portless 0.0.0 → 0.2.0

package/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1.  Definitions.
+
+    "License" shall mean the terms and conditions for use, reproduction,
+    and distribution as defined by Sections 1 through 9 of this document.
+
+    "Licensor" shall mean the copyright owner or entity authorized by
+    the copyright owner that is granting the License.
+
+    "Legal Entity" shall mean the union of the acting entity and all
+    other entities that control, are controlled by, or are under common
+    control with that entity. For the purposes of this definition,
+    "control" means (i) the power, direct or indirect, to cause the
+    direction or management of such entity, whether by contract or
+    otherwise, or (ii) ownership of fifty percent (50%) or more of the
+    outstanding shares, or (iii) beneficial ownership of such entity.
+
+    "You" (or "Your") shall mean an individual or Legal Entity
+    exercising permissions granted by this License.
+
+    "Source" form shall mean the preferred form for making modifications,
+    including but not limited to software source code, documentation
+    source, and configuration files.
+
+    "Object" form shall mean any form resulting from mechanical
+    transformation or translation of a Source form, including but
+    not limited to compiled object code, generated documentation,
+    and conversions to other media types.
+
+    "Work" shall mean the work of authorship, whether in Source or
+    Object form, made available under the License, as indicated by a
+    copyright notice that is included in or attached to the work
+    (an example is provided in the Appendix below).
+
+    "Derivative Works" shall mean any work, whether in Source or Object
+    form, that is based on (or derived from) the Work and for which the
+    editorial revisions, annotations, elaborations, or other modifications
+    represent, as a whole, an original work of authorship. For the purposes
+    of this License, Derivative Works shall not include works that remain
+    separable from, or merely link (or bind by name) to the interfaces of,
+    the Work and Derivative Works thereof.
+
+    "Contribution" shall mean any work of authorship, including
+    the original version of the Work and any modifications or additions
+    to that Work or Derivative Works thereof, that is intentionally
+    submitted to Licensor for inclusion in the Work by the copyright owner
+    or by an individual or Legal Entity authorized to submit on behalf of
+    the copyright owner. For the purposes of this definition, "submitted"
+    means any form of electronic, verbal, or written communication sent
+    to the Licensor or its representatives, including but not limited to
+    communication on electronic mailing lists, source code control systems,
+    and issue tracking systems that are managed by, or on behalf of, the
+    Licensor for the purpose of discussing and improving the Work, but
+    excluding communication that is conspicuously marked or otherwise
+    designated in writing by the copyright owner as "Not a Contribution."
+
+    "Contributor" shall mean Licensor and any individual or Legal Entity
+    on behalf of whom a Contribution has been received by Licensor and
+    subsequently incorporated within the Work.
+
+2.  Grant of Copyright License. Subject to the terms and conditions of
+    this License, each Contributor hereby grants to You a perpetual,
+    worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+    copyright license to reproduce, prepare Derivative Works of,
+    publicly display, publicly perform, sublicense, and distribute the
+    Work and such Derivative Works in Source or Object form.
+
+3.  Grant of Patent License. Subject to the terms and conditions of
+    this License, each Contributor hereby grants to You a perpetual,
+    worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+    (except as stated in this section) patent license to make, have made,
+    use, offer to sell, sell, import, and otherwise transfer the Work,
+    where such license applies only to those patent claims licensable
+    by such Contributor that are necessarily infringed by their
+    Contribution(s) alone or by combination of their Contribution(s)
+    with the Work to which such Contribution(s) was submitted. If You
+    institute patent litigation against any entity (including a
+    cross-claim or counterclaim in a lawsuit) alleging that the Work
+    or a Contribution incorporated within the Work constitutes direct
+    or contributory patent infringement, then any patent licenses
+    granted to You under this License for that Work shall terminate
+    as of the date such litigation is filed.
+
+4.  Redistribution. You may reproduce and distribute copies of the
+    Work or Derivative Works thereof in any medium, with or without
+    modifications, and in Source or Object form, provided that You
+    meet the following conditions:
+
+    (a) You must give any other recipients of the Work or
+    Derivative Works a copy of this License; and
+
+    (b) You must cause any modified files to carry prominent notices
+    stating that You changed the files; and
+
+    (c) You must retain, in the Source form of any Derivative Works
+    that You distribute, all copyright, patent, trademark, and
+    attribution notices from the Source form of the Work,
+    excluding those notices that do not pertain to any part of
+    the Derivative Works; and
+
+    (d) If the Work includes a "NOTICE" text file as part of its
+    distribution, then any Derivative Works that You distribute must
+    include a readable copy of the attribution notices contained
+    within such NOTICE file, excluding those notices that do not
+    pertain to any part of the Derivative Works, in at least one
+    of the following places: within a NOTICE text file distributed
+    as part of the Derivative Works; within the Source form or
+    documentation, if provided along with the Derivative Works; or,
+    within a display generated by the Derivative Works, if and
+    wherever such third-party notices normally appear. The contents
+    of the NOTICE file are for informational purposes only and
+    do not modify the License. You may add Your own attribution
+    notices within Derivative Works that You distribute, alongside
+    or as an addendum to the NOTICE text from the Work, provided
+    that such additional attribution notices cannot be construed
+    as modifying the License.
+
+    You may add Your own copyright statement to Your modifications and
+    may provide additional or different license terms and conditions
+    for use, reproduction, or distribution of Your modifications, or
+    for any such Derivative Works as a whole, provided Your use,
+    reproduction, and distribution of the Work otherwise complies with
+    the conditions stated in this License.
+
+5.  Submission of Contributions. Unless You explicitly state otherwise,
+    any Contribution intentionally submitted for inclusion in the Work
+    by You to the Licensor shall be under the terms and conditions of
+    this License, without any additional terms or conditions.
+    Notwithstanding the above, nothing herein shall supersede or modify
+    the terms of any separate license agreement you may have executed
+    with Licensor regarding such Contributions.
+
+6.  Trademarks. This License does not grant permission to use the trade
+    names, trademarks, service marks, or product names of the Licensor,
+    except as required for reasonable and customary use in describing the
+    origin of the Work and reproducing the content of the NOTICE file.
+
+7.  Disclaimer of Warranty. Unless required by applicable law or
+    agreed to in writing, Licensor provides the Work (and each
+    Contributor provides its Contributions) on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+    implied, including, without limitation, any warranties or conditions
+    of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+    PARTICULAR PURPOSE. You are solely responsible for determining the
+    appropriateness of using or redistributing the Work and assume any
+    risks associated with Your exercise of permissions under this License.
+
+8.  Limitation of Liability. In no event and under no legal theory,
+    whether in tort (including negligence), contract, or otherwise,
+    unless required by applicable law (such as deliberate and grossly
+    negligent acts) or agreed to in writing, shall any Contributor be
+    liable to You for damages, including any direct, indirect, special,
+    incidental, or consequential damages of any character arising as a
+    result of this License or out of the use or inability to use the
+    Work (including but not limited to damages for loss of goodwill,
+    work stoppage, computer failure or malfunction, or any and all
+    other commercial damages or losses), even if such Contributor
+    has been advised of the possibility of such damages.
+
+9.  Accepting Warranty or Additional Liability. While redistributing
+    the Work or Derivative Works thereof, You may choose to offer,
+    and charge a fee for, acceptance of support, warranty, indemnity,
+    or other liability obligations and/or rights consistent with this
+    License. However, in accepting such obligations, You may act only
+    on Your own behalf and on Your sole responsibility, not on behalf
+    of any other Contributor, and only if You agree to indemnify,
+    defend, and hold each Contributor harmless for any liability
+    incurred by, or claims asserted against, such Contributor by reason
+    of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+Copyright 2025 Vercel Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

