tide-commander 0.83.0 → 0.84.0

package/dist/assets/{web-BPwrdMBS.js → web-fkUxxBLP.js}

@@ -1 +1 @@
-import{W as s}from"./main-Bm_HUW5H.js";import"./modulepreload-polyfill-B5Qt9EMX.js";import"./vendor-react-uS-d4TUT.js";import"./vendor-three-DJ4p3FLF.js";class f extends s{constructor(){super(...arguments),this.pending=[],this.deliveredNotifications=[],this.hasNotificationSupport=()=>{if(!("Notification"in window)||!Notification.requestPermission)return!1;if(Notification.permission!=="granted")try{new Notification("")}catch(i){if(i instanceof Error&&i.name==="TypeError")return!1}return!0}}async getDeliveredNotifications(){const i=[];for(const t of this.deliveredNotifications){const e={title:t.title,id:parseInt(t.tag),body:t.body};i.push(e)}return{notifications:i}}async removeDeliveredNotifications(i){for(const t of i.notifications){const e=this.deliveredNotifications.find(n=>n.tag===String(t.id));e==null||e.close(),this.deliveredNotifications=this.deliveredNotifications.filter(()=>!e)}}async removeAllDeliveredNotifications(){for(const i of this.deliveredNotifications)i.close();this.deliveredNotifications=[]}async createChannel(){throw this.unimplemented("Not implemented on web.")}async deleteChannel(){throw this.unimplemented("Not implemented on web.")}async listChannels(){throw this.unimplemented("Not implemented on web.")}async schedule(i){if(!this.hasNotificationSupport())throw this.unavailable("Notifications not supported in this browser.");for(const t of i.notifications)this.sendNotification(t);return{notifications:i.notifications.map(t=>({id:t.id}))}}async getPending(){return{notifications:this.pending}}async registerActionTypes(){throw this.unimplemented("Not implemented on web.")}async cancel(i){this.pending=this.pending.filter(t=>!i.notifications.find(e=>e.id===t.id))}async areEnabled(){const{display:i}=await this.checkPermissions();return{value:i==="granted"}}async changeExactNotificationSetting(){throw this.unimplemented("Not implemented on web.")}async checkExactNotificationSetting(){throw this.unimplemented("Not implemented on web.")}async requestPermissions(){if(!this.hasNotificationSupport())throw this.unavailable("Notifications not supported in this browser.");return{display:this.transformNotificationPermission(await Notification.requestPermission())}}async checkPermissions(){if(!this.hasNotificationSupport())throw this.unavailable("Notifications not supported in this browser.");return{display:this.transformNotificationPermission(Notification.permission)}}transformNotificationPermission(i){switch(i){case"granted":return"granted";case"denied":return"denied";default:return"prompt"}}sendPending(){var i;const t=[],e=new Date().getTime();for(const n of this.pending)!((i=n.schedule)===null||i===void 0)&&i.at&&n.schedule.at.getTime()<=e&&(this.buildNotification(n),t.push(n));this.pending=this.pending.filter(n=>!t.find(o=>o===n))}sendNotification(i){var t;if(!((t=i.schedule)===null||t===void 0)&&t.at){const e=i.schedule.at.getTime()-new Date().getTime();this.pending.push(i),setTimeout(()=>{this.sendPending()},e);return}this.buildNotification(i)}buildNotification(i){const t=new Notification(i.title,{body:i.body,tag:String(i.id)});return t.addEventListener("click",this.onClick.bind(this,i),!1),t.addEventListener("show",this.onShow.bind(this,i),!1),t.addEventListener("close",()=>{this.deliveredNotifications=this.deliveredNotifications.filter(()=>!this)},!1),this.deliveredNotifications.push(t),t}onClick(i){const t={actionId:"tap",notification:i};this.notifyListeners("localNotificationActionPerformed",t)}onShow(i){this.notifyListeners("localNotificationReceived",i)}}export{f as LocalNotificationsWeb};
+import{W as s}from"./main-dSfKHXvf.js";import"./modulepreload-polyfill-B5Qt9EMX.js";import"./vendor-react-uS-d4TUT.js";import"./vendor-three-DJ4p3FLF.js";class f extends s{constructor(){super(...arguments),this.pending=[],this.deliveredNotifications=[],this.hasNotificationSupport=()=>{if(!("Notification"in window)||!Notification.requestPermission)return!1;if(Notification.permission!=="granted")try{new Notification("")}catch(i){if(i instanceof Error&&i.name==="TypeError")return!1}return!0}}async getDeliveredNotifications(){const i=[];for(const t of this.deliveredNotifications){const e={title:t.title,id:parseInt(t.tag),body:t.body};i.push(e)}return{notifications:i}}async removeDeliveredNotifications(i){for(const t of i.notifications){const e=this.deliveredNotifications.find(n=>n.tag===String(t.id));e==null||e.close(),this.deliveredNotifications=this.deliveredNotifications.filter(()=>!e)}}async removeAllDeliveredNotifications(){for(const i of this.deliveredNotifications)i.close();this.deliveredNotifications=[]}async createChannel(){throw this.unimplemented("Not implemented on web.")}async deleteChannel(){throw this.unimplemented("Not implemented on web.")}async listChannels(){throw this.unimplemented("Not implemented on web.")}async schedule(i){if(!this.hasNotificationSupport())throw this.unavailable("Notifications not supported in this browser.");for(const t of i.notifications)this.sendNotification(t);return{notifications:i.notifications.map(t=>({id:t.id}))}}async getPending(){return{notifications:this.pending}}async registerActionTypes(){throw this.unimplemented("Not implemented on web.")}async cancel(i){this.pending=this.pending.filter(t=>!i.notifications.find(e=>e.id===t.id))}async areEnabled(){const{display:i}=await this.checkPermissions();return{value:i==="granted"}}async changeExactNotificationSetting(){throw this.unimplemented("Not implemented on web.")}async checkExactNotificationSetting(){throw this.unimplemented("Not implemented on web.")}async requestPermissions(){if(!this.hasNotificationSupport())throw this.unavailable("Notifications not supported in this browser.");return{display:this.transformNotificationPermission(await Notification.requestPermission())}}async checkPermissions(){if(!this.hasNotificationSupport())throw this.unavailable("Notifications not supported in this browser.");return{display:this.transformNotificationPermission(Notification.permission)}}transformNotificationPermission(i){switch(i){case"granted":return"granted";case"denied":return"denied";default:return"prompt"}}sendPending(){var i;const t=[],e=new Date().getTime();for(const n of this.pending)!((i=n.schedule)===null||i===void 0)&&i.at&&n.schedule.at.getTime()<=e&&(this.buildNotification(n),t.push(n));this.pending=this.pending.filter(n=>!t.find(o=>o===n))}sendNotification(i){var t;if(!((t=i.schedule)===null||t===void 0)&&t.at){const e=i.schedule.at.getTime()-new Date().getTime();this.pending.push(i),setTimeout(()=>{this.sendPending()},e);return}this.buildNotification(i)}buildNotification(i){const t=new Notification(i.title,{body:i.body,tag:String(i.id)});return t.addEventListener("click",this.onClick.bind(this,i),!1),t.addEventListener("show",this.onShow.bind(this,i),!1),t.addEventListener("close",()=>{this.deliveredNotifications=this.deliveredNotifications.filter(()=>!this)},!1),this.deliveredNotifications.push(t),t}onClick(i){const t={actionId:"tap",notification:i};this.notifyListeners("localNotificationActionPerformed",t)}onShow(i){this.notifyListeners("localNotificationReceived",i)}}export{f as LocalNotificationsWeb};

