notioncode 0.1.0 → 0.1.2

package/lib/start.js

@@ -1,14 +1,20 @@
+import { createReadStream, existsSync, readFileSync, statSync } from 'node:fs';
+import http from 'node:http';
+import https from 'node:https';
 import path from 'node:path';
 import { spawn, spawnSync } from 'node:child_process';
-import { existsSync } from 'node:fs';
 import { fileURLToPath } from 'node:url';
 import { setTimeout as sleep } from 'node:timers/promises';
 
+import defaultBrowserId from 'default-browser-id';
+
 import { commandForPlatform } from './platform.js';
 import { ensureBridgeBinary } from './install.js';
+import { diagnoseTrustedLocalhostCert, ensureTrustedLocalhostCert } from './certs.js';
 
 const BRIDGE_HEALTH_URL = 'http://127.0.0.1:3456/healthz';
 const LOCAL_UI_URL = 'http://127.0.0.1:1420/';
+const LOCAL_UI_HTTPS_URL = 'https://localhost:1420/';
 const CLOUD_URL = process.env.NOCODE_CLOUD_URL || 'https://www.notioncode.live';
 
 function packageRootDir() {
@@ -20,10 +26,18 @@ function detectRuntimeRoot() {
     return process.env.NOCODE_RUNTIME_ROOT;
   }
 
+  const packageRoot = packageRootDir();
+  if (
+    existsSync(path.join(packageRoot, 'agent-runtime-server', 'package.json')) ||
+    existsSync(path.join(packageRoot, 'dist', 'index.html'))
+  ) {
+    return packageRoot;
+  }
+
   const candidates = [
-    path.resolve(packageRootDir(), '..', '..'),
+    path.resolve(packageRoot, '..', '..'),
     process.cwd(),
-    path.resolve(packageRootDir(), '..'),
+    path.resolve(packageRoot, '..'),
   ];
 
   for (const candidate of candidates) {
@@ -44,10 +58,34 @@ function spawnLogged(cmd, args, options = {}) {
   });
 }
 
+function requestReady(url, options = {}) {
+  const target = new URL(url);
+  const client = target.protocol === 'https:' ? https : http;
+
+  return new Promise((resolve, reject) => {
+    const request = client.request(
+      target,
+      {
+        method: 'GET',
+        ...(target.protocol === 'https:' ? { rejectUnauthorized: options.rejectUnauthorized !== false } : {}),
+      },
+      (response) => {
+        response.resume();
+        resolve(response.statusCode >= 200 && response.statusCode < 400);
+      }
+    );
+
+    request.on('error', reject);
+    request.setTimeout(2_000, () => {
+      request.destroy(new Error(`Timed out waiting for ${url}`));
+    });
+    request.end();
+  });
+}
+
 async function isReady(url) {
   try {
-    const response = await fetch(url, { method: 'GET' });
-    return response.ok;
+    return await requestReady(url);
   } catch {
     return false;
   }
@@ -58,9 +96,9 @@ async function waitFor(url, timeoutMs, label) {
   let lastError = null;
   while (Date.now() < deadline) {
     try {
-      const response = await fetch(url, { method: 'GET' });
-      if (response.ok) return;
-      lastError = new Error(`${label} returned ${response.status}`);
+      const ready = await requestReady(url);
+      if (ready) return;
+      lastError = new Error(`${label} returned a non-ready response`);
     } catch (error) {
       lastError = error;
     }
@@ -69,6 +107,26 @@ async function waitFor(url, timeoutMs, label) {
   throw lastError || new Error(`${label} did not become ready.`);
 }
 
+async function verifyTrustedBridge(url) {
+  const deadline = Date.now() + 10_000;
+  let lastError = null;
+
+  while (Date.now() < deadline) {
+    try {
+      const ready = await requestReady(url, { rejectUnauthorized: true });
+      if (ready) {
+        return;
+      }
+      lastError = new Error(`Trusted bridge check returned a non-ready response for ${url}`);
+    } catch (error) {
+      lastError = error;
+    }
+    await sleep(300);
+  }
+
+  throw lastError || new Error(`Timed out verifying trusted bridge at ${url}`);
+}
+
 function openBrowser(url) {
   if (process.env.NOCODE_NO_OPEN === '1') return;
   if (process.platform === 'darwin') {
@@ -82,11 +140,169 @@ function openBrowser(url) {
   spawn(commandForPlatform('xdg-open'), [url], { stdio: 'ignore', detached: true }).unref();
 }
 