package/README.md

@@ -1,3 +1,116 @@
 # portless
 
-Coming soon.
+Replace port numbers with stable, named .localhost URLs. For humans and agents.
+
+```diff
+- "dev": "next dev"              # http://localhost:3000
++ "dev": "portless myapp next dev"  # http://myapp.localhost
+```
+
+## Quick Start
+
+```bash
+# Install
+npm install -g portless
+
+# Start the proxy (once, requires sudo for port 80)
+sudo portless proxy
+
+# Run your app
+portless myapp next dev
+# → http://myapp.localhost
+```
+
+> When run directly in your terminal, portless can auto-start the proxy for you (prompts for sudo once). Via package scripts, start the proxy manually first.
+
+## Why
+
+Local dev with port numbers is fragile:
+
+- **Port conflicts** — two projects default to the same port and you get `EADDRINUSE`
+- **Memorizing ports** — was the API on 3001 or 8080?
+- **Refreshing shows the wrong app** — stop one server, start another on the same port, and your open tab now shows something completely different
+- **Monorepo multiplier** — every problem above scales with each service in the repo
+- **Agents test the wrong port** — AI coding agents guess or hardcode the wrong port, especially in monorepos
+- **Cookie and storage clashes** — cookies set on `localhost` bleed across apps on different ports; localStorage is lost when ports shift
+- **Hardcoded ports in config** — CORS allowlists, OAuth redirect URIs, and `.env` files all break when ports change
+- **Sharing URLs with teammates** — "what port is that on?" becomes a Slack question
+- **Browser history is useless** — your history for `localhost:3000` is a jumble of unrelated projects
+
+Portless fixes all of this by giving each dev server a stable, named `.localhost` URL that both humans and agents can rely on.
+
+## Usage
+
+```bash
+# Basic
+portless myapp next dev
+# → http://myapp.localhost
+
+# Subdomains
+portless api.myapp pnpm start
+# → http://api.myapp.localhost
+
+portless docs.myapp next dev
+# → http://docs.myapp.localhost
+```
+
+### In package.json
+
+```json
+{
+  "scripts": {
+    "dev": "portless myapp next dev"
+  }
+}
+```
+
+Start the proxy once (`sudo portless proxy`), then just `pnpm dev`.
+
+## How It Works
+
+```mermaid
+flowchart TD
+    Browser["Browser\nmyapp.localhost"]
+    Proxy["portless proxy\n(port 80)"]
+    App1[":4123\nmyapp"]
+    App2[":4567\napi"]
+
+    Browser -->|port 80| Proxy
+    Proxy --> App1
+    Proxy --> App2
+```
+
+1. **Start the proxy** -- runs on port 80 by default in the background (requires sudo once)
+2. **Run apps** -- `portless <name> <command>` assigns a free port and registers with the proxy
+3. **Access via URL** -- `http://<name>.localhost` routes through the proxy to your app
+
+Apps are assigned a random port (4000-4999) via the `PORT` environment variable. Most frameworks (Next.js, Vite, etc.) respect this automatically.
+
+## Commands
+
+```bash
+portless <name> <cmd> [args...]  # Run app at http://<name>.localhost
+portless list                    # Show active routes
+
+# Disable portless (run command directly)
+PORTLESS=0 pnpm dev              # Bypasses proxy, uses default port
+# Also accepts PORTLESS=skip
+
+# Proxy control
+sudo portless proxy              # Start the proxy (port 80)
+sudo portless proxy --port 8080  # Start the proxy on a custom port
+sudo portless proxy stop         # Stop the proxy
+
+# Options
+--port <number>                  # Port for the proxy (default: 80)
+                                 # Ports >= 1024 do not require sudo
+
+# Info
+portless --help                  # Show help
+portless --version               # Show version
+```
+
+## Requirements
+
+- Node.js 20+
+- macOS or Linux