package/dist/index.html

@@ -22,11 +22,11 @@
     <link rel="icon" type="image/png" sizes="16x16" href="/assets/icons/favicon-16x16.png" />
     <link rel="apple-touch-icon" sizes="180x180" href="/assets/icons/apple-touch-icon.png" />
     <title>Tide Commander</title>
-    <script type="module" crossorigin src="/assets/main-Bm_HUW5H.js"></script>
+    <script type="module" crossorigin src="/assets/main-dSfKHXvf.js"></script>
     <link rel="modulepreload" crossorigin href="/assets/modulepreload-polyfill-B5Qt9EMX.js">
     <link rel="modulepreload" crossorigin href="/assets/vendor-react-uS-d4TUT.js">
     <link rel="modulepreload" crossorigin href="/assets/vendor-three-DJ4p3FLF.js">
-    <link rel="stylesheet" crossorigin href="/assets/main-BefR5p6u.css">
+    <link rel="stylesheet" crossorigin href="/assets/main-C6IAMrFB.css">
   </head>
   <body>
     <div id="app"></div>

package/dist/locales/de/terminal.json

@@ -393,7 +393,11 @@
     "acceptCurrent": "Aktuellen akzeptieren",
     "acceptIncoming": "Eingehenden akzeptieren",
     "acceptAllCurrent": "Alle aktuellen akzeptieren",
+    "prevConflict": "Vorheriger Konflikt",
+    "nextConflict": "Nächster Konflikt",
+    "acceptBoth": "Beide akzeptieren",
     "acceptAllIncoming": "Alle eingehenden akzeptieren",
+    "acceptAllBoth": "Alle beide akzeptieren",
     "saving": "Wird gespeichert...",
     "saveAndResolve": "Speichern & als gelöst markieren",
     "closeMiddleClick": "Schließen (Mittelklick)",

