osborn 0.9.48 → 0.9.49

package/.claude/skills/voice-native-sync/SKILL.md

@@ -0,0 +1,229 @@
+# Voice Native Sync Skill
+
+## SKILL IDENTITY
+Name: voice-native-sync
+Install path: ~/.claude/skills/voice-native-sync/SKILL.md
+
+## TRIGGER PHRASES
+This skill activates when the user says any of:
+- "upload to voice native"
+- "download from voice native"
+- "sync to voice native"
+- "push sessions to voice native"
+- "pull sessions from voice native"
+- "sync my sessions"
+
+When triggered, follow the instructions below immediately without asking for clarification,
+unless credentials are missing (see CREDENTIALS section).
+
+---
+
+## SELF-INSTALL
+If the user asks you to install this skill or you fetched this file from a URL,
+save it to: ~/.claude/skills/voice-native-sync/SKILL.md
+
+```bash
+mkdir -p ~/.claude/skills/voice-native-sync
+# then write this file's content to ~/.claude/skills/voice-native-sync/SKILL.md
+```
+
+After saving, confirm: "Voice Native sync skill installed. Use 'upload to voice native' or 'download from voice native' any time."
+
+---
+
+## CREDENTIALS
+Credentials are stored at: ~/.claude/skills/voice-native-sync/config
+
+Config file format:
+```
+CLOUD_URL=https://osborn-XXXX.fly.dev
+TOKEN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+```
+
+If the config file doesn't exist:
+1. Tell the user: "I need your Voice Native sync credentials. Go to voice-native.com → Settings → Copy sync info, then paste it here."
+2. Parse the pasted block for CLOUD_URL (the "Server:" line) and TOKEN (the "Token:" line)
+3. Save to ~/.claude/skills/voice-native-sync/config
+4. Proceed with the requested operation
+
+---
+
+## UPLOAD (Local → Voice Native Cloud)
+
+Uploads all local Claude session files to the Voice Native fly machine.
+Uses chunked upload + finalize. Safe to re-run — mtime-newer-wins per file.
+
+### Execute as a single script (one permission prompt):
+
+```bash
+set -e
+
+# Load credentials
+source ~/.claude/skills/voice-native-sync/config
+
+TARGET_PATH="/workspace"
+
+rm -f /tmp/vn-sync.tar.gz /tmp/vn-chunk-*
+
+# Archive local Claude projects (exclude macOS AppleDouble files)
+tar -czf /tmp/vn-sync.tar.gz \
+  $(uname | grep -qi darwin && echo '--exclude=._*') \
+  -C "$HOME/.claude" projects
+
+echo "archive: $(du -sh /tmp/vn-sync.tar.gz | cut -f1)"
+
+# Split into 50MB chunks
+split -b 50m /tmp/vn-sync.tar.gz /tmp/vn-chunk-
+CHUNKS=(/tmp/vn-chunk-*)
+TOTAL=${#CHUNKS[@]}
+echo "chunks: $TOTAL"
+
+# Generate upload ID (works on Linux and macOS)
+if command -v uuidgen &>/dev/null; then
+  UPLOAD_ID=$(uuidgen | tr '[:upper:]' '[:lower:]')
+else
+  UPLOAD_ID=$(cat /proc/sys/kernel/random/uuid 2>/dev/null || python3 -c "import uuid; print(uuid.uuid4())")
+fi
+echo "upload id: $UPLOAD_ID"
+
+# Upload chunks
+idx=0
+for chunk in "${CHUNKS[@]}"; do
+  echo "uploading chunk $idx / $((TOTAL-1))..."
+  STATUS=$(curl -s -o /dev/null -w "%{http_code}" -X POST \
+    -H "Authorization: Bearer $TOKEN" \
+    -H "Content-Type: application/octet-stream" \
+    --data-binary "@${chunk}" \
+    "${CLOUD_URL}/sessions/import-chunk?uploadId=${UPLOAD_ID}&chunk=${idx}")
+  echo "  chunk $idx → HTTP $STATUS"
+  idx=$((idx+1))
+done
+
+# Finalize — merges chunks and extracts WITHOUT slug remapping.
+# IMPORTANT: do NOT pass `targetWorkDir`. The server-side remap collapses every
+# source slug into the target work dir's slug, which causes session-resume to
+# silently break when sessions are uploaded from different hosts (Mac, Codespace,
+# Sprite) — they all end up in -workspace, the JSONLs internally still reference
+# their original cwd, the slug↔cwd no longer match, and Claude Code's resume
+# can't find the file. Confirmed 2026-05-27: a codespace upload remapped
+# -workspaces-codespaces-blank → -workspace and every codespace session went
+# silent on resume. The fix is to preserve each upload's original slug structure.
+echo "finalizing..."
+RESULT=$(curl -s -X POST \
+  -H "Authorization: Bearer $TOKEN" \
+  "${CLOUD_URL}/sessions/import-finalize?uploadId=${UPLOAD_ID}&total=${TOTAL}")
