upfynai-code 2.5.0 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (130) hide show
  1. package/README.md +131 -0
  2. package/client/dist/assets/{AppContent-CRld2UWX.js → AppContent-C0CyP3g5.js} +3 -3
  3. package/client/dist/assets/{CanvasPanel-CB4sweQq.js → CanvasPanel-0u9QR7U-.js} +5 -5
  4. package/client/dist/assets/DashboardPanel-Dgqw1yZk.js +1 -0
  5. package/client/dist/assets/{LoginModal-BwkvjfPR.js → LoginModal-CZDEzqjK.js} +1 -1
  6. package/client/dist/assets/Onboarding-DR6NZ4Vz.js +1 -0
  7. package/client/dist/assets/{SetupForm-CH5EA5W0.js → SetupForm-D49gtWY4.js} +1 -1
  8. package/client/dist/assets/{WorkflowsPanel-CO5g5yGG.js → WorkflowsPanel-CqlbEJA_.js} +1 -1
  9. package/client/dist/assets/{ar-SA-G6X2FPQ2-DoJuo98H.js → ar-SA-G6X2FPQ2-BWqa1yBH.js} +1 -1
  10. package/client/dist/assets/{arc-B0wBaTeh.js → arc-BegSKqEW.js} +1 -1
  11. package/client/dist/assets/{az-AZ-76LH7QW2-xdrt1Z13.js → az-AZ-76LH7QW2-DrVlbZDP.js} +1 -1
  12. package/client/dist/assets/{bg-BG-XCXSNQG7-D8NAiF6Y.js → bg-BG-XCXSNQG7-DdunjBgT.js} +1 -1
  13. package/client/dist/assets/{blockDiagram-38ab4fdb-DSnyKzK4.js → blockDiagram-38ab4fdb-BKMbwGHu.js} +1 -1
  14. package/client/dist/assets/{bn-BD-2XOGV67Q-B0qWv8_J.js → bn-BD-2XOGV67Q-_7DtmvwO.js} +1 -1
  15. package/client/dist/assets/{c4Diagram-3d4e48cf-DoZJ13XA.js → c4Diagram-3d4e48cf-hJuiHhSn.js} +1 -1
  16. package/client/dist/assets/{ca-ES-6MX7JW3Y-RgLhfbZZ.js → ca-ES-6MX7JW3Y-BFIrmojG.js} +1 -1
  17. package/client/dist/assets/channel-Bur-rRTp.js +1 -0
  18. package/client/dist/assets/{classDiagram-70f12bd4-GNyDrRCk.js → classDiagram-70f12bd4-BjiAf9cM.js} +1 -1
  19. package/client/dist/assets/{classDiagram-v2-f2320105-CxdGhHm2.js → classDiagram-v2-f2320105-pwBewejc.js} +1 -1
  20. package/client/dist/assets/clone-BtqXeoBJ.js +1 -0
  21. package/client/dist/assets/{createText-2e5e7dd3-DiPywQOa.js → createText-2e5e7dd3-Dq_acOWe.js} +1 -1
  22. package/client/dist/assets/{cs-CZ-2BRQDIVT-BAjmnuoC.js → cs-CZ-2BRQDIVT-B-x4F6TJ.js} +1 -1
  23. package/client/dist/assets/{da-DK-5WZEPLOC-JxKVGt8o.js → da-DK-5WZEPLOC-Btlc8Dgn.js} +1 -1
  24. package/client/dist/assets/{de-DE-XR44H4JA-CrnRlt4z.js → de-DE-XR44H4JA-BVu3ZIoD.js} +1 -1
  25. package/client/dist/assets/{edges-e0da2a9e-DDsXzXLJ.js → edges-e0da2a9e-DH0wVTXR.js} +1 -1
  26. package/client/dist/assets/{el-GR-BZB4AONW-DQd8iogq.js → el-GR-BZB4AONW-h2ll8_ZC.js} +1 -1
  27. package/client/dist/assets/{erDiagram-9861fffd-CBiCC4rl.js → erDiagram-9861fffd-BYezLIR7.js} +1 -1
  28. package/client/dist/assets/{es-ES-U4NZUMDT-vvUblc5i.js → es-ES-U4NZUMDT-Cveiulwt.js} +1 -1
  29. package/client/dist/assets/{eu-ES-A7QVB2H4-De4NNCc1.js → eu-ES-A7QVB2H4-DQluL2PY.js} +1 -1
  30. package/client/dist/assets/{fa-IR-HGAKTJCU-DFBXqIqq.js → fa-IR-HGAKTJCU-BJtcMBSv.js} +1 -1
  31. package/client/dist/assets/{fi-FI-Z5N7JZ37-DV9zESPg.js → fi-FI-Z5N7JZ37-D8NfbVXV.js} +1 -1
  32. package/client/dist/assets/{flowDb-956e92f1-BhdSHbdO.js → flowDb-956e92f1-scnUykhM.js} +1 -1
