palmier 0.2.0 → 0.2.2

package/dist/task.js

@@ -26,7 +26,8 @@ function parseTaskContent(content) {
     if (!frontmatter.id) {
         throw new Error("TASK.md frontmatter must include at least: id");
     }
-    frontmatter.command_line ??= "claude -p --dangerously-skip-permissions";
+    frontmatter.name ??= frontmatter.user_prompt?.slice(0, 60) ?? "";
+    frontmatter.agent ??= "claude";
     frontmatter.triggers_enabled ??= true;
     return { frontmatter, body };
 }
@@ -42,30 +43,65 @@ export function writeTaskFile(taskDir, task) {
     fs.writeFileSync(filePath, content, "utf-8");
 }
 /**
- * List all tasks from projectRoot/tasks/{id}/TASK.md.
+ * Append a task ID to the project-level tasks.jsonl file.
+ */
+export function appendTaskList(projectRoot, taskId) {
+    const listPath = path.join(projectRoot, "tasks.jsonl");
+    fs.appendFileSync(listPath, JSON.stringify({ task_id: taskId }) + "\n", "utf-8");
+}
+/**
+ * Remove a task ID from the project-level tasks.jsonl file.
+ * Returns true if the entry was found and removed.
+ */
+export function removeFromTaskList(projectRoot, taskId) {
+    const listPath = path.join(projectRoot, "tasks.jsonl");
+    if (!fs.existsSync(listPath))
+        return false;
+    const lines = fs.readFileSync(listPath, "utf-8").split("\n").filter(Boolean);
+    let found = false;
+    const remaining = [];
+    for (const line of lines) {
+        try {
+            const entry = JSON.parse(line);
+            if (entry.task_id === taskId) {
+                found = true;
+                continue;
+            }
+        }
+        catch { /* keep malformed lines */ }
+        remaining.push(line);
+    }
+    if (!found)
+        return false;
+    fs.writeFileSync(listPath, remaining.length > 0 ? remaining.join("\n") + "\n" : "", "utf-8");
+    return true;
+}
+/**
+ * List all tasks referenced in tasks.jsonl.
  */
 export function listTasks(projectRoot) {
-    const tasksDir = path.join(projectRoot, "tasks");
-    if (!fs.existsSync(tasksDir)) {
+    const listPath = path.join(projectRoot, "tasks.jsonl");
+    if (!fs.existsSync(listPath))
         return [];
-    }
-    const entries = fs.readdirSync(tasksDir, { withFileTypes: true });
+    const lines = fs.readFileSync(listPath, "utf-8").split("\n").filter(Boolean);
     const tasks = [];
-    for (const entry of entries) {
-        if (!entry.isDirectory())
-            continue;
-        const taskDir = path.join(tasksDir, entry.name);
-        const taskFile = path.join(taskDir, "TASK.md");
-        if (!fs.existsSync(taskFile))
+    for (const line of lines) {
+        let taskId;
+        try {
+            taskId = JSON.parse(line).task_id;
+        }
+        catch {
             continue;
+        }
+        const taskDir = getTaskDir(projectRoot, taskId);
         try {
             tasks.push(parseTaskFile(taskDir));
         }
         catch (err) {
-            console.error(`Warning: failed to parse task in ${taskDir}: ${err}`);
+            console.error(`Warning: failed to parse task ${taskId}: ${err}`);
         }
     }
-    return tasks;
+    return tasks.reverse();
 }
 /**
  * Get the directory path for a task by its ID.
@@ -73,4 +109,109 @@ export function listTasks(projectRoot) {
 export function getTaskDir(projectRoot, taskId) {
     return path.join(projectRoot, "tasks", taskId);
 }
+/**
+ * Get the creation time (birthtime) of a TASK.md file in ms since epoch.
+ */
+export function getTaskCreatedAt(taskDir) {
+    const filePath = path.join(taskDir, "TASK.md");