+function trimOutput(value) {
+  return typeof value === 'string' ? value.trim() : '';
+}
+
+function detectDefaultBrowser() {
+  if (process.env.NOCODE_DEFAULT_BROWSER?.trim()) {
+    return process.env.NOCODE_DEFAULT_BROWSER.trim();
+  }
+
+  try {
+    if (process.platform === 'darwin') {
+      const bundleId = defaultBrowserId();
+      if (bundleId) {
+        return trimOutput(bundleId);
+      }
+    }
+
+    if (process.platform === 'win32') {
+      const result = spawnSync(
+        'reg',
+        [
+          'query',
+          'HKCU\\Software\\Microsoft\\Windows\\Shell\\Associations\\UrlAssociations\\https\\UserChoice',
+          '/v',
+          'ProgId',
+        ],
+        { encoding: 'utf8' }
+      );
+      if (result.status === 0) {
+        return trimOutput(result.stdout);
+      }
+    }
+
+    const result = spawnSync('xdg-settings', ['get', 'default-web-browser'], {
+      encoding: 'utf8',
+    });
+    if (result.status === 0) {
+      return trimOutput(result.stdout);
+    }
+  } catch {
+    // Ignore detection failures and fall back to HTTP.
+  }
+
+  return '';
+}
+
+function isSafariDefaultBrowser(defaultBrowser) {
+  const normalized = defaultBrowser.toLowerCase();
+  return (
+    normalized.includes('com.apple.safari') ||
+    normalized.includes('safari.app') ||
+    normalized.includes('safari technology preview')
+  );
+}
+
+function shouldUseHttpsLocalUi() {
+  const explicit = process.env.NOCODE_LOCAL_UI_HTTPS?.trim().toLowerCase();
+  if (explicit === '1' || explicit === 'true' || explicit === 'https') {
+    return true;
+  }
+  if (explicit === '0' || explicit === 'false' || explicit === 'http') {
+    return false;
+  }
+
+  return isSafariDefaultBrowser(detectDefaultBrowser());
+}
+
 function hasLocalUiRepo() {
   const runtimeRoot = detectRuntimeRoot();
   return existsSync(path.join(runtimeRoot, 'package.json')) && existsSync(path.join(runtimeRoot, 'node_modules', 'vite', 'bin', 'vite.js'));
 }
 
+function hasBundledLocalUi(runtimeRoot) {
+  return existsSync(path.join(runtimeRoot, 'dist', 'index.html'));
+}
+
+function mimeTypeForPath(filePath) {
+  const ext = path.extname(filePath).toLowerCase();
+  switch (ext) {
+    case '.html':
+      return 'text/html; charset=utf-8';
+    case '.js':
+      return 'text/javascript; charset=utf-8';
+    case '.css':
+      return 'text/css; charset=utf-8';
+    case '.json':
+      return 'application/json; charset=utf-8';
+    case '.svg':
+      return 'image/svg+xml';
+    case '.png':
+      return 'image/png';
+    case '.jpg':
+    case '.jpeg':
+      return 'image/jpeg';
+    case '.webp':
+      return 'image/webp';
+    case '.woff2':
+      return 'font/woff2';
+    case '.txt':
+      return 'text/plain; charset=utf-8';
+    default:
+      return 'application/octet-stream';
+  }
+}
+
+function resolveStaticAssetPath(rootDir, requestUrl) {
+  const url = new URL(requestUrl, 'http://localhost');
+  const normalizedPath = decodeURIComponent(url.pathname);
+  const candidate = normalizedPath === '/'
+    ? path.join(rootDir, 'index.html')
+    : path.join(rootDir, normalizedPath.replace(/^\/+/, ''));
+
+  const normalizedRoot = `${path.resolve(rootDir)}${path.sep}`;
+  const resolvedCandidate = path.resolve(candidate);
+  if (resolvedCandidate !== path.resolve(rootDir, 'index.html') && !resolvedCandidate.startsWith(normalizedRoot)) {
+    return null;
+  }
+
+  if (existsSync(resolvedCandidate)) {
+    const stats = statSync(resolvedCandidate);
+    if (stats.isFile()) {
+      return resolvedCandidate;
+    }
+  }
+
+  if (!path.extname(normalizedPath)) {
+    return path.join(rootDir, 'index.html');
+  }
+
+  return null;
+}
+
+function startBundledLocalUiServer({ runtimeRoot, useHttpsLocalUi, localHttps, localUiHost }) {
+  const distRoot = path.join(runtimeRoot, 'dist');
+  const listener = (req, res) => {
+    const targetFile = resolveStaticAssetPath(distRoot, req.url || '/');
+    if (!targetFile || !existsSync(targetFile)) {
+      res.writeHead(404, { 'Content-Type': 'text/plain; charset=utf-8' });
+      res.end('Not found');
+      return;
+    }
+
+    res.writeHead(200, {
+      'Content-Type': mimeTypeForPath(targetFile),
+      'Cache-Control': targetFile.endsWith('index.html') ? 'no-cache' : 'public, max-age=31536000, immutable',
+    });
+    createReadStream(targetFile).pipe(res);
+  };
+
+  const server = useHttpsLocalUi
+      ? https.createServer(
+        {
+          cert: readFileSync(localHttps.certFile),
+          key: readFileSync(localHttps.keyFile),
+        },
+        listener
+      )
+    : http.createServer(listener);
+
+  server.listen(1420, localUiHost);
+  return server;
+}
+
 function hasCargoBridgeSource(runtimeRoot) {
   return existsSync(path.join(runtimeRoot, 'src-tauri', 'Cargo.toml'));
 }
@@ -98,15 +314,19 @@ function canUseCargo() {
   return result.status === 0;
 }
 