  33. package/client/dist/assets/{flowDiagram-66a62f08-M-fp1_Ie.js → flowDiagram-66a62f08-jVyWsfyU.js} +1 -1
  34. package/client/dist/assets/flowDiagram-v2-96b9c2cf-N6xgi25h.js +1 -0
  35. package/client/dist/assets/{flowchart-elk-definition-4a651766-Bp0SonQx.js → flowchart-elk-definition-4a651766-gKGX3HqR.js} +1 -1
  36. package/client/dist/assets/{fr-FR-RHASNOE6-CKTMXuGk.js → fr-FR-RHASNOE6-vdj42kC6.js} +1 -1
  37. package/client/dist/assets/{ganttDiagram-c361ad54-iA737GUS.js → ganttDiagram-c361ad54-C2CiWFUP.js} +1 -1
  38. package/client/dist/assets/{gitGraphDiagram-72cf32ee-BX-wj-PV.js → gitGraphDiagram-72cf32ee-C59Yz2LK.js} +1 -1
  39. package/client/dist/assets/{gl-ES-HMX3MZ6V-Cdiqq4jY.js → gl-ES-HMX3MZ6V-DQo0TzoP.js} +1 -1
  40. package/client/dist/assets/{graph-Rxkx3sEa.js → graph-Dx_H43Kv.js} +1 -1
  41. package/client/dist/assets/{he-IL-6SHJWFNN-gYmR5_KT.js → he-IL-6SHJWFNN-DKXK5e33.js} +1 -1
  42. package/client/dist/assets/{hi-IN-IWLTKZ5I-pyqK94AR.js → hi-IN-IWLTKZ5I-C2Qgqc0R.js} +1 -1
  43. package/client/dist/assets/{hu-HU-A5ZG7DT2-DpacJgJy.js → hu-HU-A5ZG7DT2-Ss-6vX0m.js} +1 -1
  44. package/client/dist/assets/{id-ID-SAP4L64H-CAvIX-mj.js → id-ID-SAP4L64H-D7Wsg1S2.js} +1 -1
  45. package/client/dist/assets/{index-3862675e-BX3Fpn6V.js → index-3862675e-u8Nv7hHC.js} +1 -1
  46. package/client/dist/assets/{index-BBlwbHq_.js → index-BVowJdZF.js} +4 -4
  47. package/client/dist/assets/{index-ClfzLIqY.js → index-ce18TYkg.js} +4 -4
  48. package/client/dist/assets/index-kQoJx-bc.css +1 -0
  49. package/client/dist/assets/{infoDiagram-f8f76790-Ckv8imiv.js → infoDiagram-f8f76790-LmoJYsxo.js} +1 -1
  50. package/client/dist/assets/{it-IT-JPQ66NNP-BtpNRSce.js → it-IT-JPQ66NNP-CAPTVl7M.js} +1 -1
  51. package/client/dist/assets/{ja-JP-DBVTYXUO-CwJRyY6M.js → ja-JP-DBVTYXUO-eNVPawR2.js} +1 -1
  52. package/client/dist/assets/{journeyDiagram-49397b02-DWWZssji.js → journeyDiagram-49397b02-BaJqehpR.js} +1 -1
  53. package/client/dist/assets/{kaa-6HZHGXH3-DIWQEb4A.js → kaa-6HZHGXH3-tpuNkKhS.js} +1 -1
  54. package/client/dist/assets/{kab-KAB-ZGHBKWFO-DjGbqhUg.js → kab-KAB-ZGHBKWFO-Dp83kx4x.js} +1 -1
  55. package/client/dist/assets/{kk-KZ-P5N5QNE5-B_VzJdWf.js → kk-KZ-P5N5QNE5-B9IlC6YN.js} +1 -1
  56. package/client/dist/assets/{km-KH-HSX4SM5Z-DUD5mi0o.js → km-KH-HSX4SM5Z-B_KMYaMj.js} +1 -1
  57. package/client/dist/assets/{ko-KR-MTYHY66A--sDB10db.js → ko-KR-MTYHY66A-yebnUNdb.js} +1 -1
  58. package/client/dist/assets/{ku-TR-6OUDTVRD-CKvKrkcX.js → ku-TR-6OUDTVRD-BR6fh6-5.js} +1 -1
  59. package/client/dist/assets/{layout-CkB7sSeq.js → layout-DLl5Jwcl.js} +1 -1
  60. package/client/dist/assets/{line-DC7MA9qY.js → line-FpB7omSK.js} +1 -1
  61. package/client/dist/assets/{linear-C1lBBthf.js → linear-CkXqUFJ8.js} +1 -1
  62. package/client/dist/assets/{lt-LT-XHIRWOB4-MSZf7xYG.js → lt-LT-XHIRWOB4-SutZSWtR.js} +1 -1
  63. package/client/dist/assets/{lv-LV-5QDEKY6T-C-gvvmBB.js → lv-LV-5QDEKY6T-DuAxdcZL.js} +1 -1
  64. package/client/dist/assets/{mindmap-definition-fc14e90a-B3O7hztq.js → mindmap-definition-fc14e90a-DyxXOExh.js} +1 -1