+    try {
+        return fs.statSync(filePath).birthtimeMs;
+    }
+    catch {
+        return 0;
+    }
+}
+/**
+ * Write task status to status.json in the task directory.
+ */
+export function writeTaskStatus(taskDir, status) {
+    const filePath = path.join(taskDir, "status.json");
+    fs.writeFileSync(filePath, JSON.stringify(status), "utf-8");
+}
+/**
+ * Read task status from status.json in the task directory.
+ * Returns undefined if the file doesn't exist.
+ */
+export function readTaskStatus(taskDir) {
+    const filePath = path.join(taskDir, "status.json");
+    try {
+        return JSON.parse(fs.readFileSync(filePath, "utf-8"));
+    }
+    catch {
+        return undefined;
+    }
+}
+/**
+ * Append a history entry to the project-level history.jsonl file.
+ */
+export function appendHistory(projectRoot, entry) {
+    const historyPath = path.join(projectRoot, "history.jsonl");
+    fs.appendFileSync(historyPath, JSON.stringify(entry) + "\n", "utf-8");
+}
+/**
+ * Delete a history entry and its associated result/task-snapshot files.
+ * Returns true if the entry was found and removed.
+ */
+export function deleteHistoryEntry(projectRoot, taskId, resultFile) {
+    const historyPath = path.join(projectRoot, "history.jsonl");
+    if (!fs.existsSync(historyPath))
+        return false;
+    const lines = fs.readFileSync(historyPath, "utf-8").split("\n").filter(Boolean);
+    let found = false;
+    const remaining = [];
+    for (const line of lines) {
+        try {
+            const entry = JSON.parse(line);
+            if (entry.task_id === taskId && entry.result_file === resultFile) {
+                found = true;
+                continue; // skip this entry
+            }
+        }
+        catch { /* keep malformed lines */ }
+        remaining.push(line);
+    }
+    if (!found)
+        return false;
+    // Rewrite history.jsonl without the deleted entry
+    fs.writeFileSync(historyPath, remaining.length > 0 ? remaining.join("\n") + "\n" : "", "utf-8");
+    // Delete the result file
+    const resultPath = path.join(projectRoot, "tasks", taskId, resultFile);
+    if (fs.existsSync(resultPath)) {
+        fs.unlinkSync(resultPath);
+    }
+    // Delete the corresponding task snapshot (TASK-<timestamp>.md)
+    const tsMatch = resultFile.match(/^RESULT-(\d+)\.md$/);
+    if (tsMatch) {
+        const snapshotFile = `TASK-${tsMatch[1]}.md`;
+        const snapshotPath = path.join(projectRoot, "tasks", taskId, snapshotFile);
+        if (fs.existsSync(snapshotPath)) {
+            fs.unlinkSync(snapshotPath);
+        }
+    }
+    return true;
+}
+/**
+ * Read history entries from history.jsonl with pagination.
+ * Returns entries sorted most-recent-first.
+ */
+export function readHistory(projectRoot, opts) {
+    const historyPath = path.join(projectRoot, "history.jsonl");
+    if (!fs.existsSync(historyPath))
+        return { entries: [], total: 0 };
+    const lines = fs.readFileSync(historyPath, "utf-8").split("\n").filter(Boolean);
+    let all = [];
+    for (const line of lines) {
+        try {
+            all.push(JSON.parse(line));
+        }
+        catch { /* skip malformed */ }
+    }
+    all.reverse();
+    if (opts.task_id) {
+        all = all.filter((e) => e.task_id === opts.task_id);
+    }
+    const offset = opts.offset ?? 0;
+    const limit = opts.limit ?? 10;
+    return { entries: all.slice(offset, offset + limit), total: all.length };
+}
 //# sourceMappingURL=task.js.map