-function ensureSidecarInstallIfRepoPresent() {
-  const runtimeRoot = detectRuntimeRoot();
-  if (!existsSync(path.join(runtimeRoot, 'agent-runtime-server', 'package.json'))) {
+function ensureSidecarInstallIfPresent(runtimeRoot) {
+  const sidecarRoot = path.join(runtimeRoot, 'agent-runtime-server');
+  if (!existsSync(path.join(sidecarRoot, 'package.json'))) {
+    return;
+  }
+
+  if (existsSync(path.join(sidecarRoot, 'node_modules', '.package-lock.json'))) {
     return;
   }
 
   const npmCmd = commandForPlatform('npm');
-  const result = spawnSync(npmCmd, ['--prefix', 'agent-runtime-server', 'install'], {
-    cwd: runtimeRoot,
+  const result = spawnSync(npmCmd, ['install'], {
+    cwd: sidecarRoot,
     stdio: 'inherit',
   });
   if (result.status !== 0) {
@@ -114,32 +334,77 @@ function ensureSidecarInstallIfRepoPresent() {
   }
 }
 
+function hasBundledSidecar(runtimeRoot) {
+  return existsSync(path.join(runtimeRoot, 'agent-runtime-server', 'server', 'index.js'));
+}
+
+function ensureSidecarInstallIfRepoPresent() {
+  const runtimeRoot = detectRuntimeRoot();
+  if (!existsSync(path.join(runtimeRoot, 'agent-runtime-server', 'package.json'))) {
+    return;
+  }
+  ensureSidecarInstallIfPresent(runtimeRoot);
+}
+
 export async function startLocalCompanion(options = {}) {
   const runtimeRoot = detectRuntimeRoot();
   const requestedLocalUi = options.withLocalUi !== false;
-  const shouldStartLocalUi = requestedLocalUi && hasLocalUiRepo();
+  const shouldStartRepoLocalUi = requestedLocalUi && hasLocalUiRepo();
+  const shouldStartBundledLocalUi = requestedLocalUi && !shouldStartRepoLocalUi && hasBundledLocalUi(runtimeRoot);
+  const shouldStartLocalUi = shouldStartRepoLocalUi || shouldStartBundledLocalUi;
   const useCargoBridge = hasCargoBridgeSource(runtimeRoot) && canUseCargo();
-  const bridgeExecutable = useCargoBridge ? null : await ensureBridgeBinary(options.version);
+  const useHttpsLocalUi =
+    typeof options.localUiHttps === 'boolean' ? options.localUiHttps : shouldUseHttpsLocalUi();
+  const localUiUrl = useHttpsLocalUi ? LOCAL_UI_HTTPS_URL : LOCAL_UI_URL;
+  const localUiHost = useHttpsLocalUi ? 'localhost' : '127.0.0.1';
+  let localHttps = null;
+  let bundledLocalUiServer = null;
 