package/dist/locales/en/common.json

@@ -312,6 +312,18 @@
     "clickToOpen": "Click to open",
     "updated": "(updated)"
   },
+  "onboarding": {
+    "title": "Welcome to Tide Commander",
+    "subtitle": "Your AI team is ready to deploy",
+    "step1Title": "Deploy an Agent",
+    "step1Desc": "Spawn a Claude Code or Codex agent pointed at any project directory.",
+    "step2Title": "Give it a Task",
+    "step2Desc": "Type a prompt and the agent works autonomously in its own terminal.",
+    "step3Title": "Scale Your Team",
+    "step3Desc": "Add more agents, assign bosses, and monitor everything in real time.",
+    "createFirst": "Create Your First Agent",
+    "explore": "Explore First"
+  },
   "floatingButtons": {
     "settingsAndTools": "Settings & Tools",
     "commanderView": "Commander View",

package/dist/locales/en/config.json

@@ -88,7 +88,8 @@
     "fog": "Fog",
     "brightness": "Brightness",
     "floor": "Floor",
-    "sky": "Sky"
+    "sky": "Sky",
+    "battlefieldSize": "Battlefield Size"
   },
   "fogValues": {
     "off": "Off",

package/dist/locales/en/terminal.json

@@ -42,6 +42,7 @@
     "send": "Send",
     "attach": "Attach file",
     "attachOrPaste": "Attach file (or paste image)",
+    "dropToAttach": "Drop files to attach",
     "attachedFiles": "{{count}} file(s) attached",
     "removeAttachment": "Remove attachment",
     "pasteFilePath": "Paste a file path to attach",
@@ -393,7 +394,11 @@
     "acceptCurrent": "Accept Current",
     "acceptIncoming": "Accept Incoming",
     "acceptAllCurrent": "Accept All Current",
+    "prevConflict": "Previous Conflict",
+    "nextConflict": "Next Conflict",
+    "acceptBoth": "Accept Both",
     "acceptAllIncoming": "Accept All Incoming",
+    "acceptAllBoth": "Accept All Both",
     "saving": "Saving...",
     "saveAndResolve": "Save & Mark Resolved",
     "closeMiddleClick": "Close (Middle-click)",

package/dist/locales/es/terminal.json

@@ -393,7 +393,11 @@
     "acceptCurrent": "Aceptar actual",
     "acceptIncoming": "Aceptar entrante",
     "acceptAllCurrent": "Aceptar todo actual",
+    "prevConflict": "Conflicto anterior",
+    "nextConflict": "Conflicto siguiente",
+    "acceptBoth": "Aceptar ambos",
     "acceptAllIncoming": "Aceptar todo entrante",
+    "acceptAllBoth": "Aceptar todos ambos",
     "saving": "Guardando...",
     "saveAndResolve": "Guardar y marcar como resuelto",
     "closeMiddleClick": "Cerrar (clic medio)",

package/dist/locales/fr/terminal.json

@@ -393,7 +393,11 @@
     "acceptCurrent": "Accepter l'actuel",
     "acceptIncoming": "Accepter l'entrant",
     "acceptAllCurrent": "Tout accepter (actuel)",
+    "prevConflict": "Conflit précédent",
+    "nextConflict": "Conflit suivant",
+    "acceptBoth": "Accepter les deux",
     "acceptAllIncoming": "Tout accepter (entrant)",
+    "acceptAllBoth": "Tout accepter (les deux)",
     "saving": "Enregistrement...",
     "saveAndResolve": "Enregistrer et marquer comme résolu",
     "closeMiddleClick": "Fermer (clic molette)",

package/dist/locales/hi/terminal.json

@@ -393,7 +393,11 @@
     "acceptCurrent": "वर्तमान स्वीकार करें",
     "acceptIncoming": "आने वाली स्वीकार करें",
     "acceptAllCurrent": "सभी वर्तमान स्वीकार करें",
+    "prevConflict": "पिछला विवाद",
+    "nextConflict": "अगला विवाद",
+    "acceptBoth": "दोनों स्वीकार करें",
     "acceptAllIncoming": "सभी आने वाली स्वीकार करें",
+    "acceptAllBoth": "सभी दोनों स्वीकार करें",
     "saving": "सहेजा जा रहा है...",
     "saveAndResolve": "सहेजें और हल करें",
     "closeMiddleClick": "बंद करें (मिडिल-क्लिक)",

package/dist/locales/it/terminal.json

@@ -393,7 +393,11 @@
     "acceptCurrent": "Accetta corrente",
     "acceptIncoming": "Accetta in arrivo",
     "acceptAllCurrent": "Accetta tutti corrente",
+    "prevConflict": "Conflitto precedente",
+    "nextConflict": "Conflitto successivo",
+    "acceptBoth": "Accetta entrambi",
     "acceptAllIncoming": "Accetta tutti in arrivo",
+    "acceptAllBoth": "Accetta tutti entrambi",
     "saving": "Salvataggio...",
     "saveAndResolve": "Salva e segna come risolto",
     "closeMiddleClick": "Chiudi (clic centrale)",