package/dist/transports/http-transport.d.ts

@@ -0,0 +1,6 @@
+import type { HostConfig, RpcMessage } from "../types.js";
+/**
+ * Start the HTTP transport: Express-like server with RPC, SSE, and health endpoints.
+ */
+export declare function startHttpTransport(config: HostConfig, handleRpc: (req: RpcMessage) => Promise<unknown>): Promise<void>;
+//# sourceMappingURL=http-transport.d.ts.map

package/dist/transports/http-transport.js

@@ -0,0 +1,243 @@
+import * as http from "node:http";
+import * as os from "os";
+import { validateSession, hasSessions, addSession } from "../session-store.js";
+const pendingPairs = new Map();
+function detectLanIp() {
+    const interfaces = os.networkInterfaces();
+    for (const name of Object.keys(interfaces)) {
+        for (const iface of interfaces[name] ?? []) {
+            if (iface.family === "IPv4" && !iface.internal) {
+                return iface.address;
+            }
+        }
+    }
+    return "127.0.0.1";
+}
+/**
+ * Start the HTTP transport: Express-like server with RPC, SSE, and health endpoints.
+ */
+export async function startHttpTransport(config, handleRpc) {
+    const port = config.directPort ?? 7400;
+    const sseClients = new Set();
+    function broadcastSseEvent(data) {
+        const payload = `data: ${JSON.stringify(data)}\n\n`;
+        for (const client of sseClients) {
+            client.write(payload);
+        }
+    }
+    function setCorsHeaders(res) {
+        res.setHeader("Access-Control-Allow-Origin", "*");
+        res.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type");
+        res.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS");
+    }
+    function checkAuth(req) {
+        const auth = req.headers.authorization;
+        if (!auth || !auth.startsWith("Bearer "))
+            return false;
+        const token = auth.slice(7);
+        // Accept the original directToken or any valid session token
+        if (token === config.directToken)
+            return true;
+        if (hasSessions() && validateSession(token))
+            return true;
+        return false;
+    }
+    function extractSessionToken(req) {
+        const auth = req.headers.authorization;
+        if (!auth || !auth.startsWith("Bearer "))
+            return undefined;
+        return auth.slice(7);
+    }
+    function sendJson(res, status, body) {
+        res.writeHead(status, { "Content-Type": "application/json" });
+        res.end(JSON.stringify(body));
+    }
+    function readBody(req) {
+        return new Promise((resolve, reject) => {
+            const chunks = [];
+            req.on("data", (chunk) => chunks.push(chunk));
+            req.on("end", () => resolve(Buffer.concat(chunks).toString("utf-8")));
+            req.on("error", reject);
+        });
+    }
+    function isLocalhost(req) {
+        const addr = req.socket.remoteAddress;
+        return addr === "127.0.0.1" || addr === "::1" || addr === "::ffff:127.0.0.1";
+    }
+    const server = http.createServer(async (req, res) => {
+        setCorsHeaders(res);
+        // Handle CORS preflight
+        if (req.method === "OPTIONS") {
+            res.writeHead(204);
+            res.end();
+            return;
+        }
+        const url = new URL(req.url ?? "/", `http://localhost:${port}`);
+        const pathname = url.pathname;
+        // Internal event endpoint — localhost only, no auth
+        if (req.method === "POST" && pathname === "/internal/event") {
+            if (!isLocalhost(req)) {
+                sendJson(res, 403, { error: "localhost only" });
+                return;
+            }
+            try {
+                const body = await readBody(req);
+                const event = JSON.parse(body);
+                broadcastSseEvent(event);
+                sendJson(res, 200, { ok: true });
+            }
+            catch {
+                sendJson(res, 400, { error: "Invalid JSON" });
+            }
+            return;
+        }
+        // Internal pair-register endpoint — localhost only, long-poll
+        // The pair CLI posts here and blocks until paired or expired.
+        if (req.method === "POST" && pathname === "/internal/pair-register") {
+            if (!isLocalhost(req)) {
+                sendJson(res, 403, { error: "localhost only" });
+                return;
+            }
+            try {
+                const body = await readBody(req);
+                const { code, expiryMs } = JSON.parse(body);
+                if (!code) {
+                    sendJson(res, 400, { error: "Missing code" });
+                    return;
+                }
+                if (pendingPairs.has(code)) {
+                    sendJson(res, 409, { error: "Code already registered" });
+                    return;
+                }
+                const result = await new Promise((resolve) => {
+                    const timer = setTimeout(() => {
+                        pendingPairs.delete(code);
+                        resolve({ paired: false });