package/dist/chunk-SE7KL62V.js

@@ -0,0 +1,247 @@
+// src/utils.ts
+function isErrnoException(err) {
+  return err instanceof Error && "code" in err;
+}
+function escapeHtml(str) {
+  return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
+}
+function parseHostname(input) {
+  let hostname = input.trim().replace(/^https?:\/\//, "").split("/")[0].toLowerCase();
+  if (!hostname || hostname === ".localhost") {
+    throw new Error("Hostname cannot be empty");
+  }
+  if (!hostname.endsWith(".localhost")) {
+    hostname = `${hostname}.localhost`;
+  }
+  const name = hostname.replace(/\.localhost$/, "");
+  if (name.includes("..")) {
+    throw new Error(`Invalid hostname "${name}": consecutive dots are not allowed`);
+  }
+  if (!/^[a-z0-9]([a-z0-9.-]*[a-z0-9])?$/.test(name)) {
+    throw new Error(
+      `Invalid hostname "${name}": must contain only lowercase letters, digits, hyphens, and dots`
+    );
+  }
+  return hostname;
+}
+
+// src/proxy.ts
+import * as http from "http";
+import httpProxy from "http-proxy";
+function createProxyServer(options) {
+  const { getRoutes, onError = (msg) => console.error(msg) } = options;
+  const proxy = httpProxy.createProxyServer({});
+  proxy.on("error", (err, req, res) => {
+    onError(`Proxy error for ${req.headers.host}: ${err.message}`);
+    if (res && "writeHead" in res) {
+      const serverRes = res;
+      if (!serverRes.headersSent) {
+        const errWithCode = err;
+        const message = errWithCode.code === "ECONNREFUSED" ? "Bad Gateway: the target app is not responding. It may have crashed." : "Bad Gateway: the target app may not be running.";
+        serverRes.writeHead(502, { "Content-Type": "text/plain" });
+        serverRes.end(message);
+      }
+    }
+  });
+  const handleRequest = (req, res) => {
+    const routes = getRoutes();
+    const host = (req.headers.host || "").split(":")[0];
+    if (!host) {
+      res.writeHead(400, { "Content-Type": "text/plain" });
+      res.end("Missing Host header");
+      return;
+    }
+    const route = routes.find((r) => r.hostname === host);
+    if (!route) {
+      const safeHost = escapeHtml(host);
+      res.writeHead(404, { "Content-Type": "text/html" });
+      res.end(`
+        <html>
+          <head><title>portless - Not Found</title></head>
+          <body style="font-family: system-ui; padding: 40px; max-width: 600px; margin: 0 auto;">
+            <h1>Not Found</h1>
+            <p>No app registered for <strong>${safeHost}</strong></p>
+            ${routes.length > 0 ? `
+              <h2>Active apps:</h2>
+              <ul>
+                ${routes.map((r) => `<li><a href="http://${escapeHtml(r.hostname)}">${escapeHtml(r.hostname)}</a> - localhost:${escapeHtml(String(r.port))}</li>`).join("")}
+              </ul>
+            ` : "<p><em>No apps running.</em></p>"}
+            <p>Start an app with: <code>portless ${safeHost.replace(".localhost", "")} your-command</code></p>
+          </body>
+        </html>
+      `);
+      return;
+    }
+    proxy.web(req, res, {
+      target: `http://127.0.0.1:${route.port}`,
+      xfwd: true
+    });
+  };
+  const handleUpgrade = (req, socket, head) => {
+    const routes = getRoutes();
+    const host = (req.headers.host || "").split(":")[0];
+    const route = routes.find((r) => r.hostname === host);
+    if (!route) {
+      socket.destroy();
+      return;
+    }
+    proxy.ws(req, socket, head, {
+      target: `http://127.0.0.1:${route.port}`,
+      xfwd: true
+    });
+  };
+  const httpServer = http.createServer(handleRequest);
+  httpServer.on("upgrade", handleUpgrade);
+  return httpServer;
+}
+
+// src/routes.ts
+import * as fs from "fs";
+import * as path from "path";
+function isValidRoute(value) {
+  return typeof value === "object" && value !== null && typeof value.hostname === "string" && typeof value.port === "number" && typeof value.pid === "number";
+}
+var RouteStore = class _RouteStore {
