kandev 0.49.0 → 0.51.0

package/dist/service/templates.js

@@ -0,0 +1,189 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MANAGED_MARKER_TEXT = void 0;
+exports.looksLikeManagedUnit = looksLikeManagedUnit;
+exports.renderSystemdUnit = renderSystemdUnit;
+exports.renderLaunchdPlist = renderLaunchdPlist;
+const node_os_1 = __importDefault(require("node:os"));
+const node_path_1 = __importDefault(require("node:path"));
+// User-mode PATH includes ~/.local/bin so user-installed agent CLIs (npm user
+// prefix, pipx, fnm, etc.) are discoverable.
+const SYSTEMD_SYSTEM_PATH = "/usr/local/bin:/usr/bin:/bin:/opt/homebrew/bin:/home/linuxbrew/.linuxbrew/bin";
+const SYSTEMD_USER_PATH = `%h/.local/bin:${SYSTEMD_SYSTEM_PATH}`;
+const LAUNCHD_SYSTEM_PATH = "/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin";
+const launchdUserPath = () => `${node_os_1.default.homedir()}/.local/bin:${LAUNCHD_SYSTEM_PATH}`;
+// Prepend the launcher node's bin dir so `npm`/`npx` resolve under per-user
+// node managers (fnm, nvm, asdf, volta, mise), where node lives in a versioned
+// subdirectory not covered by the system PATH. ExecStart already points at this
+// node, so its parent dir is exactly where the matching npm/npx live — without
+// this, npx-based ACP agents (claude, codex, opencode) fail to spawn.
+//
+// The isAbsolute guard exists because `path.dirname` on POSIX returns `'.'`
+// for a path with no `/` separator (e.g. a Windows-style `C:\…\node.exe`
+// passed through). Prepending `.` would put CWD ahead of system dirs in the
+// daemon's PATH — a privilege-escalation footgun. Production callers always
+// pass `process.execPath` (absolute on Linux/macOS), so the guard only kicks
+// in for non-POSIX or relative inputs from future callers / tests.
+function pathWithNodeBinDir(basePath, nodePath) {
+    const nodeBinDir = node_path_1.default.dirname(nodePath);
+    if (!node_path_1.default.isAbsolute(nodeBinDir))
+        return basePath;
+    const parts = basePath.split(":");
+    if (parts.includes(nodeBinDir))
+        return basePath;
+    return `${nodeBinDir}:${basePath}`;
+}
+/**
+ * Marker substring baked into every unit/plist kandev writes. Used to safely
+ * detect "this file is ours, overwriting is fine" vs "user has put something
+ * else here, warn loudly before replacing".
+ */
+exports.MANAGED_MARKER_TEXT = "managed by kandev";
+const SYSTEMD_MARKER = `# ${exports.MANAGED_MARKER_TEXT} — regenerated by \`kandev service install\``;
+const PLIST_MARKER = `<!-- ${exports.MANAGED_MARKER_TEXT} — regenerated by \`kandev service install\` -->`;
+function looksLikeManagedUnit(content) {
+    return content.includes(exports.MANAGED_MARKER_TEXT);
+}
+/**
+ * Render a systemd unit file for kandev.
+ *
+ * The unit hard-codes absolute paths so it works without a user PATH. We pass
+ * `--headless` so the daemon doesn't try to open a browser. KANDEV_BUNDLE_DIR /
+ * KANDEV_VERSION are surfaced only when present (Homebrew installs only) so
+ * `npm i -g` installs don't get spurious env vars.