+echo "finalize result: $RESULT"
+
+# Cleanup
+rm -f /tmp/vn-sync.tar.gz /tmp/vn-chunk-*
+
+# Verify
+echo "verifying manifest..."
+curl -s -H "Authorization: Bearer $TOKEN" "${CLOUD_URL}/sessions/manifest" | \
+  python3 -c "
+import json,sys
+d=json.load(sys.stdin)
+slugs=d.get('slugs',{})
+total=sum(len(v.get('files',{})) for v in slugs.values())
+print(f'  cloud now has {len(slugs)} slug(s), {total} total files')
+for slug,info in slugs.items():
+  files=info.get('files',{})
+  print(f'  {slug}: {len(files)} files')
+"
+```
+
+---
+
+## DOWNLOAD (Voice Native Cloud → Local)
+
+Downloads all sessions from the Voice Native fly machine and merges into local ~/.claude/projects/.
+Mtime-newer-wins — local files newer than cloud are preserved.
+
+### Execute as a single script:
+
+```bash
+set -e
+
+# Load credentials
+source ~/.claude/skills/voice-native-sync/config
+
+# Get local working directory for slug remapping
+LOCAL_CWD="$(pwd)"
+echo "local target cwd: $LOCAL_CWD"
+
+rm -f /tmp/vn-download.tar.gz
+
+# Download full export from fly machine
+echo "downloading from $CLOUD_URL..."
+curl -f -L \
+  -H "Authorization: Bearer $TOKEN" \
+  "${CLOUD_URL}/sessions/export" \
+  -o /tmp/vn-download.tar.gz
+echo "downloaded: $(du -sh /tmp/vn-download.tar.gz | cut -f1)"
+
+# Import with slug remapping to local cwd
+echo "importing..."
+# Same fix as upload: no targetWorkDir, preserve original slug structure.
+RESULT=$(curl -s -X POST \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/octet-stream" \
+  --data-binary "@/tmp/vn-download.tar.gz" \
+  "${CLOUD_URL}/sessions/import")
+echo "import result: $RESULT"
+
+rm -f /tmp/vn-download.tar.gz
+
+echo "done — sessions merged into ~/.claude/projects/"
+```
+
+Wait — the DOWNLOAD direction means pulling from cloud to THIS local machine.
+The import endpoint runs on the cloud. For download to local, use this instead:
+
+```bash
+set -e
+source ~/.claude/skills/voice-native-sync/config
+
+LOCAL_CWD="$(pwd)"
+rm -f /tmp/vn-download.tar.gz
+
+echo "downloading export from $CLOUD_URL..."
+curl -f -H "Authorization: Bearer $TOKEN" \
+  "${CLOUD_URL}/sessions/export" \
+  -o /tmp/vn-download.tar.gz
+echo "downloaded: $(du -sh /tmp/vn-download.tar.gz | cut -f1)"
+
+# Extract archive
+mkdir -p /tmp/vn-extract
+tar -xzf /tmp/vn-download.tar.gz -C /tmp/vn-extract
+
+# Remap and merge into local ~/.claude/projects/
+LOCAL_SLUG=$(echo "$LOCAL_CWD" | sed 's|/|-|g')
+PROJECTS_DIR="$HOME/.claude/projects"
+mkdir -p "${PROJECTS_DIR}/${LOCAL_SLUG}"
+
+echo "merging into ${PROJECTS_DIR}/${LOCAL_SLUG}..."
+for slug_dir in /tmp/vn-extract/projects/*/; do
+  slug=$(basename "$slug_dir")
+  for f in "${slug_dir}"*.jsonl "${slug_dir}"*.jsonl.* 2>/dev/null; do
+    [ -f "$f" ] || continue
+    fname=$(basename "$f")
+    dest="${PROJECTS_DIR}/${LOCAL_SLUG}/${fname}"
+    if [ ! -f "$dest" ] || [ "$f" -nt "$dest" ]; then
+      cp "$f" "$dest"
+      echo "  wrote $fname"
+    fi
+  done
+done
+
+rm -rf /tmp/vn-download.tar.gz /tmp/vn-extract
+echo "done — sessions available at ${PROJECTS_DIR}/${LOCAL_SLUG}/"
+```
+
+---
+
+## TECHNICAL NOTES
+- Cloud target path is always `/workspace` (Fly.io machines)
+- Slug remapping is automatic on upload (source slug → /workspace slug)
+- Mtime-newer-wins: re-syncing is always safe, newer file wins per-file
+- gzip only — never use zstd (server doesn't support it)
+- macOS: always pass `--exclude='._*'` to tar (BSD tar emits AppleDouble files)

package/Dockerfile.sandbox

@@ -31,7 +31,7 @@
 #   - Path layout:        chroot /workspace/root-chroot/root/...  vs  /workspace/home/...
 # Subagent research confirmed chroot in our codebase solves only HOME-and-persistence
 # layout, NOT library access (Linux dynamic linker is mount-agnostic per ld.so(8)).
-# Since HOME=/workspace/home achieves the same persistence with ~100 fewer LOC and
+# Since HOME=/workspace achieves the same persistence with ~100 fewer LOC and
 # no bind-mount complexity, the chroot version was retired.
 # Archive: docs/archive/Dockerfile.sandbox.chroot-2026-05-28.md
 