+  dir;
+  routesPath;
+  lockPath;
+  pidPath;
+  onWarning;
+  constructor(dir, options) {
+    this.dir = dir;
+    this.routesPath = path.join(dir, "routes.json");
+    this.lockPath = path.join(dir, "routes.lock");
+    this.pidPath = path.join(dir, "proxy.pid");
+    this.onWarning = options?.onWarning;
+  }
+  ensureDir() {
+    if (!fs.existsSync(this.dir)) {
+      fs.mkdirSync(this.dir, { recursive: true, mode: 493 });
+    }
+    try {
+      fs.chmodSync(this.dir, 493);
+    } catch {
+    }
+  }
+  getRoutesPath() {
+    return this.routesPath;
+  }
+  // -- Locking ---------------------------------------------------------------
+  static sleepBuffer = new Int32Array(new SharedArrayBuffer(4));
+  syncSleep(ms) {
+    Atomics.wait(_RouteStore.sleepBuffer, 0, 0, ms);
+  }
+  acquireLock(maxRetries = 20, retryDelayMs = 50) {
+    for (let i = 0; i < maxRetries; i++) {
+      try {
+        fs.mkdirSync(this.lockPath);
+        return true;
+      } catch (err) {
+        if (isErrnoException(err) && err.code === "EEXIST") {
+          try {
+            const stat = fs.statSync(this.lockPath);
+            if (Date.now() - stat.mtimeMs > 1e4) {
+              fs.rmSync(this.lockPath, { recursive: true });
+              continue;
+            }
+          } catch {
+            continue;
+          }
+          this.syncSleep(retryDelayMs);
+        } else {
+          return false;
+        }
+      }
+    }
+    return false;
+  }
+  releaseLock() {
+    try {
+      fs.rmSync(this.lockPath, { recursive: true });
+    } catch {
+    }
+  }
+  // -- Route I/O -------------------------------------------------------------
+  isProcessAlive(pid) {
+    try {
+      process.kill(pid, 0);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Load routes from disk, filtering out stale entries whose owning process
+   * is no longer alive. Stale-route cleanup is only persisted when the caller
+   * already holds the lock (i.e. inside addRoute/removeRoute) to avoid
+   * unprotected concurrent writes.
+   */
+  loadRoutes(persistCleanup = false) {
+    if (!fs.existsSync(this.routesPath)) {
+      return [];
+    }
+    try {
+      const raw = fs.readFileSync(this.routesPath, "utf-8");
+      let parsed;
+      try {
+        parsed = JSON.parse(raw);
+      } catch {
+        this.onWarning?.(`Corrupted routes file (invalid JSON): ${this.routesPath}`);
+        return [];
+      }
+      if (!Array.isArray(parsed)) {
+        this.onWarning?.(`Corrupted routes file (expected array): ${this.routesPath}`);
+        return [];
+      }
+      const routes = parsed.filter(isValidRoute);
+      const alive = routes.filter((r) => this.isProcessAlive(r.pid));
+      if (persistCleanup && alive.length !== routes.length) {
+        try {
+          fs.writeFileSync(this.routesPath, JSON.stringify(alive, null, 2), { mode: 420 });
+        } catch {
+        }
+      }
+      return alive;
+    } catch {
+      return [];
+    }
+  }
+  saveRoutes(routes) {
+    this.ensureDir();
+    fs.writeFileSync(this.routesPath, JSON.stringify(routes, null, 2), { mode: 420 });
+  }
+  addRoute(hostname, port, pid) {
+    this.ensureDir();
+    if (!this.acquireLock()) {
+      throw new Error("Failed to acquire route lock");
+    }
+    try {
+      const routes = this.loadRoutes(true).filter((r) => r.hostname !== hostname);
+      routes.push({ hostname, port, pid });
+      this.saveRoutes(routes);
+    } finally {
+      this.releaseLock();
+    }
+  }
+  removeRoute(hostname) {
+    this.ensureDir();
+    if (!this.acquireLock()) {
+      throw new Error("Failed to acquire route lock");
+    }
+    try {
+      const routes = this.loadRoutes(true).filter((r) => r.hostname !== hostname);
+      this.saveRoutes(routes);
+    } finally {
+      this.releaseLock();
+    }
+  }
+};
+
+export {
+  isErrnoException,
+  escapeHtml,
+  parseHostname,
+  createProxyServer,
+  RouteStore
+};