package/dist/locales/ja/terminal.json

@@ -393,7 +393,11 @@
     "acceptCurrent": "現在を採用",
     "acceptIncoming": "受信を採用",
     "acceptAllCurrent": "すべて現在を採用",
+    "prevConflict": "前の競合",
+    "nextConflict": "次の競合",
+    "acceptBoth": "両方を採用",
     "acceptAllIncoming": "すべて受信を採用",
+    "acceptAllBoth": "すべて両方を採用",
     "saving": "保存中...",
     "saveAndResolve": "保存して解決済みにする",
     "closeMiddleClick": "閉じる (中クリック)",

package/dist/locales/pt/terminal.json

@@ -393,7 +393,11 @@
     "acceptCurrent": "Aceitar Atual",
     "acceptIncoming": "Aceitar Recebida",
     "acceptAllCurrent": "Aceitar Todas Atuais",
+    "prevConflict": "Conflito anterior",
+    "nextConflict": "Conflito seguinte",
+    "acceptBoth": "Aceitar Ambas",
     "acceptAllIncoming": "Aceitar Todas Recebidas",
+    "acceptAllBoth": "Aceitar Todas Ambas",
     "saving": "Salvando...",
     "saveAndResolve": "Salvar e Marcar como Resolvido",
     "closeMiddleClick": "Fechar (Clique do meio)",

package/dist/locales/ru/terminal.json

@@ -393,7 +393,11 @@
     "acceptCurrent": "Принять текущую",
     "acceptIncoming": "Принять входящую",
     "acceptAllCurrent": "Принять все текущие",
+    "prevConflict": "Предыдущий конфликт",
+    "nextConflict": "Следующий конфликт",
+    "acceptBoth": "Принять оба",
     "acceptAllIncoming": "Принять все входящие",
+    "acceptAllBoth": "Принять все оба",
     "saving": "Сохранение...",
     "saveAndResolve": "Сохранить и отметить решённым",
     "closeMiddleClick": "Закрыть (средний клик)",

package/dist/locales/zh-CN/terminal.json

@@ -393,7 +393,11 @@
     "acceptCurrent": "接受当前",
     "acceptIncoming": "接受传入",
     "acceptAllCurrent": "接受所有当前",
+    "prevConflict": "上一个冲突",
+    "nextConflict": "下一个冲突",
+    "acceptBoth": "接受两者",
     "acceptAllIncoming": "接受所有传入",
+    "acceptAllBoth": "接受所有两者",
     "saving": "保存中...",
     "saveAndResolve": "保存并标记为已解决",
     "closeMiddleClick": "关闭（中键点击）",