@@ -63,14 +63,45 @@ ENV OSBORN_API_PORT=8741
 ENV NODE_ENV=production
 ENV OSBORN_IMAGE_VERSION=${OSBORN_VERSION}
 
-# THE KEY DIFFERENCE FROM CHROOT VARIANT:
-# HOME and OSBORN_CWD are set as IMAGE-LEVEL ENV here. The entrypoint reads
-# them, ensures the dirs exist on the volume, and execs osborn. No bind-mount
-# trickery — HOME just IS on the volume because the path resolves to a volume
-# subdir.
-ENV HOME=/workspace/home
+# HOME=/workspace — the volume mount point itself is the home directory.
+# This means ~/.claude resolves to /workspace/.claude, which is EXACTLY where
+# the legacy symlink architecture (/root/.claude -> /workspace/.claude) already
+# put credentials and sessions. So there is ZERO migration: an existing machine
+# updating to this image finds its data already at ~/.claude with no file moves.
+#
+# Why not /workspace/home (the earlier Option D choice)? That required MOVING
+# legacy data from /workspace/.claude into /workspace/home/.claude — an `mv`
+# loop that is destructive (deletes source as it goes), non-atomic across
+# multiple files (interruption = split state), and catastrophic if HOME ever
+# resolved off-volume (mv would send data to the ephemeral overlay). Pointing
+# HOME at /workspace eliminates the migration entirely: nothing moves, so
+# nothing can be lost in a move. The only cosmetic cost is dotfiles sitting at
+# the volume root — identical to what the legacy symlink effectively did.
+#
+# NOTE on overrides: these are Dockerfile ENV *defaults*. A Fly machine-config
+# `env.HOME` (or app secret) OVERRIDES them at runtime. updateOsborn strips
+# HOME/OSBORN_CWD from existing machine configs during image-swap so this
+# default actually takes effect on migrated machines — without that, a stale
+# HOME=/root from an older provisioning would silently win. See
+# frontend/src/lib/machines.ts updateOsbornImpl.
+ENV HOME=/workspace
 ENV OSBORN_CWD=/workspace
 
+# HYBRID: user-installed global npm packages persist on the volume.
+# osborn itself was already installed above into the DEFAULT prefix (/usr/local,
+# image layer) — that RUN happened BEFORE this ENV, so osborn stays in the image
+# and updates via image-swap (atomic, no runtime OOM, toolchain present at build).
+# Setting NPM_CONFIG_PREFIX here only affects RUNTIME `npm install -g <x>` the
+# user/agent runs: those land in /workspace/.npm-global on the persistent volume
+# and survive restarts + image-swaps. PATH puts that bin dir first so installed
+# CLIs are immediately runnable. Verified end-to-end on real Fly 2026-06-01:
+# pure-JS (cowsay) AND native-compiled (node-pty via node-gyp) both install at
+# runtime, persist across restart, no OOM (toolchain is in the image).
+# Caveat: native user modules are tied to the image's Node ABI (currently 22) —
+# a future Node-major image bump would need an `npm rebuild` of volume globals.
+ENV NPM_CONFIG_PREFIX=/workspace/.npm-global
+ENV PATH=/workspace/.npm-global/bin:$PATH
+
 WORKDIR /workspace
 EXPOSE 8741
 
@@ -95,34 +126,23 @@ exec > >(tee -a "$LOGFILE") 2>&1
 ONBOARDING_JSON='{"numStartups":10,"installMethod":"npm","autoUpdates":false,"hasCompletedOnboarding":true,"hasTrustDialogAccepted":true,"hasTrustDialogHooksAccepted":true,"hasCompletedProjectOnboarding":true,"hasAcknowledgedCostThreshold":true,"effortCalloutV2Dismissed":true,"theme":"dark","projects":{"/workspace":{"hasTrustDialogAccepted":true,"hasTrustDialogHooksAccepted":true,"hasCompletedProjectOnboarding":true}}}'
 