package/dist/cli.d.ts

@@ -0,0 +1 @@
+#!/usr/bin/env node

package/dist/cli.js

@@ -0,0 +1,464 @@
+#!/usr/bin/env node
+import {
+  RouteStore,
+  createProxyServer,
+  isErrnoException,
+  parseHostname
+} from "./chunk-SE7KL62V.js";
+
+// src/cli.ts
+import chalk from "chalk";
+import * as fs from "fs";
+import * as path from "path";
+import * as readline from "readline";
+import { spawn, spawnSync } from "child_process";
+
+// src/cli-utils.ts
+import * as net from "net";
+async function findFreePort(minPort = 4e3, maxPort = 4999) {
+  const tryPort = (port) => {
+    return new Promise((resolve) => {
+      const server = net.createServer();
+      server.listen(port, () => {
+        server.close(() => resolve(true));
+      });
+      server.on("error", () => resolve(false));
+    });
+  };
+  for (let i = 0; i < 50; i++) {
+    const port = minPort + Math.floor(Math.random() * (maxPort - minPort + 1));
+    if (await tryPort(port)) {
+      return port;
+    }
+  }
+  for (let port = minPort; port <= maxPort; port++) {
+    if (await tryPort(port)) {
+      return port;
+    }
+  }
+  throw new Error(`No free port found in range ${minPort}-${maxPort}`);
+}
+function isProxyRunning(port = 80) {
+  return new Promise((resolve) => {
+    const socket = new net.Socket();
+    socket.setTimeout(500);
+    socket.on("connect", () => {
+      socket.destroy();
+      resolve(true);
+    });
+    socket.on("error", () => resolve(false));
+    socket.on("timeout", () => {
+      socket.destroy();
+      resolve(false);
+    });
+    socket.connect(port, "127.0.0.1");
+  });
+}
+
+// src/cli.ts
+var SIGNAL_CODES = { SIGINT: 2, SIGTERM: 15 };
+function prompt(question) {
+  const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+  return new Promise((resolve) => {
+    rl.on("close", () => resolve(""));
+    rl.question(question, (answer) => {
+      rl.close();
+      resolve(answer.trim().toLowerCase());
+    });
+  });
+}
+var PORTLESS_DIR = "/tmp/portless";
+var PROXY_PORT_PATH = path.join(PORTLESS_DIR, "proxy.port");
+var DEFAULT_PROXY_PORT = 80;
+var store = new RouteStore(PORTLESS_DIR, {
+  onWarning: (msg) => console.warn(chalk.yellow(msg))
+});
+function readProxyPort() {
+  try {
+    const raw = fs.readFileSync(PROXY_PORT_PATH, "utf-8").trim();
+    const port = parseInt(raw, 10);
+    return isNaN(port) ? DEFAULT_PROXY_PORT : port;
+  } catch {
+    return DEFAULT_PROXY_PORT;
+  }
+}
+async function waitForProxy(proxyPort, maxAttempts = 20, intervalMs = 250) {
+  const port = proxyPort ?? readProxyPort();
+  for (let i = 0; i < maxAttempts; i++) {
+    await new Promise((resolve) => setTimeout(resolve, intervalMs));
+    if (await isProxyRunning(port)) {
+      return true;
+    }
+  }
+  return false;
+}
+function spawnCommand(commandArgs, options) {
+  const child = spawn(commandArgs[0], commandArgs.slice(1), {
+    stdio: "inherit",
+    env: options?.env
+  });
+  let exiting = false;
+  const handleSignal = (signal) => {
+    if (exiting) return;
+    exiting = true;
+    child.kill(signal);
+    options?.onCleanup?.();
+    process.exit(128 + (SIGNAL_CODES[signal] || 15));
+  };
+  process.on("SIGINT", () => handleSignal("SIGINT"));
+  process.on("SIGTERM", () => handleSignal("SIGTERM"));
+  child.on("error", (err) => {
+    if (exiting) return;
+    exiting = true;
+    console.error(chalk.red(`Failed to run command: ${err.message}`));
+    options?.onCleanup?.();
+    process.exit(1);
+  });
+  child.on("exit", (code, signal) => {
+    if (exiting) return;
+    exiting = true;
+    options?.onCleanup?.();
+    if (signal) {
+      process.exit(128 + (SIGNAL_CODES[signal] || 1));
+    }
+    process.exit(code ?? 1);
+  });
+}
+function startProxyServer(proxyPort) {
+  store.ensureDir();
+  const routesPath = store.getRoutesPath();
+  if (!fs.existsSync(routesPath)) {
+    fs.writeFileSync(routesPath, "[]", { mode: 420 });
+  }
+  try {
+    fs.chmodSync(routesPath, 420);
+  } catch {
+  }
+  let cachedRoutes = store.loadRoutes();
+  let debounceTimer = null;
+  let watcher = null;
+  const reloadRoutes = () => {
+    try {
+      cachedRoutes = store.loadRoutes();
+    } catch {
+    }
+  };
+  try {
+    watcher = fs.watch(routesPath, () => {
+      if (debounceTimer) clearTimeout(debounceTimer);
+      debounceTimer = setTimeout(reloadRoutes, 100);
+    });
+  } catch {
+    console.warn(chalk.yellow("fs.watch unavailable; falling back to polling for route changes"));
+    setInterval(reloadRoutes, 3e3);
+  }
+  const server = createProxyServer({
+    getRoutes: () => cachedRoutes,
+    onError: (msg) => console.error(chalk.red(msg))
+  });
+  server.on("error", (err) => {
+    if (err.code === "EADDRINUSE") {
+      console.error(chalk.red(`Port ${proxyPort} is already in use`));
+    } else if (err.code === "EACCES") {
+      console.error(chalk.red("Permission denied. Use: sudo portless proxy"));
+    } else {
+      console.error(chalk.red(`Proxy error: ${err.message}`));
+    }
+    process.exit(1);
+  });
+  server.listen(proxyPort, () => {