+                    }, expiryMs ?? 5 * 60 * 1000);
+                    pendingPairs.set(code, { resolve, timer });
+                    // Clean up if the CLI disconnects early
+                    req.on("close", () => {
+                        if (pendingPairs.has(code)) {
+                            clearTimeout(timer);
+                            pendingPairs.delete(code);
+                        }
+                    });
+                });
+                sendJson(res, 200, result);
+            }
+            catch {
+                sendJson(res, 400, { error: "Invalid JSON" });
+            }
+            return;
+        }
+        // Public pair endpoint — no auth required, PWA posts OTP code here
+        if (req.method === "POST" && pathname === "/pair") {
+            try {
+                const body = await readBody(req);
+                const { code, label } = JSON.parse(body);
+                if (!code) {
+                    sendJson(res, 400, { error: "Missing code" });
+                    return;
+                }
+                const pending = pendingPairs.get(code);
+                if (!pending) {
+                    sendJson(res, 401, { error: "Invalid code" });
+                    return;
+                }
+                // Create session and build response
+                const session = addSession(label);
+                const ip = detectLanIp();
+                const response = {
+                    hostId: config.hostId,
+                    sessionToken: session.token,
+                    directUrl: `http://${ip}:${port}`,
+                    directToken: config.directToken,
+                };
+                // Resolve the long-poll and clean up
+                clearTimeout(pending.timer);
+                pendingPairs.delete(code);
+                pending.resolve({ paired: true });
+                sendJson(res, 200, response);
+            }
+            catch {
+                sendJson(res, 400, { error: "Invalid JSON" });
+            }
+            return;
+        }
+        // All other endpoints require auth
+        if (!checkAuth(req)) {
+            sendJson(res, 401, { error: "Unauthorized" });
+            return;
+        }
+        // SSE event stream
+        if (req.method === "GET" && pathname === "/events") {
+            res.writeHead(200, {
+                "Content-Type": "text/event-stream",
+                "Cache-Control": "no-cache",
+                Connection: "keep-alive",
+                "Access-Control-Allow-Origin": "*",
+            });
+            res.write(":ok\n\n");
+            // Send heartbeat every 5 seconds
+            const heartbeat = setInterval(() => {
+                res.write("data: {\"heartbeat\":true}\n\n");
+            }, 5000);
+            sseClients.add(res);
+            req.on("close", () => {
+                clearInterval(heartbeat);
+                sseClients.delete(res);
+            });
+            return;
+        }
+        // RPC endpoint: POST /rpc/<method>
+        if (req.method === "POST" && pathname.startsWith("/rpc/")) {
+            const method = pathname.slice("/rpc/".length);
+            if (!method) {
+                sendJson(res, 400, { error: "Missing RPC method" });
+                return;
+            }
+            let params = {};
+            try {
+                const body = await readBody(req);
+                if (body.trim().length > 0) {
+                    params = JSON.parse(body);
+                }
+            }
+            catch {
+                sendJson(res, 400, { error: "Invalid JSON" });
+                return;
+            }
+            const sessionToken = extractSessionToken(req);
+            console.log(`[http] RPC: ${method}`);
+            try {
+                const response = await handleRpc({ method, params, sessionToken });
+                console.log(`[http] RPC done: ${method}`, JSON.stringify(response).slice(0, 200));
+                sendJson(res, 200, response);
+            }
+            catch (err) {
+                console.error(`[http] RPC error (${method}):`, err);
+                sendJson(res, 500, { error: String(err) });
+            }
+            return;
+        }
+        sendJson(res, 404, { error: "Not found" });
+    });
+    return new Promise((resolve, reject) => {
+        server.listen(port, () => {
+            console.log(`[http] Listening on port ${port}`);
+            console.log(`[http] SSE clients can connect to /events`);
+            // Graceful shutdown
+            const shutdown = () => {
+                console.log("[http] Shutting down...");
+                for (const client of sseClients) {
+                    client.end();
+                }
+                server.close(() => process.exit(0));
+            };
+            process.on("SIGINT", shutdown);
+            process.on("SIGTERM", shutdown);
+        });
+        server.on("error", reject);
+    });
+}
+//# sourceMappingURL=http-transport.js.map