package/dist/src/packages/server/cli.js

@@ -1,5 +1,6 @@
 #!/usr/bin/env node
-import { spawn } from 'node:child_process';
+import { execSync, spawn } from 'node:child_process';
+import { randomBytes } from 'node:crypto';
 import fs from 'node:fs';
 import os from 'node:os';
 import path from 'node:path';
@@ -11,6 +12,9 @@ const PID_FILE = path.join(PID_DIR, 'server.pid');
 const META_FILE = path.join(PID_DIR, 'server-meta.json');
 const LOG_FILE = path.join(process.cwd(), 'logs', 'server.log');
 const PACKAGE_NAME = 'tide-commander';
+const TLS_DIR = path.join(os.homedir(), '.tide-commander', 'certs');
+const DEFAULT_TLS_KEY_FILE = path.join(TLS_DIR, 'localhost-key.pem');
+const DEFAULT_TLS_CERT_FILE = path.join(TLS_DIR, 'localhost.pem');
 function findProjectRoot(startDir) {
     let current = startDir;
     while (current !== path.dirname(current)) {
@@ -35,6 +39,15 @@ Options:
   -p, --port <port>     Set server port (default: 6200)
   -H, --host <host>     Set server host (default: 127.0.0.1)
   -l, --listen-all      Listen on all network interfaces
+      --https           Enable HTTPS/WSS server mode
+      --tls-key <path>  TLS private key path (PEM)
+      --tls-cert <path> TLS certificate path (PEM)
+      --install-local-cert
+                        Install local trusted cert with mkcert
+      --auth-token <token>
+                        Set AUTH_TOKEN for this server run
+      --generate-auth-token
+                        Generate a secure AUTH_TOKEN automatically
   -f, --foreground      Run in foreground (default is background)
       --lines <n>       Number of log lines for logs command (default: 100)
       --follow          Follow logs stream (like tail -f)
@@ -79,6 +92,42 @@ function parseArgs(argv) {
             case '--listen-all':
                 options.listenAll = true;
                 break;
+            case '--https':
+                options.https = true;
+                break;
+            case '--tls-key': {
+                const value = argv[i + 1];
+                if (!value || value.startsWith('-')) {
+                    throw new Error(`Missing value for ${arg}`);
+                }
+                options.tlsKey = value;
+                i += 1;
+                break;
+            }
+            case '--tls-cert': {
+                const value = argv[i + 1];
+                if (!value || value.startsWith('-')) {
+                    throw new Error(`Missing value for ${arg}`);
+                }
+                options.tlsCert = value;
+                i += 1;
+                break;
+            }
+            case '--install-local-cert':
+                options.installLocalCert = true;
+                break;
+            case '--auth-token': {
+                const value = argv[i + 1];
+                if (!value || value.startsWith('-')) {
+                    throw new Error(`Missing value for ${arg}`);
+                }
+                options.authToken = value;
+                i += 1;
+                break;
+            }
+            case '--generate-auth-token':
+                options.generateAuthToken = true;
+                break;
             case '-f':
             case '--foreground':
                 if (options.command === 'logs') {
@@ -149,7 +198,9 @@ function readServerMeta() {
         const parsed = JSON.parse(raw);
         if (typeof parsed.pid === 'number'
             && typeof parsed.host === 'string'
-            && typeof parsed.port === 'string') {
+            && typeof parsed.port === 'string'
+            && (parsed.https === undefined || typeof parsed.https === 'boolean')
+            && (parsed.authEnabled === undefined || typeof parsed.authEnabled === 'boolean')) {
             return parsed;
         }
         return null;
@@ -166,6 +217,42 @@ function clearServerMeta() {
         // no-op
     }
 }
+function resolveFromCwd(filePath) {
+    if (filePath.startsWith('~/')) {
+        return path.join(os.homedir(), filePath.slice(2));
+    }
+    if (path.isAbsolute(filePath)) {
+        return filePath;
+    }
+    return path.resolve(process.cwd(), filePath);
+}
+function ensureFileExists(filePath, label) {
+    if (!fs.existsSync(filePath)) {
+        throw new Error(`${label} not found: ${filePath}`);
+    }
+}
+function installLocalCert(host) {
+    fs.mkdirSync(TLS_DIR, { recursive: true });
+    const mkcertCmd = 'mkcert -install';
+    try {
+        spawnSyncOrThrow(mkcertCmd);
+    }
+    catch {
+        throw new Error('mkcert is required for --install-local-cert');
+    }
+    const hostArgs = ['localhost', '127.0.0.1', '::1'];
+    if (host !== 'localhost' && host !== '127.0.0.1' && host !== '::1' && host !== '0.0.0.0' && host !== '::') {
+        hostArgs.push(host);
+    }
+    const mkcertGenCmd = `mkcert -cert-file "${DEFAULT_TLS_CERT_FILE}" -key-file "${DEFAULT_TLS_KEY_FILE}" ${hostArgs.join(' ')}`;
+    spawnSyncOrThrow(mkcertGenCmd);
+    ensureFileExists(DEFAULT_TLS_CERT_FILE, 'TLS cert');
+    ensureFileExists(DEFAULT_TLS_KEY_FILE, 'TLS key');
+    return { keyPath: DEFAULT_TLS_KEY_FILE, certPath: DEFAULT_TLS_CERT_FILE };
+}
+function spawnSyncOrThrow(command) {
+    execSync(command, { stdio: 'ignore' });
+}
 function readPidFile() {
     try {
         const raw = fs.readFileSync(PID_FILE, 'utf8').trim();
@@ -277,13 +364,16 @@ async function statusCommand() {
     const meta = readServerMeta();
     const port = meta?.port ?? process.env.PORT ?? '6200';
     const host = meta?.host ?? process.env.HOST ?? 'localhost';
-    const url = `http://${host}:${port}`;
+    const protocol = meta?.https ? 'https' : 'http';
+    const url = `${protocol}://${host}:${port}`;
+    const authEnabled = meta?.authEnabled === true;
     const uptime = getProcessUptime(pid);
     const version = getPackageVersion();
     console.log(`\n${cyan}${bright}🌊 Tide Commander Status${reset}`);
     console.log(`${cyan}${'═'.repeat(60)}${reset}`);
     console.log(`${green}✓ Running${reset} (PID: ${pid})`);
     console.log(`${blue}${bright}🚀 Access: ${url}${reset}`);
+    console.log(`   Auth: ${authEnabled ? 'enabled' : 'disabled'}`);
     console.log(`   Version: ${version}`);
     const npmVersion = await checkNpmVersion(PACKAGE_NAME, version);