+    fs.writeFileSync(store.pidPath, process.pid.toString(), { mode: 420 });
+    fs.writeFileSync(PROXY_PORT_PATH, proxyPort.toString(), { mode: 420 });
+    console.log(chalk.green(`HTTP proxy listening on port ${proxyPort}`));
+  });
+  let exiting = false;
+  const cleanup = () => {
+    if (exiting) return;
+    exiting = true;
+    if (watcher) {
+      watcher.close();
+    }
+    try {
+      fs.unlinkSync(store.pidPath);
+    } catch {
+    }
+    try {
+      fs.unlinkSync(PROXY_PORT_PATH);
+    } catch {
+    }
+    server.close(() => process.exit(0));
+    setTimeout(() => process.exit(0), 2e3).unref();
+  };
+  process.on("SIGINT", cleanup);
+  process.on("SIGTERM", cleanup);
+  console.log(chalk.cyan("\nProxy is running. Press Ctrl+C to stop.\n"));
+  console.log(chalk.gray(`Routes file: ${store.getRoutesPath()}`));
+}
+async function stopProxy() {
+  const pidPath = store.pidPath;
+  if (!fs.existsSync(pidPath)) {
+    console.log(chalk.yellow("Proxy is not running."));
+    return;
+  }
+  const proxyPort = readProxyPort();
+  try {
+    const pid = parseInt(fs.readFileSync(pidPath, "utf-8"), 10);
+    if (isNaN(pid)) {
+      console.error(chalk.red("Corrupted PID file. Removing it."));
+      fs.unlinkSync(pidPath);
+      return;
+    }
+    try {
+      process.kill(pid, 0);
+    } catch {
+      console.log(chalk.yellow("Proxy process is no longer running. Cleaning up."));
+      fs.unlinkSync(pidPath);
+      return;
+    }
+    if (!await isProxyRunning(proxyPort)) {
+      console.log(
+        chalk.yellow(
+          `PID file exists but port ${proxyPort} is not listening. The PID may have been recycled.`
+        )
+      );
+      console.log(chalk.yellow("Removing stale PID file."));
+      fs.unlinkSync(pidPath);
+      return;
+    }
+    process.kill(pid, "SIGTERM");
+    fs.unlinkSync(pidPath);
+    try {
+      fs.unlinkSync(PROXY_PORT_PATH);
+    } catch {
+    }
+    console.log(chalk.green("Proxy stopped."));
+  } catch (err) {
+    if (isErrnoException(err) && err.code === "EPERM") {
+      console.error(chalk.red("Permission denied. The proxy runs as root."));
+      console.log(chalk.blue("Use: sudo portless proxy stop"));
+    } else {
+      const message = err instanceof Error ? err.message : String(err);
+      console.error(chalk.red("Failed to stop proxy:"), message);
+    }
+  }
+}
+function listRoutes() {
+  const routes = store.loadRoutes();
+  if (routes.length === 0) {
+    console.log(chalk.yellow("No active routes."));
+    console.log(chalk.gray("Start an app with: portless <name> <command>"));
+    return;
+  }
+  console.log(chalk.blue.bold("\nActive routes:\n"));
+  for (const route of routes) {
+    console.log(
+      `  ${chalk.cyan(`http://${route.hostname}`)}  ${chalk.gray("->")}  ${chalk.white(`localhost:${route.port}`)}  ${chalk.gray(`(pid ${route.pid})`)}`
+    );
+  }
+  console.log();
+}
+async function runApp(name, commandArgs) {
+  const hostname = parseHostname(name);
+  const proxyPort = readProxyPort();
+  console.log(chalk.blue.bold(`
+portless
+`));
+  console.log(chalk.gray(`-- ${hostname} (auto-resolves to 127.0.0.1)`));
+  if (!await isProxyRunning(proxyPort)) {
+    if (process.stdin.isTTY) {
+      const answer = await prompt(chalk.yellow("Proxy not running. Start it? [Y/n/skip] "));
+      if (answer === "n" || answer === "no") {
+        console.log(chalk.gray("Cancelled."));
+        process.exit(0);
+      }
+      if (answer === "s" || answer === "skip") {
+        console.log(chalk.gray("Skipping proxy, running command directly...\n"));
+        spawnCommand(commandArgs);
+        return;
+      }
+      console.log(chalk.yellow("Starting proxy (requires sudo)..."));
+      const result = spawnSync("sudo", [process.execPath, process.argv[1], "proxy", "--daemon"], {
+        stdio: "inherit",
+        timeout: 3e4
+      });
+      if (result.status !== 0) {
+        console.log(chalk.red("\nFailed to start proxy"));
+        process.exit(1);
+      }
+      if (!await waitForProxy()) {
+        console.log(chalk.red("\nProxy failed to start"));
+        const logPath = path.join(PORTLESS_DIR, "proxy.log");
+        if (fs.existsSync(logPath)) {
+          console.log(chalk.gray(`Check logs: ${logPath}`));
+        }
+        process.exit(1);
+      }
+      console.log(chalk.green("Proxy started in background"));
+    } else {
+      console.log(chalk.red("\nProxy is not running!"));
+      console.log(chalk.blue("\nStart the proxy first (one time):"));
+      console.log(chalk.cyan("  sudo portless proxy\n"));
+      process.exit(1);
+    }
+  } else {
+    console.log(chalk.gray("-- Proxy is running"));
+  }
+  const port = await findFreePort();
+  console.log(chalk.green(`-- Using port ${port}`));
+  store.addRoute(hostname, port, process.pid);
+  console.log(chalk.cyan.bold(`
+  -> http://${hostname}
+`));
+  console.log(chalk.gray(`Running: PORT=${port} ${commandArgs.join(" ")}
+`));
+  spawnCommand(commandArgs, {
+    env: { ...process.env, PORT: port.toString() },
+    onCleanup: () => {
+      try {
+        store.removeRoute(hostname);