-  ensureSidecarInstallIfRepoPresent();
+  if (shouldStartLocalUi && useHttpsLocalUi) {
+    localHttps = await ensureTrustedLocalhostCert();
+  }
+
+  if (hasBundledSidecar(runtimeRoot)) {
+    ensureSidecarInstallIfPresent(runtimeRoot);
+  } else {
+    ensureSidecarInstallIfRepoPresent();
+  }
 
   let vite = null;
   if (shouldStartLocalUi) {
-    if (await isReady(LOCAL_UI_URL)) {
-      console.log('[notioncode] Reusing existing local UI on http://127.0.0.1:1420 .');
+    if (await isReady(localUiUrl)) {
+      console.log(`[notioncode] Reusing existing local UI on ${localUiUrl} .`);
     } else {
-      console.log('[notioncode] Starting local UI on http://127.0.0.1:1420 ...');
-      vite = spawnLogged(commandForPlatform('node'), ['node_modules/vite/bin/vite.js', '--host', '127.0.0.1'], {
-        cwd: runtimeRoot,
-        env: {
-          VITE_SINGLE_USER_MODE: 'true',
-        },
-      });
+      console.log(`[notioncode] Starting local UI on ${localUiUrl} ...`);
+      if (shouldStartRepoLocalUi) {
+        vite = spawnLogged(commandForPlatform('node'), ['node_modules/vite/bin/vite.js', '--host', localUiHost], {
+          cwd: runtimeRoot,
+          env: {
+            VITE_SINGLE_USER_MODE: 'true',
+            NOCODE_LOCAL_UI_USE_HTTPS: useHttpsLocalUi ? '1' : '0',
+            NOCODE_LOCAL_UI_HOST: localUiHost,
+            ...(localHttps
+              ? {
+                  NOCODE_LOCAL_UI_CERT_FILE: localHttps.certFile,
+                  NOCODE_LOCAL_UI_KEY_FILE: localHttps.keyFile,
+                }
+              : {}),
+          },
+        });
+      } else if (shouldStartBundledLocalUi) {
+        bundledLocalUiServer = startBundledLocalUiServer({
+          runtimeRoot,
+          useHttpsLocalUi,
+          localHttps,
+          localUiHost,
+        });
+      }
     }
   }
 
   let bridge = null;
-  if (await isReady(BRIDGE_HEALTH_URL)) {
+  const bridgeAlreadyReady = await isReady(BRIDGE_HEALTH_URL);
+  if (bridgeAlreadyReady) {
     console.log('[notioncode] Reusing existing bridge on http://127.0.0.1:3456 .');
   } else {
     console.log('[notioncode] Starting local bridge on http://127.0.0.1:3456 ...');
@@ -150,6 +415,7 @@ export async function startLocalCompanion(options = {}) {
         { cwd: runtimeRoot }
       );
     } else {
+      const bridgeExecutable = await ensureBridgeBinary(options.version);
       bridge = spawnLogged(bridgeExecutable, [], {
         cwd: runtimeRoot,
         env: {
@@ -162,6 +428,7 @@ export async function startLocalCompanion(options = {}) {
   const shutdown = (code = 0) => {
     vite?.kill('SIGTERM');
     bridge?.kill('SIGTERM');
+    bundledLocalUiServer?.close();
     setTimeout(() => process.exit(code), 250);
   };
 
@@ -180,15 +447,65 @@ export async function startLocalCompanion(options = {}) {
   const bridgeTimeoutMs = useCargoBridge ? 180_000 : 15_000;
   await waitFor(BRIDGE_HEALTH_URL, bridgeTimeoutMs, 'Bridge');
   if (shouldStartLocalUi) {
-    await waitFor(LOCAL_UI_URL, 15_000, 'Local UI');
+    await waitFor(localUiUrl, 15_000, 'Local UI');
+    if (useHttpsLocalUi) {
+      try {
+        await verifyTrustedBridge(localUiUrl);
+      } catch (error) {
+        throw new Error(
+          `Safari-compatible local bridge could not be initialized.\n\nReason:\n  ${error instanceof Error ? error.message : String(error)}\n\nFix:\n  Install mkcert and trust the local certificate authority, then rerun:\n  mkcert -install\n  npx notioncode start`
+        );
+      }
+    }
   }
 