package/dist/transports/nats-transport.d.ts

@@ -0,0 +1,6 @@
+import type { HostConfig, RpcMessage } from "../types.js";
+/**
+ * Start the NATS transport: connect, subscribe to RPC subjects, dispatch to handler.
+ */
+export declare function startNatsTransport(config: HostConfig, handleRpc: (req: RpcMessage) => Promise<unknown>): Promise<void>;
+//# sourceMappingURL=nats-transport.d.ts.map

package/dist/transports/nats-transport.js

@@ -0,0 +1,69 @@
+import { StringCodec } from "nats";
+import { connectNats } from "../nats-client.js";
+/**
+ * Start the NATS transport: connect, subscribe to RPC subjects, dispatch to handler.
+ */
+export async function startNatsTransport(config, handleRpc) {
+    const nc = await connectNats(config);
+    const sc = StringCodec();
+    const subject = `host.${config.hostId}.rpc.>`;
+    console.log(`[nats] Subscribing to: ${subject}`);
+    const sub = nc.subscribe(subject);
+    // Graceful shutdown
+    const shutdown = async () => {
+        console.log("[nats] Shutting down...");
+        sub.unsubscribe();
+        await nc.drain();
+        process.exit(0);
+    };
+    process.on("SIGINT", shutdown);
+    process.on("SIGTERM", shutdown);
+    async function processMessage(msg) {
+        // Derive RPC method from subject: ...rpc.<method parts>
+        const subjectTokens = msg.subject.split(".");
+        const rpcIdx = subjectTokens.indexOf("rpc");
+        const method = rpcIdx >= 0 ? subjectTokens.slice(rpcIdx + 1).join(".") : "";
+        // Parse params from message body
+        let params = {};
+        if (msg.data && msg.data.length > 0) {
+            const raw = sc.decode(msg.data).trim();
+            if (raw.length > 0) {
+                try {
+                    params = JSON.parse(raw);
+                }
+                catch {
+                    console.error(`[nats] Failed to parse RPC params for ${method}`);
+                    if (msg.reply) {
+                        msg.respond(sc.encode(JSON.stringify({ error: "Invalid JSON" })));
+                    }
+                    return;
+                }
+            }
+        }
+        // Extract sessionToken from params (PWA includes it in the payload)
+        const sessionToken = typeof params.sessionToken === "string" ? params.sessionToken : undefined;
+        delete params.sessionToken;
+        console.log(`[nats] RPC: ${method}`);
+        let response;
+        try {
+            response = await handleRpc({ method, params, sessionToken });
+        }
+        catch (err) {
+            console.error(`[nats] RPC error (${method}):`, err);
+            response = { error: String(err) };
+        }
+        console.log(`[nats] RPC done: ${method}`, JSON.stringify(response).slice(0, 200));
+        if (msg.reply) {
+            msg.respond(sc.encode(JSON.stringify(response)));
+        }
+    }
+    async function consumeSubscription(subscription) {
+        for await (const msg of subscription) {
+            // Handle RPC without blocking the message loop so heartbeats keep flowing
+            processMessage(msg);
+        }
+    }
+    console.log("[nats] Waiting for RPC messages...");
+    await consumeSubscription(sub);
+}
+//# sourceMappingURL=nats-transport.js.map

package/dist/types.d.ts

@@ -1,18 +1,26 @@
-export interface AgentConfig {
-    agentId: string;
-    userId: string;
-    natsUrl: string;
-    natsWsUrl: string;
-    natsToken: string;
+export interface HostConfig {
+    hostId: string;
     projectRoot: string;
+    mode: "nats" | "lan" | "auto";
+    natsUrl?: string;
+    natsWsUrl?: string;
+    natsToken?: string;
+    directPort?: number;
+    directToken?: string;
+    agents?: Array<{
+        key: string;
+        label: string;
+    }>;
 }
 export interface TaskFrontmatter {
     id: string;
+    name: string;
     user_prompt: string;
-    command_line: string;
+    agent: string;
     triggers: Trigger[];
     triggers_enabled: boolean;
     requires_confirmation: boolean;
+    permissions?: RequiredPermission[];
 }
 export interface Trigger {
     type: "cron" | "once";
@@ -22,16 +30,25 @@ export interface ParsedTask {
     frontmatter: TaskFrontmatter;
     body: string;
 }
-export interface ConfirmPayload {
-    type: "confirm";
+export type TaskRunningState = "start" | "finish" | "abort" | "fail";
+export interface TaskStatus {
+    running_state: TaskRunningState;
+    time_stamp: number;
+    pending_confirmation?: boolean;
+    pending_permission?: RequiredPermission[];
+    user_input?: string;
+}
+export interface HistoryEntry {
     task_id: string;
-    agent_id: string;
-    user_id: string;
-    details: Record<string, unknown>;
-    status: "pending" | "confirmed" | "aborted";
+    result_file: string;
+}
+export interface RequiredPermission {
+    name: string;
+    description: string;
 }
 export interface RpcMessage {
     method: string;
     params: Record<string, unknown>;
+    sessionToken?: string;
 }
 //# sourceMappingURL=types.d.ts.map