+      } catch {
+      }
+    }
+  });
+}
+async function main() {
+  const args = process.argv.slice(2);
+  const skipPortless = process.env.PORTLESS === "0" || process.env.PORTLESS === "skip";
+  if (skipPortless && args.length >= 2 && args[0] !== "proxy") {
+    spawnCommand(args.slice(1));
+    return;
+  }
+  if (args.length === 0 || args[0] === "--help" || args[0] === "-h") {
+    console.log(`
+${chalk.bold("portless")} - Replace port numbers with stable, named .localhost URLs. For humans and agents.
+
+Eliminates port conflicts, memorizing port numbers, and cookie/storage
+clashes by giving each dev server a stable .localhost URL.
+
+${chalk.bold("Usage:")}
+  ${chalk.cyan("sudo portless proxy")}              Start the proxy (run once, keep open)
+  ${chalk.cyan("sudo portless proxy --port 8080")}  Start the proxy on a custom port
+  ${chalk.cyan("sudo portless proxy stop")}         Stop the proxy
+  ${chalk.cyan("portless <name> <cmd>")}            Run your app through the proxy
+  ${chalk.cyan("portless list")}                    Show active routes
+
+${chalk.bold("Examples:")}
+  sudo portless proxy              # Start proxy in terminal 1
+  portless myapp next dev          # Terminal 2 -> http://myapp.localhost
+  portless api.myapp pnpm start    # Terminal 3 -> http://api.myapp.localhost
+
+${chalk.bold("In package.json:")}
+  {
+    "scripts": {
+      "dev": "portless myapp next dev"
+    }
+  }
+
+${chalk.bold("How it works:")}
+  1. Start the proxy once with sudo (listens on port 80 by default)
+  2. Run your apps - they register automatically  
+  3. Access via http://<name>.localhost
+  4. .localhost domains auto-resolve to 127.0.0.1
+
+${chalk.bold("Options:")}
+  --port <number>               Port for the proxy to listen on (default: 80)
+                                Ports >= 1024 do not require sudo
+
+${chalk.bold("Skip portless:")}
+  PORTLESS=0 pnpm dev           # Runs command directly without proxy
+  PORTLESS=skip pnpm dev        # Same as above
+`);
+    process.exit(0);
+  }
+  if (args[0] === "--version" || args[0] === "-v") {
+    console.log("0.2.0");
+    process.exit(0);
+  }
+  if (args[0] === "list") {
+    listRoutes();
+    return;
+  }
+  if (args[0] === "proxy") {
+    if (args[1] === "stop") {
+      await stopProxy();
+      return;
+    }
+    const isDaemon = args.includes("--daemon");
+    let proxyPort = DEFAULT_PROXY_PORT;
+    const portFlagIndex = args.indexOf("--port");
+    if (portFlagIndex !== -1) {
+      const portValue = args[portFlagIndex + 1];
+      if (!portValue || portValue.startsWith("-")) {
+        console.error(chalk.red("Error: --port requires a port number"));
+        console.log(chalk.blue("Usage: portless proxy --port 8080"));
+        process.exit(1);
+      }
+      proxyPort = parseInt(portValue, 10);
+      if (isNaN(proxyPort) || proxyPort < 1 || proxyPort > 65535) {
+        console.error(chalk.red(`Error: Invalid port number: ${portValue}`));
+        console.log(chalk.blue("Port must be between 1 and 65535"));
+        process.exit(1);
+      }
+    }
+    if (await isProxyRunning(proxyPort)) {
+      if (!isDaemon) {
+        console.log(chalk.yellow("Proxy is already running."));
+        console.log(chalk.blue("To restart: portless proxy stop && sudo portless proxy"));
+      }
+      return;
+    }
+    if (proxyPort < 1024 && process.getuid() !== 0) {
+      console.error(chalk.red(`Error: Proxy requires sudo for port ${proxyPort}`));
+      console.log(chalk.blue("Usage: sudo portless proxy"));
+      process.exit(1);
+    }
+    if (isDaemon) {
+      store.ensureDir();
+      const logPath = path.join(PORTLESS_DIR, "proxy.log");
+      const logFd = fs.openSync(logPath, "a");
+      try {
+        fs.chmodSync(logPath, 420);
+      } catch {
+      }
+      const daemonArgs = [process.argv[1], "proxy"];
+      if (portFlagIndex !== -1) {
+        daemonArgs.push("--port", proxyPort.toString());
+      }
+      const child = spawn(process.execPath, daemonArgs, {
+        detached: true,
+        stdio: ["ignore", logFd, logFd],
+        env: process.env
+      });
+      child.unref();
+      fs.closeSync(logFd);
+      if (!await waitForProxy(proxyPort)) {
+        console.error(chalk.red("Proxy failed to start"));
+        if (fs.existsSync(logPath)) {
+          console.log(chalk.gray(`Check logs: ${logPath}`));
+        }
+        process.exit(1);
+      }
+      return;
+    }
+    console.log(chalk.blue.bold("\nportless proxy\n"));
+    startProxyServer(proxyPort);
+    return;
+  }
+  const name = args[0];
+  const commandArgs = args.slice(1);
+  if (commandArgs.length === 0) {
+    console.error(chalk.red("Error: No command provided"));
+    console.log(chalk.blue("Usage: portless <name> <command...>"));
+    console.log(chalk.blue("Example: portless myapp next dev"));
+    process.exit(1);
+  }
+  await runApp(name, commandArgs);
+}
+main().catch((err) => {
+  const message = err instanceof Error ? err.message : String(err);
+  console.error(chalk.red("Error:"), message);
+  process.exit(1);
+});