+ */
+function renderSystemdUnit(input) {
+    const basePath = input.mode === "system" ? SYSTEMD_SYSTEM_PATH : SYSTEMD_USER_PATH;
+    const env = [
+        envLine("KANDEV_HOME_DIR", input.homeDir),
+        envLine("KANDEV_LOG_LEVEL", "info"),
+        envLine("PATH", pathWithNodeBinDir(basePath, input.launcher.nodePath)),
+    ];
+    if (input.port !== undefined) {
+        env.push(envLine("KANDEV_SERVER_PORT", String(input.port)));
+    }
+    if (input.launcher.bundleDir) {
+        env.push(envLine("KANDEV_BUNDLE_DIR", input.launcher.bundleDir));
+    }
+    if (input.launcher.version) {
+        env.push(envLine("KANDEV_VERSION", input.launcher.version));
+    }
+    const wantedBy = input.mode === "system" ? "multi-user.target" : "default.target";
+    const userLine = input.mode === "system" && input.systemUser ? `User=${input.systemUser}\n` : "";
+    const exec = `${quoteForUnit(input.launcher.nodePath)} ${quoteForUnit(input.launcher.cliEntry)} --headless`;
+    return `${SYSTEMD_MARKER}
+[Unit]
+Description=Kandev autonomous agent platform
+Documentation=https://github.com/kdlbs/kandev
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+ExecStart=${exec}
+${userLine}${env.join("\n")}
+Restart=on-failure
+RestartSec=5s
+KillMode=mixed
+TimeoutStopSec=30s
+
+[Install]
+WantedBy=${wantedBy}
+`;
+}
+/**
+ * Render a launchd plist for kandev.
+ *
+ * launchd has no equivalent to systemd's enable-linger: a user agent only runs
+ * while the user is logged in. For a Mac-as-server scenario, use --system to
+ * get a LaunchDaemon that runs at boot regardless of login.
+ */
+function renderLaunchdPlist(input) {
+    const basePath = input.mode === "system" ? LAUNCHD_SYSTEM_PATH : launchdUserPath();
+    const envEntries = [
+        ["KANDEV_HOME_DIR", input.homeDir],
+        ["KANDEV_LOG_LEVEL", "info"],
+        ["PATH", pathWithNodeBinDir(basePath, input.launcher.nodePath)],
+    ];
+    if (input.port !== undefined) {
+        envEntries.push(["KANDEV_SERVER_PORT", String(input.port)]);
+    }
+    if (input.launcher.bundleDir) {
+        envEntries.push(["KANDEV_BUNDLE_DIR", input.launcher.bundleDir]);
+    }
+    if (input.launcher.version) {
+        envEntries.push(["KANDEV_VERSION", input.launcher.version]);
+    }
+    const envXml = envEntries
+        .map(([k, v]) => `      <key>${escapeXml(k)}</key>\n      <string>${escapeXml(v)}</string>`)
+        .join("\n");
+    const args = [input.launcher.nodePath, input.launcher.cliEntry, "--headless"];
+    const argsXml = args.map((a) => `    <string>${escapeXml(a)}</string>`).join("\n");
+    // For system-mode LaunchDaemons, run as a specific user instead of root.
+    // For user agents this directive is omitted — the agent already runs as
+    // the loading user.
+    const userBlock = input.mode === "system" && input.systemUser
+        ? `  <key>UserName</key>\n  <string>${escapeXml(input.systemUser)}</string>\n`
+        : "";
+    return `<?xml version="1.0" encoding="UTF-8"?>
+${PLIST_MARKER}
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+  <key>Label</key>
+  <string>com.kdlbs.kandev</string>
+  <key>ProgramArguments</key>
+  <array>
+${argsXml}
+  </array>
+  <key>EnvironmentVariables</key>
+  <dict>
+${envXml}
+  </dict>
+${userBlock}  <key>RunAtLoad</key>
+  <true/>
+  <key>KeepAlive</key>
+  <true/>
+  <key>StandardOutPath</key>
+  <string>${escapeXml(`${input.logDir}/service.out`)}</string>
+  <key>StandardErrorPath</key>
+  <string>${escapeXml(`${input.logDir}/service.err`)}</string>
+  <key>WorkingDirectory</key>
+  <string>${escapeXml(input.homeDir)}</string>
+</dict>
+</plist>
+`;
+}
+function escapeXml(value) {
+    return value
+        .replace(/&/g, "&amp;")
+        .replace(/</g, "&lt;")
+        .replace(/>/g, "&gt;")
+        .replace(/"/g, "&quot;")
+        .replace(/'/g, "&apos;");
+}
+// systemd unit "Environment=" lines can contain spaces by wrapping in double quotes.