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "palmier",
-  "version": "0.2.0",
-  "description": "Palmier agent CLI - provisions, executes tasks, and serves NATS RPC",
+  "version": "0.2.2",
+  "description": "Palmier host CLI - provisions, executes tasks, and serves NATS RPC",
   "license": "ISC",
   "author": "Hongxu Cai",
   "type": "module",
@@ -12,11 +12,12 @@
   },
   "scripts": {
     "dev": "tsx src/index.ts",
-    "build": "tsc && node -e \"require('fs').cpSync('src/commands/task-generation.md','dist/commands/task-generation.md')\"",
+    "build": "tsc && node -e \"require('fs').cpSync('src/commands/plan-generation.md','dist/commands/plan-generation.md')\"",
     "prepare": "npm run build",
     "start": "node dist/index.js"
   },
   "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.27.1",
     "commander": "^13.1.0",
     "dotenv": "^16.4.7",
     "nats": "^2.29.1",

package/src/agents/agent.ts

@@ -0,0 +1,62 @@
+import type { ParsedTask, RequiredPermission } from "../types.js";
+import { ClaudeAgent } from "./claude.js";
+import { GeminiAgent } from "./gemini.js";
+import { CodexAgent } from "./codex.js";
+
+export interface CommandLine {
+  command: string;
+  args: string[];
+}
+
+/**
+ * Interface that each agent tool must implement.
+ * Abstracts how plans are generated and tasks are executed across different AI agents.
+ */
+export interface AgentTool {
+  /** Return the command and args used to generate a plan from a prompt. */
+  getPlanGenerationCommandLine(prompt: string): CommandLine;
+
+  /** Return the command and args used to run a task. If prompt is provided, use it instead of the task's prompt.
+   *  extraPermissions are transient permissions granted for this run only (not persisted in frontmatter). */
+  getTaskRunCommandLine(task: ParsedTask, prompt?: string, extraPermissions?: RequiredPermission[]): CommandLine;
+
+  /** Detect whether the agent CLI is available and perform any agent-specific
+   *  initialization. Returns true if the agent was detected and initialized successfully. */
+  init(): Promise<boolean>;
+}
+
+const agentRegistry: Record<string, AgentTool> = {
+  claude: new ClaudeAgent(),
+  gemini: new GeminiAgent(),
+  codex: new CodexAgent(),
+};
+
+const agentLabels: Record<string, string> = {
+  claude: "Claude Code",
+  gemini: "Gemini CLI",
+  codex: "Codex CLI",
+  openclaw: "OpenClaw"
+};
+
+export interface DetectedAgent {
+  key: string;
+  label: string;
+}
+
+export async function detectAgents(): Promise<DetectedAgent[]> {
+  const detected: DetectedAgent[] = [];
+  for (const [key, agent] of Object.entries(agentRegistry)) {
+    const label = agentLabels[key] ?? key;
+    const ok = await agent.init();
+    if (ok) detected.push({ key, label });
+  }
+  return detected;
+}
+
+export function getAgent(name: string): AgentTool {
+  const agent = agentRegistry[name];
+  if (!agent) {
+    throw new Error(`Unknown agent: "${name}". Available agents: ${Object.keys(agentRegistry).join(", ")}`);
+  }
+  return agent;
+}