   console.log('[notioncode] Ready.');
   console.log(`[notioncode] Cloud UI: ${CLOUD_URL}`);
   if (shouldStartLocalUi) {
-    console.log(`[notioncode] Local UI: ${LOCAL_UI_URL}`);
+    console.log(`[notioncode] Local UI: ${localUiUrl}`);
   }
-  const entryUrl = shouldStartLocalUi ? LOCAL_UI_URL : CLOUD_URL;
+  const entryUrl = CLOUD_URL;
   console.log(`[notioncode] Opening: ${entryUrl}`);
   openBrowser(entryUrl);
 }
+
+export async function runDoctor() {
+  const certs = diagnoseTrustedLocalhostCert();
+  const defaultBrowser = detectDefaultBrowser();
+  const useHttpsLocalUi = shouldUseHttpsLocalUi();
+  const checks = [
+    ['node', process.version],
+    ['platform', `${process.platform}/${process.arch}`],
+    ['default browser', defaultBrowser || 'unknown'],
+    ['local UI scheme', useHttpsLocalUi ? 'https' : 'http'],
+    ['mkcert', certs.mkcertInstalled ? 'installed' : 'missing'],
+    ['localhost cert', certs.certExists ? certs.certFile : 'missing'],
+    ['localhost key', certs.keyExists ? certs.keyFile : 'missing'],
+  ];
+
+  for (const [label, detail] of checks) {
+    console.log(`[OK] ${label}: ${detail}`);
+  }
+
+  const bridgeReady = await isReady(BRIDGE_HEALTH_URL);
+  console.log(`[${bridgeReady ? 'OK' : 'WARN'}] bridge healthz: ${bridgeReady ? BRIDGE_HEALTH_URL : 'not reachable'}`);
+
+  const selectedLocalUiUrl = useHttpsLocalUi ? LOCAL_UI_HTTPS_URL : LOCAL_UI_URL;
+  const localUiReachable = await isReady(selectedLocalUiUrl);
+  console.log(
+    `[${localUiReachable ? 'OK' : 'WARN'}] selected local UI: ${
+      localUiReachable ? selectedLocalUiUrl : 'not reachable'
+    }`
+  );
+
+  if (useHttpsLocalUi && localUiReachable) {
+    try {
+      await verifyTrustedBridge(LOCAL_UI_HTTPS_URL);
+      console.log(`[OK] trusted TLS: ${LOCAL_UI_HTTPS_URL}`);
+    } catch (error) {
+      console.log(
+        `[WARN] trusted TLS: ${error instanceof Error ? error.message : String(error)}`
+      );
+    }
+  }
+}

package/package.json

@@ -1,16 +1,22 @@
 {
   "name": "notioncode",
-  "version": "0.1.0",
-  "description": "Run the Notion Code local companion bridge and open the cloud UI.",
+  "version": "0.1.2",
+  "description": "Local companion runtime used by the `npx notioncode start` setup flow.",
   "type": "module",
   "license": "MIT",
+  "dependencies": {
+    "default-browser-id": "^5.0.1"
+  },
   "bin": {
-    "notioncode": "bin/nocode-local.js"
+    "notioncode": "bin/notioncode.js"
   },
   "files": [
+    "agent-runtime-server",
     "bin",
+    "dist",
     "lib",
-    "README.md"
+    "README.md",
+    "src"
   ],
   "publishConfig": {
     "access": "public"

package/src/shared/modelRegistry.d.ts

@@ -0,0 +1,24 @@
+export type AgentProvider = 'claude' | 'cursor' | 'codex' | 'gemini';
+
+export interface ModelOption {
+  value: string;
+  label: string;
+}
+
+export interface ModelConfig {
+  OPTIONS: ModelOption[];
+  DEFAULT: string;
+}
+
+export const CLAUDE_MODELS: ModelConfig;
+export const CURSOR_MODELS: ModelConfig;
+export const CODEX_MODELS: ModelConfig;
+export const GEMINI_MODELS: ModelConfig;
+
+export const MODEL_CONFIGS: Record<AgentProvider, ModelConfig>;
+
+export function getModelOptions(provider: AgentProvider): ModelOption[];
+export function getDefaultModel(provider: AgentProvider): string;
+export function isSupportedModel(provider: AgentProvider, value: string | null | undefined): boolean;
+export function migrateLegacyModel(provider: AgentProvider, value: string | null | undefined): string | null;
+export function normalizeModel(provider: AgentProvider, value: string | null | undefined): string;