     if (npmVersion.relation === 'behind' && npmVersion.latestVersion) {
@@ -415,6 +505,9 @@ function printUpdateNotice(latestVersion) {
     const dim = '\x1b[2m';
     console.log(`${yellow}${bright}⬆  Update available: v${latestVersion}${reset} ${dim}(run: bunx tide-commander@latest)${reset}`);
 }
+function generateAuthToken() {
+    return randomBytes(32).toString('hex');
+}
 function versionCommand() {
     try {
         const version = getPackageVersion();
@@ -454,6 +547,47 @@ async function main() {
         process.env.HOST = '0.0.0.0';
         process.env.LISTEN_ALL_INTERFACES = '1';
     }
+    if (options.tlsKey && !options.tlsCert) {
+        throw new Error('--tls-key requires --tls-cert');
+    }
+    if (options.tlsCert && !options.tlsKey) {
+        throw new Error('--tls-cert requires --tls-key');
+    }
+    if (options.generateAuthToken && options.authToken) {
+        throw new Error('--generate-auth-token cannot be used with --auth-token');
+    }
+    const shouldEnableHttps = options.https === true
+        || options.installLocalCert === true
+        || options.tlsKey !== undefined
+        || options.tlsCert !== undefined
+        || process.env.HTTPS === '1';
+    if (shouldEnableHttps) {
+        process.env.HTTPS = '1';
+    }
+    if (options.installLocalCert) {
+        const host = process.env.HOST || 'localhost';
+        const generated = installLocalCert(host);
+        process.env.TLS_KEY_PATH = generated.keyPath;
+        process.env.TLS_CERT_PATH = generated.certPath;
+    }
+    if (options.tlsKey && options.tlsCert) {
+        process.env.TLS_KEY_PATH = resolveFromCwd(options.tlsKey);
+        process.env.TLS_CERT_PATH = resolveFromCwd(options.tlsCert);
+    }
+    if (process.env.HTTPS === '1') {
+        const tlsKeyPath = resolveFromCwd(process.env.TLS_KEY_PATH || DEFAULT_TLS_KEY_FILE);
+        const tlsCertPath = resolveFromCwd(process.env.TLS_CERT_PATH || DEFAULT_TLS_CERT_FILE);
+        ensureFileExists(tlsKeyPath, 'TLS key');
+        ensureFileExists(tlsCertPath, 'TLS cert');
+        process.env.TLS_KEY_PATH = tlsKeyPath;
+        process.env.TLS_CERT_PATH = tlsCertPath;
+    }
+    if (options.generateAuthToken) {
+        process.env.AUTH_TOKEN = generateAuthToken();
+    }
+    else if (options.authToken) {
+        process.env.AUTH_TOKEN = options.authToken;
+    }
     const cliDir = path.dirname(fileURLToPath(import.meta.url));
     const serverLaunch = resolveServerLaunch(cliDir);
     const runInForeground = options.foreground === true || process.env.TIDE_COMMANDER_FOREGROUND === '1';
@@ -461,6 +595,12 @@ async function main() {
     const hasStartupOverrides = options.port !== undefined
         || options.host !== undefined
         || options.listenAll === true
+        || options.https === true
+        || options.tlsKey !== undefined
+        || options.tlsCert !== undefined
+        || options.installLocalCert === true
+        || options.authToken !== undefined
+        || options.generateAuthToken === true
         || options.foreground === true;
     if (existingPid && isRunning(existingPid)) {
         if (hasStartupOverrides) {
@@ -483,7 +623,9 @@ async function main() {
             const meta = readServerMeta();
             const port = meta?.port ?? process.env.PORT ?? '6200';
             const host = meta?.host ?? process.env.HOST ?? 'localhost';
-            const url = `http://${host}:${port}`;
+            const protocol = meta?.https ? 'https' : 'http';
+            const url = `${protocol}://${host}:${port}`;
+            const authEnabled = meta?.authEnabled === true;
             const dim = '\x1b[2m';
             const yellow = '\x1b[33m';
             const cyan = '\x1b[36m';
@@ -495,6 +637,7 @@ async function main() {
             console.log(`\n${cyan}${bright}🌊 Tide Commander${reset} ${dim}(already running, PID: ${existingPid})${reset}`);
             console.log(`${cyan}${'═'.repeat(60)}${reset}`);
             console.log(`${blue}${bright}🚀 Open: ${url}${reset}`);
+            console.log(`   Auth: ${authEnabled ? 'enabled' : 'disabled'}`);
             console.log(`   Version: ${currentVer}`);
             const npmVersion = await checkNpmVersion(PACKAGE_NAME, currentVer);
             if (npmVersion.relation === 'behind' && npmVersion.latestVersion) {
@@ -537,12 +680,16 @@ async function main() {
                 pid: child.pid,
                 host: process.env.HOST || 'localhost',
                 port: process.env.PORT || '6200',
+                https: process.env.HTTPS === '1',
+                authEnabled: Boolean(process.env.AUTH_TOKEN),
             });
         }
         child.unref();
         const port = process.env.PORT || '6200';
         const host = process.env.HOST || 'localhost';
-        const url = `http://${host}:${port}`;
+        const protocol = process.env.HTTPS === '1' ? 'https' : 'http';
+        const url = `${protocol}://${host}:${port}`;
+        const authEnabled = Boolean(process.env.AUTH_TOKEN);
         // ANSI color codes for beautiful output
         const cyan = '\x1b[36m';
         const green = '\x1b[32m';
@@ -556,7 +703,11 @@ async function main() {
         const currentVersion = getPackageVersion();
         console.log(`${green}✓${reset} Started in background (PID: ${child.pid ?? 'unknown'})`);
         console.log(`${blue}${bright}🚀 Open: ${url}${reset}`);
+        console.log(`   Auth: ${authEnabled ? 'enabled' : 'disabled'}`);
         console.log(`   Version: ${currentVersion}`);
+        if (options.generateAuthToken && process.env.AUTH_TOKEN) {
+            console.log(`   Generated AUTH_TOKEN: ${process.env.AUTH_TOKEN}`);
+        }
         const npmVersion = await checkNpmVersion(PACKAGE_NAME, currentVersion);
         if (npmVersion.relation === 'behind' && npmVersion.latestVersion) {
             printUpdateNotice(npmVersion.latestVersion);
@@ -578,6 +729,8 @@ async function main() {
             pid: child.pid,
             host: process.env.HOST || 'localhost',
             port: process.env.PORT || '6200',
+            https: process.env.HTTPS === '1',
+            authEnabled: Boolean(process.env.AUTH_TOKEN),
         });
     }
     child.on('exit', (code, signal) => {