+// ExecStart needs special handling for spaces too — paths with spaces must be
+// double-quoted per systemd.unit(5). Escape backslashes before double-quotes so
+// a literal `\` in a path is preserved instead of merging with the following
+// character into an escape sequence.
+function quoteForUnit(value) {
+    if (!/[\s"\\]/.test(value))
+        return value;
+    const escaped = value.replace(/\\/g, "\\\\").replace(/"/g, '\\"');
+    return `"${escaped}"`;
+}
+// Render a systemd `Environment=KEY=value` line, quoting the whole assignment
+// when the value contains whitespace, double-quote, or backslash. Without
+// quoting, systemd splits the line on the first space and treats subsequent
+// tokens as separate KEY=value pairs — which silently corrupts paths like
+// `/home/john doe/.kandev`.
+function envLine(key, value) {
+    if (!/[\s"\\]/.test(value))
+        return `Environment=${key}=${value}`;
+    const escaped = value.replace(/\\/g, "\\\\").replace(/"/g, '\\"');
+    return `Environment="${key}=${escaped}"`;
+}

package/dist/shared.js

@@ -5,12 +5,18 @@
  * This module extracts common patterns used across different launch modes
  * to reduce duplication and ensure consistent behavior.
  */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.pickPorts = pickPorts;
 exports.buildBackendEnv = buildBackendEnv;
 exports.buildWebEnv = buildWebEnv;
+exports.listHostNetworkAddresses = listHostNetworkAddresses;
 exports.logStartupInfo = logStartupInfo;
+exports.networkUrlsForPort = networkUrlsForPort;
 exports.attachBackendExitHandler = attachBackendExitHandler;
+const node_os_1 = __importDefault(require("node:os"));
 const constants_1 = require("./constants");
 const ports_1 = require("./ports");
 /**
@@ -80,31 +86,110 @@ function buildWebEnv(options) {
         // URLs like `https://host:38429/...` that aren't reachable behind a
         // reverse proxy / ingress / Cloudflare tunnel.
         env.NEXT_PUBLIC_KANDEV_API_PORT = String(ports.backendPort);
+        // Auto-allow the host's own LAN / VPN addresses so a dev hitting the dev
+        // server from another device on the same network (Tailscale, LAN IP, WSL
+        // mirrored mode, etc.) passes Next.js's allowedDevOrigins check and HMR
+        // works. The user can still extend the list via NEXT_ALLOWED_DEV_ORIGINS.
+        // Skip the assignment when there's nothing to add — keeps the env clean
+        // for the loopback-only case.
+        const merged = mergeAllowedDevOrigins(process.env.NEXT_ALLOWED_DEV_ORIGINS, listHostNetworkAddresses());
+        if (merged)
+            env.NEXT_ALLOWED_DEV_ORIGINS = merged;
     }
     if (debug) {
         env.NEXT_PUBLIC_KANDEV_DEBUG = "true";
     }
     return env;
 }
+/**
+ * Returns the host's non-loopback, non-internal IPv4/IPv6 addresses. Used to
+ * auto-populate Next.js `allowedDevOrigins` so the dev server accepts
+ * connections from LAN / Tailscale / SSH-forwarded clients.
+ */
+function listHostNetworkAddresses() {
+    const v4 = [];
+    const v6 = [];
+    const seen = new Set();
+    const interfaces = node_os_1.default.networkInterfaces();
+    for (const addrs of Object.values(interfaces)) {
+        if (!addrs)
+            continue;
+        for (const addr of addrs) {
+            if (addr.internal)
+                continue;
+            // Skip link-local IPv6 (fe80::/10) and link-local IPv4 (169.254.0.0/16,
+            // RFC 3927) — neither is reachable from a remote machine, and the
+            // 169.254 range in particular is what Hyper-V assigns to its phantom
+            // WSL adapter, which clutters the startup output. The regex covers the
+            // full /10 (fe80::–febf::); OS stacks only assign fe80::/64 in practice
+            // but a stricter check is the same effort and removes the surprise.
+            if (addr.family === "IPv6" && /^fe[89ab]/i.test(addr.address))
+                continue;
+            if (addr.family === "IPv4" && addr.address.startsWith("169.254."))
