remote-codex 0.11.19 → 0.11.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. package/apps/relay-server/dist/index.js +48 -1
  2. package/apps/supervisor-api/dist/index.js +27939 -4
  3. package/apps/supervisor-web/dist/assets/index-BdeDlmJY.js +5 -0
  4. package/apps/supervisor-web/dist/assets/index-BmBS1Wzk.css +1 -0
  5. package/apps/supervisor-web/dist/assets/thread-ui-C5nUCiEf.js +3624 -0
  6. package/apps/supervisor-web/dist/index.html +3 -3
  7. package/package.json +1 -39
  8. package/packages/agent-runtime/src/types.ts +3 -1
  9. package/packages/claude/src/runtimeAdapter.test.ts +25 -0
  10. package/packages/claude/src/runtimeAdapter.ts +85 -24
  11. package/packages/codex/src/appServerManager.test.ts +2 -1
  12. package/packages/codex/src/historyItems.test.ts +26 -0
  13. package/packages/codex/src/historyItems.ts +17 -0
  14. package/packages/codex/src/runtimeAdapter.ts +1 -1
  15. package/packages/db/src/repositories.ts +0 -123
  16. package/packages/db/src/schema.ts +1 -334
  17. package/packages/opencode/src/runtimeAdapter.test.ts +13 -1
  18. package/packages/opencode/src/runtimeAdapter.ts +1 -2
  19. package/packages/shared/src/index.ts +4 -1
  20. package/apps/supervisor-api/dist/chunk-IZBNFCMP.js +0 -29346
  21. package/apps/supervisor-api/dist/worker-index.d.ts +0 -2
  22. package/apps/supervisor-api/dist/worker-index.js +0 -197
  23. package/apps/supervisor-web/dist/assets/index-CUnlRID-.js +0 -6
  24. package/apps/supervisor-web/dist/assets/index-D3I41SIH.css +0 -1
  25. package/apps/supervisor-web/dist/assets/thread-ui-TBhog-RK.js +0 -3614
  26. package/packages/db/migrations/0018_control_plane.sql +0 -129
  27. package/packages/db/migrations/0019_control_plane_projects.sql +0 -19
  28. package/packages/db/migrations/0020_control_workspace_status.sql +0 -1
  29. package/packages/db/migrations/0021_control_sandbox_lifecycle_fields.sql +0 -3
  30. package/packages/db/migrations/0022_control_sandbox_resource_profile.sql +0 -1
  31. package/packages/db/migrations/0023_control_usage_import_state.sql +0 -18
  32. package/packages/db/migrations/0024_control_auth.sql +0 -23
  33. package/packages/db/migrations/0025_control_harness_credentials.sql +0 -29
  34. package/packages/db/migrations/0026_control_harness_usage_events.sql +0 -27
  35. package/packages/db/migrations/0027_harness_job_watches.sql +0 -24
@@ -730,7 +730,26 @@ var updatePasswordSchema = z.object({
730
730
  currentPassword: z.string().min(1),
731
731
  newPassword: z.string().min(8)
732
732
  });
733
- function buildRelayServer(config2) {
733
+ var DEFAULT_WEBVIEW_CORS_ORIGINS = /* @__PURE__ */ new Set([
734
+ "null",
735
+ "capacitor://localhost",
736
+ "ionic://localhost",
737
+ "http://localhost",
738
+ "https://localhost"
739
+ ]);
740
+ var WEBVIEW_CORS_ALLOW_HEADERS = [
741
+ "authorization",
742
+ "content-type"
743
+ ].join(", ");
744
+ var WEBVIEW_CORS_ALLOW_METHODS = [
745
+ "GET",
746
+ "POST",
747
+ "PATCH",
748
+ "PUT",
749
+ "DELETE",
750
+ "OPTIONS"
751
+ ].join(", ");
752
+ function buildRelayServer(config2, options = {}) {
734
753
  const app2 = Fastify({ logger: false });
735
754
  app2.addContentTypeParser("*", { parseAs: "buffer" }, (_request, body, done) => {
736
755
  done(null, body);
@@ -751,6 +770,20 @@ function buildRelayServer(config2) {
751
770
  const state = {
752
771
  supervisors: /* @__PURE__ */ new Map()
753
772
  };
773
+ const allowedWebViewCorsOrigins = webViewCorsOrigins(options.env ?? process.env);
774
+ app2.addHook("onRequest", async (request, reply) => {
775
+ if (!allowedWebViewCorsOrigins) {
776
+ return;
777
+ }
778
+ const origin = request.headers.origin;
779
+ if (typeof origin !== "string" || !allowedWebViewCorsOrigins.has(origin)) {
780
+ return;
781
+ }
782
+ applyWebViewCorsHeaders(reply, origin);
783
+ if (request.method === "OPTIONS") {
784
+ return reply.code(204).send();
785
+ }
786
+ });
754
787
  app2.get("/healthz", async () => {
755
788
  const primary = [...state.supervisors.values()][0] ?? null;
756
789
  return {
@@ -1092,6 +1125,20 @@ function buildRelayServer(config2) {
1092
1125
  });
1093
1126
  return app2;
1094
1127
  }
1128
+ function webViewCorsOrigins(env) {
1129
+ if (env.REMOTE_CODEX_ENABLE_WEBVIEW_CORS !== "true") {
1130
+ return null;
1131
+ }
1132
+ const configured = env.REMOTE_CODEX_WEBVIEW_CORS_ORIGINS?.split(",").map((origin) => origin.trim()).filter(Boolean);
1133
+ return new Set(configured?.length ? configured : DEFAULT_WEBVIEW_CORS_ORIGINS);
1134
+ }
1135
+ function applyWebViewCorsHeaders(reply, origin) {
1136
+ reply.header("access-control-allow-origin", origin);
1137
+ reply.header("access-control-allow-methods", WEBVIEW_CORS_ALLOW_METHODS);
1138
+ reply.header("access-control-allow-headers", WEBVIEW_CORS_ALLOW_HEADERS);
1139
+ reply.header("access-control-max-age", "600");
1140
+ reply.header("vary", "Origin");
1141
+ }
1095
1142
  async function forwardRelayHttp(input) {
1096
1143
  const threadId = threadIdFromPath(input.targetPath);
1097
1144
  if (!input.store.canAccessDevice(input.user.id, input.deviceId, threadId)) {