package/dist/src/packages/server/data/builtin-skills/index.js

@@ -14,6 +14,7 @@ import { bitbucketPR } from './bitbucket-pr.js';
 import { pm2Logs } from './pm2-logs.js';
 import { createBuilding } from './create-building.js';
 import { releasePipeline } from './release-pipeline.js';
+import { taskLabel } from './task-label.js';
 /**
  * All built-in skills that ship with Tide Commander
  */
@@ -27,6 +28,7 @@ export const BUILTIN_SKILLS = [
     pm2Logs,
     createBuilding,
     releasePipeline,
+    taskLabel,
 ];
 /**
  * Get the ID for a built-in skill based on its slug

package/dist/src/packages/server/data/builtin-skills/task-label.js

@@ -0,0 +1,29 @@
+export const taskLabel = {
+    slug: 'task-label',
+    name: 'Task Label',
+    description: 'Generate a brief task label for scene display',
+    allowedTools: ['Bash(curl:*)'],
+    assignedAgentClasses: ['*'],
+    content: `# Task Label (MANDATORY - Execute FIRST)
+
+**IMPORTANT: Before doing ANY other work, you MUST generate a brief task label describing your current task.**
+
+## Steps (do this FIRST before anything else):
+1. Read the user's request
+2. Generate a 1-5 word summary of the task (e.g., "Fix auth bug", "Add dark mode", "Refactor API calls", "Update tests")
+3. Call the API to set your task label:
+
+\`\`\`bash
+curl -s -X PATCH http://localhost:5174/api/agents/YOUR_AGENT_ID -H "Content-Type: application/json" -d '{"taskLabel":"YOUR 1-5 WORD LABEL"}'
+\`\`\`
+
+4. Then proceed with the actual task
+
+## Rules
+- Keep labels between 1-5 words maximum
+- Use action verbs: Fix, Add, Update, Refactor, Debug, Implement, Remove, etc.
+- Be specific but concise (e.g., "Fix login redirect" not "Work on stuff")
+- Do this BEFORE any other work - it should be your very first action
+- Do NOT use exclamation marks (!) in the label - they cause bash errors
+- Replace YOUR_AGENT_ID with your actual agent ID from the system prompt`,
+};

package/dist/src/packages/server/data/index.js

@@ -132,6 +132,7 @@ function toStoredAgents(agents) {
         currentTask: agent.currentTask,
         lastAssignedTask: agent.lastAssignedTask,
         lastAssignedTaskTime: agent.lastAssignedTaskTime,
+        taskLabel: agent.taskLabel,
         isBoss: agent.isBoss,
         subordinateIds: agent.subordinateIds,
         bossId: agent.bossId,