  65. package/client/dist/assets/{mr-IN-CRQNXWMA-XHtBUWQH.js → mr-IN-CRQNXWMA-DqDUWM_8.js} +1 -1
  66. package/client/dist/assets/{my-MM-5M5IBNSE-D9eD2edL.js → my-MM-5M5IBNSE-C40kMFMR.js} +1 -1
  67. package/client/dist/assets/{nb-NO-T6EIAALU-BlImC6gp.js → nb-NO-T6EIAALU-DVij32Ju.js} +1 -1
  68. package/client/dist/assets/{nl-NL-IS3SIHDZ-CPFhnaSP.js → nl-NL-IS3SIHDZ-rT84mDYq.js} +1 -1
  69. package/client/dist/assets/{nn-NO-6E72VCQL-BMvoJSKQ.js → nn-NO-6E72VCQL-BBZXBW8V.js} +1 -1
  70. package/client/dist/assets/{oc-FR-POXYY2M6-Buye63LS.js → oc-FR-POXYY2M6-DzjOugOf.js} +1 -1
  71. package/client/dist/assets/{pa-IN-N4M65BXN-D9uQ3niy.js → pa-IN-N4M65BXN-DD1iU8_F.js} +1 -1
  72. package/client/dist/assets/{percentages-BXMCSKIN-BzXIakGM.js → percentages-BXMCSKIN-WVlHS4wx.js} +6 -6
  73. package/client/dist/assets/{pieDiagram-8a3498a8-BU38mzx-.js → pieDiagram-8a3498a8-Dd_85qBH.js} +1 -1
  74. package/client/dist/assets/{pl-PL-T2D74RX3-BqM4xdcg.js → pl-PL-T2D74RX3-ukVXa48G.js} +1 -1
  75. package/client/dist/assets/{pt-BR-5N22H2LF-rAjrxGyI.js → pt-BR-5N22H2LF-BibawarT.js} +1 -1
  76. package/client/dist/assets/{pt-PT-UZXXM6DQ-DXsqcwLt.js → pt-PT-UZXXM6DQ-So3i9l9w.js} +1 -1
  77. package/client/dist/assets/{quadrantDiagram-120e2f19-HhK4H1WU.js → quadrantDiagram-120e2f19-C4dFVDEx.js} +1 -1
  78. package/client/dist/assets/{requirementDiagram-deff3bca-aDrcyj-A.js → requirementDiagram-deff3bca-DrTO7yFl.js} +1 -1
  79. package/client/dist/assets/{ro-RO-JPDTUUEW-D_F9UKer.js → ro-RO-JPDTUUEW-DY0Xq_Hd.js} +1 -1
  80. package/client/dist/assets/{ru-RU-B4JR7IUQ-MirqN29p.js → ru-RU-B4JR7IUQ-B7u_Zvkd.js} +1 -1
  81. package/client/dist/assets/{sankeyDiagram-04a897e0-C6ij7qbQ.js → sankeyDiagram-04a897e0-D24gfzuS.js} +1 -1
  82. package/client/dist/assets/{sequenceDiagram-704730f1-C0EKO3th.js → sequenceDiagram-704730f1-Dgji2XLQ.js} +1 -1
  83. package/client/dist/assets/{si-LK-N5RQ5JYF-DyZC3mkC.js → si-LK-N5RQ5JYF-OejsLzQ_.js} +1 -1
  84. package/client/dist/assets/{sk-SK-C5VTKIMK-D-ksz-WY.js → sk-SK-C5VTKIMK-_vy2Bt-M.js} +1 -1
  85. package/client/dist/assets/{sl-SI-NN7IZMDC-CknuYoQ1.js → sl-SI-NN7IZMDC-DKOl_u2M.js} +1 -1
  86. package/client/dist/assets/{stateDiagram-587899a1-CYoq2VjL.js → stateDiagram-587899a1-CJ8eBaiU.js} +1 -1
  87. package/client/dist/assets/{stateDiagram-v2-d93cdb3a-C5lbp5px.js → stateDiagram-v2-d93cdb3a-C5K3l-Nt.js} +1 -1
  88. package/client/dist/assets/{styles-6aaf32cf-Dkfsk8gt.js → styles-6aaf32cf-DAKE0jbx.js} +1 -1
  89. package/client/dist/assets/{styles-9a916d00-CMYqtcEN.js → styles-9a916d00-LFAJCgEy.js} +1 -1
  90. package/client/dist/assets/{styles-c10674c1-Bp-5OlRU.js → styles-c10674c1-CllKO8NG.js} +1 -1
  91. package/client/dist/assets/{subset-shared.chunk-kfIB1Zam.js → subset-shared.chunk-Uy-J87FQ.js} +1 -1
  92. package/client/dist/assets/{subset-worker.chunk-DwQBgc4z.js → subset-worker.chunk-dvgDvqt9.js} +1 -1
  93. package/client/dist/assets/{sv-SE-XGPEYMSR-DwN13se1.js → sv-SE-XGPEYMSR-CDCB2ZV5.js} +1 -1
  94. package/client/dist/assets/{svgDrawCommon-08f97a94-CEgCMqs4.js → svgDrawCommon-08f97a94-CObOzbFQ.js} +1 -1