+                continue;
+            if (seen.has(addr.address))
+                continue;
+            seen.add(addr.address);
+            if (addr.family === "IPv4")
+                v4.push(addr.address);
+            else
+                v6.push(addr.address);
+        }
+    }
+    // IPv4 first — LAN + Tailscale IPv4 are what people usually want.
+    return [...v4, ...v6];
+}
+function mergeAllowedDevOrigins(existing, extra) {
+    const set = new Set();
+    if (existing) {
+        for (const s of existing.split(",")) {
+            const trimmed = s.trim();
+            if (trimmed)
+                set.add(trimmed);
+        }
+    }
+    for (const s of extra)
+        set.add(s);
+    return [...set].join(",");
+}
 /**
  * Logs a unified startup info block to the console.
+ *
+ * Shows only the URL the user actually opens — start/run modes have the Go
+ * backend reverse-proxy Next.js on a single port, dev mode hits Next.js
+ * directly. The other port and the agentctl port are internal plumbing and
+ * would only mislead. Below the URL, lists the same port on each non-loopback
+ * interface (LAN, Tailscale) so a user opening the app remotely sees the
+ * right address.
  */
 function logStartupInfo(options) {
-    const { header, ports, dbPath, logLevel } = options;
-    const backendUrl = ports.backendUrl;
-    const webUrl = `http://localhost:${ports.webPort}`;
+    const { header, ports, primary = "backend", dbPath, logLevel } = options;
+    const primaryPort = primary === "web" ? ports.webPort : ports.backendPort;
+    const primaryUrl = `http://localhost:${primaryPort}`;
+    const networkHosts = listHostNetworkAddresses();
     console.log(`[kandev] ${header}`);
-    console.log("[kandev] backend:", backendUrl);
-    console.log("[kandev] web:", webUrl);
-    console.log("[kandev] agentctl port:", ports.agentctlPort);
-    console.log("[kandev] mcp url:", `${backendUrl}/mcp`);
+    console.log("[kandev] url:", primaryUrl);
+    for (const url of networkUrlsForPort(primaryPort, networkHosts)) {
+        console.log("[kandev]   network:", url);
+    }
+    console.log("[kandev] mcp:", `${ports.backendUrl}/mcp`);
     if (dbPath) {
-        console.log("[kandev] db path:", dbPath);
+        console.log("[kandev] db:", dbPath);
     }
     if (logLevel) {
         console.log("[kandev] log level:", logLevel);
     }
 }
+/**
+ * Builds `http://<host>:<port>` URLs from a list of host addresses, wrapping
+ * IPv6 addresses in brackets per RFC 3986.
+ */
+function networkUrlsForPort(port, hosts) {
+    return hosts.map((host) => {
+        const formatted = host.includes(":") ? `[${host}]` : host;
+        return `http://${formatted}:${port}`;
+    });
+}
 /**
  * Attaches a standardized exit handler to a backend process.
  *

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kandev",
-  "version": "0.49.0",
+  "version": "0.51.0",
   "private": false,
   "description": "Launcher for Kandev — manage tasks, orchestrate agents, review changes, and ship value",
   "license": "AGPL-3.0-only",
@@ -22,11 +22,11 @@
     "npm": ">=7"
   },
   "optionalDependencies": {
-    "@kdlbs/runtime-linux-x64": "0.49.0",
-    "@kdlbs/runtime-linux-arm64": "0.49.0",
-    "@kdlbs/runtime-darwin-x64": "0.49.0",
-    "@kdlbs/runtime-darwin-arm64": "0.49.0",
-    "@kdlbs/runtime-win32-x64": "0.49.0"
+    "@kdlbs/runtime-linux-x64": "0.51.0",
+    "@kdlbs/runtime-linux-arm64": "0.51.0",
+    "@kdlbs/runtime-darwin-x64": "0.51.0",
+    "@kdlbs/runtime-darwin-arm64": "0.51.0",
+    "@kdlbs/runtime-win32-x64": "0.51.0"
   },
   "dependencies": {
     "tar": "^7.5.11",