package/dist/index.d.ts

@@ -0,0 +1,70 @@
+import * as http from 'node:http';
+
+/** Route info used by the proxy server to map hostnames to ports. */
+interface RouteInfo {
+    hostname: string;
+    port: number;
+}
+interface ProxyServerOptions {
+    /** Called on each request to get the current route table. */
+    getRoutes: () => RouteInfo[];
+    /** Optional error logger; defaults to console.error. */
+    onError?: (message: string) => void;
+}
+
+/**
+ * Create an HTTP proxy server that routes requests based on the Host header.
+ *
+ * The `getRoutes` callback is invoked on every request so callers can provide
+ * either a static list or a live-updating one.
+ */
+declare function createProxyServer(options: ProxyServerOptions): http.Server;
+
+interface RouteMapping extends RouteInfo {
+    pid: number;
+}
+/**
+ * Manages route mappings stored as a JSON file on disk.
+ * Supports file locking and stale-route cleanup.
+ */
+declare class RouteStore {
+    private readonly dir;
+    private readonly routesPath;
+    private readonly lockPath;
+    readonly pidPath: string;
+    private readonly onWarning;
+    constructor(dir: string, options?: {
+        onWarning?: (message: string) => void;
+    });
+    ensureDir(): void;
+    getRoutesPath(): string;
+    private static readonly sleepBuffer;
+    private syncSleep;
+    acquireLock(maxRetries?: number, retryDelayMs?: number): boolean;
+    releaseLock(): void;
+    private isProcessAlive;
+    /**
+     * Load routes from disk, filtering out stale entries whose owning process
+     * is no longer alive. Stale-route cleanup is only persisted when the caller
+     * already holds the lock (i.e. inside addRoute/removeRoute) to avoid
+     * unprotected concurrent writes.
+     */
+    loadRoutes(persistCleanup?: boolean): RouteMapping[];
+    private saveRoutes;
+    addRoute(hostname: string, port: number, pid: number): void;
+    removeRoute(hostname: string): void;
+}
+
+/** Type guard for Node.js system errors with an error code. */
+declare function isErrnoException(err: unknown): err is NodeJS.ErrnoException;
+/**
+ * Escape HTML special characters to prevent XSS.
+ */
+declare function escapeHtml(str: string): string;
+/**
+ * Parse and normalize a hostname input for use as a .localhost subdomain.
+ * Strips protocol prefixes, validates characters, and appends .localhost if needed.
+ */
+declare function parseHostname(input: string): string;
+
+export { type ProxyServerOptions, type RouteInfo, type RouteMapping, RouteStore, createProxyServer, escapeHtml, isErrnoException, parseHostname };

package/dist/index.js

@@ -0,0 +1,14 @@
+import {
+  RouteStore,
+  createProxyServer,
+  escapeHtml,
+  isErrnoException,
+  parseHostname
+} from "./chunk-SE7KL62V.js";
+export {
+  RouteStore,
+  createProxyServer,
+  escapeHtml,
+  isErrnoException,
+  parseHostname
+};

package/package.json

@@ -1,12 +1,82 @@
 {
   "name": "portless",
-  "version": "0.0.0",
-  "description": "Coming soon",
-  "main": "index.js",
-  "author": "",
-  "license": "MIT",
+  "version": "0.2.0",
+  "description": "Replace port numbers with stable, named .localhost URLs. For humans and agents.",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "bin": {
+    "portless": "./dist/cli.js"
+  },
+  "files": [
+    "dist"
+  ],
+  "engines": {
+    "node": ">=20"
+  },
+  "os": [
+    "darwin",
+    "linux"
+  ],
+  "keywords": [
+    "local",
+    "development",
+    "proxy",
+    "localhost"
+  ],
+  "author": "Vercel Labs",
+  "license": "Apache-2.0",
   "repository": {
     "type": "git",
-    "url": ""
+    "url": "https://github.com/vercel-labs/portless.git"
+  },
+  "homepage": "https://github.com/vercel-labs/portless#readme",
+  "bugs": {
+    "url": "https://github.com/vercel-labs/portless/issues"
+  },
+  "dependencies": {
+    "chalk": "^5.3.0",
+    "http-proxy": "^1.18.1"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.39.2",
+    "@types/http-proxy": "^1.17.14",
+    "@types/node": "^20.11.0",
+    "@vitest/coverage-v8": "^4.0.18",
+    "eslint": "^9.39.2",
+    "eslint-config-prettier": "^10.1.8",
+    "husky": "^9.1.7",
+    "lint-staged": "^16.2.7",
+    "prettier": "^3.8.1",
+    "tsup": "^8.0.1",
+    "typescript": "^5.3.3",
+    "typescript-eslint": "^8.55.0",
+    "vitest": "^4.0.18"
+  },
+  "lint-staged": {
+    "*.{ts,js}": [
+      "eslint --fix",
+      "prettier --write"
+    ],
+    "*.{json,md,yml,yaml}": "prettier --write"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "format": "prettier --write .",
+    "format:check": "prettier --check .",
+    "lint": "eslint src/",
+    "lint:fix": "eslint src/ --fix",
+    "pretest": "pnpm build",
+    "test": "vitest run",
+    "test:coverage": "vitest run --coverage",
+    "test:watch": "vitest",
+    "typecheck": "tsc --noEmit"
   }
 }

package/index.js

@@ -1,2 +0,0 @@
-// Coming soon
-module.exports = {};