  95. package/client/dist/assets/{ta-IN-2NMHFXQM-ejDfFhwa.js → ta-IN-2NMHFXQM-DHUNdO69.js} +1 -1
  96. package/client/dist/assets/{th-TH-HPSO5L25-Bqc90ZNn.js → th-TH-HPSO5L25-zI2hnBq3.js} +1 -1
  97. package/client/dist/assets/{timeline-definition-85554ec2-BmGdKqG0.js → timeline-definition-85554ec2-C2XHRmxK.js} +1 -1
  98. package/client/dist/assets/{tr-TR-DEFEU3FU-CJvlPbcW.js → tr-TR-DEFEU3FU-l-6Hu4-D.js} +1 -1
  99. package/client/dist/assets/{uk-UA-QMV73CPH-D26-cbWL.js → uk-UA-QMV73CPH-CqSOwrl7.js} +1 -1
  100. package/client/dist/assets/{vendor-icons-aNdOvTr_.js → vendor-icons-Lb69KSFJ.js} +136 -126
  101. package/client/dist/assets/{vi-VN-M7AON7JQ-MbqIIwYM.js → vi-VN-M7AON7JQ-CUL8-mBZ.js} +1 -1
  102. package/client/dist/assets/{xychartDiagram-e933f94c-gfcTauxU.js → xychartDiagram-e933f94c-1fmf6slj.js} +1 -1
  103. package/client/dist/assets/{zh-CN-LNUGB5OW-BZSmhUdL.js → zh-CN-LNUGB5OW-CB5y5VVU.js} +1 -1
  104. package/client/dist/assets/{zh-HK-E62DVLB3-BJqejpiX.js → zh-HK-E62DVLB3-BHcrrEeJ.js} +1 -1
  105. package/client/dist/assets/{zh-TW-RAJ6MFWO-BBXtV-Uz.js → zh-TW-RAJ6MFWO-DoDUdkaJ.js} +1 -1
  106. package/client/dist/index.html +3 -3
  107. package/package.json +17 -14
  108. package/server/cli.js +44 -0
  109. package/server/database/db.js +16 -2
  110. package/server/index.js +2738 -2621
  111. package/server/middleware/auth.js +10 -2
  112. package/server/relay-client.js +73 -20
  113. package/server/routes/agent.js +1226 -1266
  114. package/server/routes/auth.js +32 -29
  115. package/server/routes/commands.js +598 -601
  116. package/server/routes/cursor.js +806 -807
  117. package/server/routes/dashboard.js +154 -1
  118. package/server/routes/git.js +1151 -1165
  119. package/server/routes/mcp.js +534 -551
  120. package/server/routes/settings.js +261 -269
  121. package/server/routes/taskmaster.js +1927 -1963
  122. package/server/routes/vapi-chat.js +94 -0
  123. package/server/routes/voice.js +0 -4
  124. package/server/sandbox.js +120 -0
  125. package/client/dist/assets/DashboardPanel-BXaA-b9z.js +0 -1
  126. package/client/dist/assets/Onboarding-2A_5fPxy.js +0 -1
  127. package/client/dist/assets/channel-BmO6nY0W.js +0 -1
  128. package/client/dist/assets/clone-xuHMqFoD.js +0 -1
  129. package/client/dist/assets/flowDiagram-v2-96b9c2cf-C5eiN8Pg.js +0 -1
  130. package/client/dist/assets/index-Td4UdtLF.css +0 -1
package/server/routes/auth.js CHANGED
@@ -100,47 +100,23 @@ router.post('/login', (req, res, next) => {
100
100
  next();
101
101
  }, async (req, res) => {
102
102
  try {
103
- const { username, password, firstName, lastName, phone } = req.body;
103
+ const { username, password } = req.body;
104
104
 
105
105
  if (!username || !password) {
106
- return res.status(400).json({ error: 'Email and password are required' });
106
+ return res.status(400).json({ error: 'Identifier and password are required' });
107
107
  }
108
108
 
109
109
  const user = await userDb.getUserByUsername(username.trim());
110
110
  if (!user) {
