject(err);
-            }
-
-            resolve();
-          });
-        });
-      });
-    });
-  }
-};

package/lib/worktree-sessions.js

@@ -1,186 +0,0 @@
-/**
- * Worktree Session Management
- *
- * CRUD operations for tracking which work item is active in each worktree.
- * Enables multiple concurrent Claude Code instances working in different worktrees.
- */
-
-const { getDb } = require('./database');
-
-/**
- * Create or update a worktree session
- *
- * @param {string} worktreePath - Absolute path to the worktree
- * @param {number} workItemId - ID of the work item
- * @param {string} branchName - Git branch name
- * @returns {Promise<void>}
- */
-function createOrUpdateSession(worktreePath, workItemId, branchName) {
-  const db = getDb();
-
-  return new Promise((resolve, reject) => {
-    db.run(
-      `INSERT OR REPLACE INTO worktree_sessions
-       (worktree_path, work_item_id, branch_name, last_activity)
-       VALUES (?, ?, ?, datetime('now'))`,
-      [worktreePath, workItemId, branchName],
-      (err) => {
-        if (err) {
-          // Provide user-friendly error messages based on error type
-          if (err.code === 'SQLITE_BUSY') {
-            return reject(new Error('Database is locked by another process. Please try again in a moment.'));
-          } else if (err.code === 'SQLITE_CORRUPT') {
-            return reject(new Error('Database is corrupted. Please run: jettypod init --reset'));
-          } else if (err.code === 'SQLITE_CANTOPEN') {
-            return reject(new Error('Cannot open database. Check file permissions or run: jettypod init'));
-          } else if (err.code === 'SQLITE_READONLY') {
-            return reject(new Error('Database is read-only. Check file permissions.'));
-          }
-          // Generic database error
-          console.error('Database error in createOrUpdateSession:', err);
-          return reject(new Error(`Failed to create/update worktree session: ${err.message}`));
-        }
-        resolve();
-      }
-    );
-  });
-}
-
-/**
- * Get session by worktree path
- *
- * @param {string} worktreePath - Absolute path to the worktree
- * @returns {Promise<object|null>} Session object or null if not found
- */
-function getSessionByWorktreePath(worktreePath) {
-  const db = getDb();
-
-  return new Promise((resolve, reject) => {
-    db.get(
-      `SELECT * FROM worktree_sessions WHERE worktree_path = ?`,
-      [worktreePath],
-      (err, row) => {
-        if (err) {
-          // Provide user-friendly error messages
-          if (err.code === 'SQLITE_BUSY') {
-            return reject(new Error('Database is locked. Please try again in a moment.'));
-          } else if (err.code === 'SQLITE_CORRUPT') {
-            return reject(new Error('Database is corrupted. Please run: jettypod init --reset'));
-          } else if (err.code === 'SQLITE_CANTOPEN') {
-            return reject(new Error('Cannot open database. Run: jettypod init'));
-          }
-          console.error('Database error in getSessionByWorktreePath:', err);
-          return reject(new Error(`Failed to get worktree session: ${err.message}`));
-        }
-        resolve(row || null);
-      }
-    );
-  });
-}
-
-/**
- * Get all active worktree sessions
- *
- * @returns {Promise<Array>} Array of session objects
- */
-function getAllActiveSessions() {
-  const db = getDb();
-
-  return new Promise((resolve, reject) => {
-    db.all(
-      `SELECT * FROM worktree_sessions ORDER BY last_activity DESC`,
-      [],
-      (err, rows) => {
-        if (err) {
-          // Provide user-friendly error messages
-          if (err.code === 'SQLITE_BUSY') {
-            return reject(new Error('Database is locked. Please try again in a moment.'));
-          } else if (err.code === 'SQLITE_CORRUPT') {
-            return reject(new Error('Database is corrupted. Please run: jettypod init --reset'));
-          } else if (err.code === 'SQLITE_CANTOPEN') {
-            return reject(new Error('Cannot open database. Run: jettypod init'));
-          }
-          console.error('Database error in getAllActiveSessions:', err);
-          return reject(new Error(`Failed to get active sessions: ${err.message}`));
-        }
-        resolve(rows || []);
-      }
-    );
-  });
-}
-
-/**
- * Delete session by worktree path
- *
- * @param {string} worktreePath - Absolute path to the worktree
- * @returns {Promise<void>}
- */
-function deleteSession(worktreePath) {
-  const db = getDb();
-
-  return new Promise((resolve, reject) => {
-    db.run(
-      `DELETE FROM worktree_sessions WHERE worktree_path = ?`,
-      [worktreePath],
-      (err) => {
-        if (err) {
-          // Provide user-friendly error messages
-          if (err.code === 'SQLITE_BUSY') {
-            return reject(new Error('Database is locked. Please try again in a moment.'));
-          } else if (err.code === 'SQLITE_CORRUPT') {
-            return reject(new Error('Database is corrupted. Please run: jettypod init --reset'));
-          } else if (err.code === 'SQLITE_CANTOPEN') {
-            return reject(new Error('Cannot open database. Run: jettypod init'));
-          } else if (err.code === 'SQLITE_READONLY') {
-            return reject(new Error('Database is read-only. Check file permissions.'));
-          }
-          console.error('Database error in deleteSession:', err);
-          return reject(new Error(`Failed to delete worktree session: ${err.message}`));
-        }
-        resolve();
-      }
-    );
-  });
-}
-
-/**
- * Delete session by work item ID
- *
- * @param {number} workItemId - ID of the work item
- * @returns {Promise<void>}
- */
-function deleteSessionByWorkItem(workItemId) {
-  const db = getDb();
-
-  return new Promise((resolve, reject) => {
-    db.run(
-      `DELETE FROM worktree_sessions WHERE work_item_id = ?`,
-      [workItemId],
-      (err) => {
-        if (err) {
-          // Provide user-friendly error messages
-          if (err.code === 'SQLITE_BUSY') {
-            return reject(new Error('Database is locked. Please try again in a moment.'));
-          } else if (err.code === 'SQLITE_CORRUPT') {
-            return reject(new Error('Database is corrupted. Please run: jettypod init --reset'));
-          } else if (err.code === 'SQLITE_CANTOPEN') {
-            return reject(new Error('Cannot open database. Run: jettypod init'));
-          } else if (err.code === 'SQLITE_READONLY') {
-            return reject(new Error('Database is read-only. Check file permissions.'));
-          }
-          console.error('Database error in deleteSessionByWorkItem:', err);
-          return reject(new Error(`Failed to delete session by work item: ${err.message}`));
-        }
-        resolve();
-      }
-    );
-  });
-}
-
-module.exports = {
-  createOrUpdateSession,
-  getSessionByWorktreePath,
-  getAllActiveSessions,
-  deleteSession,
-  deleteSessionByWorkItem
-};