package/dist/src/packages/server/index.js

@@ -4,6 +4,8 @@
  */
 import 'dotenv/config';
 import { createServer } from 'http';
+import { createServer as createHttpsServer } from 'https';
+import fs from 'node:fs';
 import { createApp } from './app.js';
 import { agentService, runtimeService, supervisorService, bossService, skillService, customClassService, secretsService, buildingService } from './services/index.js';
 import * as websocket from './websocket/handler.js';
@@ -12,6 +14,9 @@ import { logger, closeFileLogging, getLogFilePath } from './utils/logger.js';
 // Configuration
 const PORT = process.env.PORT || 6200;
 const HOST = process.env.HOST || (process.env.LISTEN_ALL_INTERFACES ? '::' : '127.0.0.1');
+const HTTPS_ENABLED = process.env.HTTPS === '1';
+const TLS_KEY_PATH = process.env.TLS_KEY_PATH;
+const TLS_CERT_PATH = process.env.TLS_CERT_PATH;
 const FORCE_SHUTDOWN_TIMEOUT_MS = 4500;
 // ============================================================================
 // Global Error Handlers
@@ -57,7 +62,12 @@ async function main() {
     logger.server.log(`Log file: ${getLogFilePath()}`);
     // Create Express app and HTTP server
     const app = createApp();
-    const server = createServer(app);
+    const server = HTTPS_ENABLED
+        ? createHttpsServer({
+            key: fs.readFileSync(assertTlsPath(TLS_KEY_PATH, 'TLS_KEY_PATH')),
+            cert: fs.readFileSync(assertTlsPath(TLS_CERT_PATH, 'TLS_CERT_PATH')),
+        }, app)
+        : createServer(app);
     const sockets = new Set();
     server.on('connection', (socket) => {
         sockets.add(socket);
@@ -83,9 +93,11 @@ async function main() {
         }
     });
     server.listen(Number(PORT), HOST, () => {
-        logger.server.log(`Server running on http://${HOST}:${PORT}`);
-        logger.server.log(`WebSocket available at ws://${HOST}:${PORT}/ws`);
-        logger.server.log(`API available at http://${HOST}:${PORT}/api`);
+        const protocol = HTTPS_ENABLED ? 'https' : 'http';
+        const wsProtocol = HTTPS_ENABLED ? 'wss' : 'ws';
+        logger.server.log(`Server running on ${protocol}://${HOST}:${PORT}`);
+        logger.server.log(`WebSocket available at ${wsProtocol}://${HOST}:${PORT}/ws`);
+        logger.server.log(`API available at ${protocol}://${HOST}:${PORT}/api`);
     });
     let isShuttingDown = false;
     const gracefulShutdown = async (signal) => {
@@ -126,4 +138,10 @@ async function main() {
     process.on('SIGINT', () => { void gracefulShutdown('SIGINT'); });
     process.on('SIGTERM', () => { void gracefulShutdown('SIGTERM'); });
 }
+function assertTlsPath(value, envName) {
+    if (!value) {
+        throw new Error(`${envName} is required when HTTPS=1`);
+    }
+    return value;
+}
 main().catch(console.error);

package/dist/src/packages/server/services/runtime-command-execution.js

@@ -24,6 +24,7 @@ export function createRuntimeCommandExecution(deps) {
         if (!isSystemMessage) {
             updateData.lastAssignedTask = command;
             updateData.lastAssignedTaskTime = Date.now();
+            updateData.taskLabel = undefined; // Clear for agent to regenerate via skill
         }
         if (Object.keys(updateData).length > 0) {
             agentService.updateAgent(agentId, updateData);
@@ -75,6 +76,7 @@ export function createRuntimeCommandExecution(deps) {
                     if (!isSystemMessage) {
                         updateData.lastAssignedTask = command;
                         updateData.lastAssignedTaskTime = Date.now();
+                        updateData.taskLabel = undefined; // Clear for agent to regenerate via skill
                     }
                     agentService.updateAgent(agentId, updateData);
                     startStdinWatchdog({

package/dist/src/packages/server/services/skill-service.js

@@ -250,8 +250,8 @@ export function getSkillsForAgent(agentId, agentClass) {
         // Check direct assignment
         if (skill.assignedAgentIds.includes(agentId))
             return true;
-        // Check class assignment
-        if (skill.assignedAgentClasses.includes(agentClass))
+        // Check class assignment (supports '*' wildcard for all classes)
+        if (skill.assignedAgentClasses.includes('*') || skill.assignedAgentClasses.includes(agentClass))
             return true;
         return false;
     });
@@ -432,8 +432,8 @@ async function handleSkillContentUpdate(skill) {
         // Check direct assignment
         if (skill.assignedAgentIds.includes(agent.id))
             return true;
-        // Check class assignment
-        if (skill.assignedAgentClasses.includes(agent.class))
+        // Check class assignment (supports '*' wildcard for all classes)
+        if (skill.assignedAgentClasses.includes('*') || skill.assignedAgentClasses.includes(agent.class))
             return true;
         return false;
     });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "tide-commander",
-  "version": "0.83.0",
+  "version": "0.84.0",
   "description": "Visual multi-agent orchestrator and manager for Claude Code with 3D/2D interface",
   "repository": {
     "type": "git",