111
- return res.status(401).json({ error: 'Invalid email or password' });
111
+ return res.status(401).json({ error: 'Invalid credentials' });
112
112
  }
113
113
 
114
114
  const isValidPassword = await bcrypt.compare(password, user.password_hash);
115
115
  if (!isValidPassword) {
116
- return res.status(401).json({ error: 'Invalid email or password' });
116
+ return res.status(401).json({ error: 'Invalid credentials' });
117
117
  }
118
118
 
119
- // Update name/phone if provided and different from stored values
120
- const fName = (firstName || '').trim().slice(0, 50);
121
- const lName = (lastName || '').trim().slice(0, 50);
122
- const ph = (phone || '').trim().slice(0, 20);
123
- const updates = [];
124
- const args = [];
125
- if (fName && fName !== user.first_name) { updates.push('first_name = ?'); args.push(fName); }
126
- if (lName && lName !== user.last_name) { updates.push('last_name = ?'); args.push(lName); }
127
- if (ph && ph !== user.phone) { updates.push('phone = ?'); args.push(ph); }
128
- if (fName && lName && `${fName} ${lName}` !== user.username) {
129
- updates.push('username = ?');
130
- args.push(`${fName} ${lName}`);
131
- } else if (fName && !lName && fName !== user.username && !user.last_name) {
132
- updates.push('username = ?');
133
- args.push(fName);
134
- }
135
- if (updates.length > 0) {
136
- try {
137
- args.push(user.id);
138
- await db.execute({ sql: `UPDATE users SET ${updates.join(', ')} WHERE id = ?`, args });
139
- } catch { /* non-critical profile update */ }
140
- }
141
-
142
- // Re-fetch user to get updated fields
143
- const updatedUser = updates.length > 0 ? (await userDb.getUserById(user.id)) || user : user;
119
+ const updatedUser = user;
144
120
 
145
121
  // Generate token + set cookie
146
122
  const token = generateToken(updatedUser);
@@ -254,6 +230,33 @@ router.get('/connect-token', authenticateToken, async (req, res) => {
254
230
  }
255
231
  });
256
232
 
233
+ // Update profile — phone only (email and other sensitive fields are read-only)
234
+ router.patch('/profile', authenticateToken, async (req, res) => {
235
+ try {
236
+ const userId = req.user.id;
237
+ const { phone } = req.body;
238
+
239
+ if (phone === undefined) {
240
+ return res.status(400).json({ error: 'No fields to update' });
241
+ }
242
+
243
+ const trimmed = (phone || '').trim().slice(0, 20);
244
+ if (trimmed && !/^[+]?[\d\s()-]{7,20}$/.test(trimmed)) {
245
+ return res.status(400).json({ error: 'Invalid phone format' });
246
+ }
247
+
248
+ await db.execute({ sql: 'UPDATE users SET phone = ? WHERE id = ?', args: [trimmed || null, userId] });
249
+
250
+ const updated = await userDb.getUserById(userId);
251
+ res.json({
252
+ success: true,
253
+ user: { phone: updated?.phone || null }
254
+ });
255
+ } catch (error) {
256
+ res.status(500).json({ error: 'Failed to update profile' });
257
+ }
258
+ });
259
+
257
260
  // Logout — clear the session cookie
258
261
  router.post('/logout', authenticateToken, (req, res) => {
259
262
  clearSessionCookie(res);