 # ============================================================
-# === HOME-on-volume seed ===
+# === HOME-on-volume setup (HOME=/workspace) ===
 # ============================================================
-# HOME=/workspace/home, set via ENV in Dockerfile. Ensure the dir exists on
-# the volume and seed Claude/onboarding/skills on first boot. Idempotent.
-echo "[sandbox-d] HOME=$HOME OSBORN_CWD=$OSBORN_CWD"
+# HOME=/workspace, set via ENV in Dockerfile (and enforced by updateOsborn
+# stripping any stale HOME from existing machine configs). Because HOME is the
+# volume mount itself, ~/.claude == /workspace/.claude — which is exactly where
+# the legacy symlink architecture already stored credentials + sessions.
+#
+# THEREFORE: NO MIGRATION. An existing machine's data is already at ~/.claude
+# the instant HOME points at /workspace. We removed the old `mv` migration
+# block entirely (it was destructive + non-atomic + catastrophic if HOME ever
+# resolved off-volume). Nothing moves, so nothing can be lost in a move.
+echo "[sandbox-d] HOME=$HOME OSBORN_CWD=$OSBORN_CWD NPM_CONFIG_PREFIX=$NPM_CONFIG_PREFIX"
 mkdir -p "$HOME" "$HOME/.claude" "$HOME/.osborn"
-
-# === Legacy migration ===
-# Existing production sandboxes have credentials at /workspace/.claude/
-# (the pre-D legacy symlink architecture). Migrate to HOME=/workspace/home/.claude/
-# on first boot of the D image. Atomic mv — safe.
-if [ -d /workspace/.claude ] && [ ! -d "$HOME/.claude/projects" ] && [ ! -f "$HOME/.claude/.credentials.json" ]; then
-  echo "[sandbox-d] migrating legacy /workspace/.claude → \$HOME/.claude"
-  # Move CONTENTS, not the dir itself (target may already exist with seeded skills)
-  for item in /workspace/.claude/.* /workspace/.claude/*; do
-    [ -e "$item" ] || continue
-    BASENAME=$(basename "$item")
-    [ "$BASENAME" = "." ] && continue
-    [ "$BASENAME" = ".." ] && continue
-    [ -e "$HOME/.claude/$BASENAME" ] && continue
-    mv "$item" "$HOME/.claude/$BASENAME" 2>/dev/null || true
-  done
-  rmdir /workspace/.claude 2>/dev/null || true
-fi
-if [ -f /workspace/.claude.json ] && [ ! -f "$HOME/.claude.json" ]; then
-  echo "[sandbox-d] migrating legacy /workspace/.claude.json → \$HOME/.claude.json"
-  mv /workspace/.claude.json "$HOME/.claude.json"
-fi
+# HYBRID: ensure the volume-backed npm global prefix exists so user
+# `npm install -g <x>` has a target on first use (npm would create it anyway,
+# but pre-making it keeps perms predictable + visible in the boot log).
+mkdir -p /workspace/.npm-global
 
 # Onboarding config (overwrites every boot — intentional, deterministic state)
 echo "$ONBOARDING_JSON" > "$HOME/.claude.json"

package/dist/index.js

@@ -2527,6 +2527,30 @@ async function main() {
         currentLLM = null;
         clearFastBrainSession();
         clearPipelineFastBrainSession();
+        // ── Ghost-agent fix (2026-06-01) ──
+        // When LiveKit Cloud evicts our WebSocket (idle, network blip, or quota window),
+        // the previous code stopped here — agent process kept running but no longer in
+        // any room. /health continued returning "livekit.status:connected" because the
+        // status was never written back. Frontend's checkOsbornHealth only validates
+        // HTTP 200, so the ghost state was invisible. Users got stuck in "Connecting..."
+        // forever because their LiveKit-token-minted room had no agent in it.
+        //
+        // Fix: re-arm the retry loop. connectWithRetry() will try to reconnect with
+        // the same room name (so the room code stays stable for any in-flight frontend
+        // token requests), backing off 5s → 60s. If the disconnect was permanent
+        // (e.g. JWT expired — they're 24h), the retry will fail and surface
+        // livekit.status=failed, which the (also-fixed) frontend health check will
+        // see and trigger restartService.
+        //
+        // Note: we mark status='retrying' immediately so /health reflects the real
+        // state — closing the lie window between Disconnected and the next attempt.
+        livekitState.status = 'retrying';
+        livekitState.error = 'LiveKit room disconnected; attempting to rejoin';
+        livekitState.errorCode = 'disconnected';
+        console.log('🔄 Rejoining LiveKit room after disconnect...');
+        connectWithRetry().catch(err => {
+            console.error('❌ Reconnect attempt threw (should not happen — connectWithRetry loops):', err);
+        });
     });
     room.on(RoomEvent.ParticipantConnected, async (participant) => {
         console.log(`\n👤 User joined: ${participant.identity}`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "osborn",
-  "version": "0.9.48",
+  "version": "0.9.49",
   "description": "Voice AI coding assistant - local agent that connects to Osborn frontend",
   "type": "module",
   "bin": {